Last Call Review of draft-ietf-mmusic-data-channel-sdpneg-24

Request Review of draft-ietf-mmusic-data-channel-sdpneg
Requested rev. no specific revision (document currently at 28)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2019-03-18
Requested 2019-03-04
Authors Keith Drage, Maridi Makaraju, Richard Ejzak, Jerome Marcon, Roni Even
Draft last updated 2019-03-14
Completed reviews Tsvart Last Call review of -24 by Michael Tüxen (diff)
Secdir Last Call review of -24 by Steve Hanna (diff)
Genart Telechat review of -25 by Linda Dunbar (diff)
Assignment Reviewer Steve Hanna 
State Completed Snapshot
Review review-ietf-mmusic-data-channel-sdpneg-24-secdir-lc-hanna-2019-03-14
Reviewed rev. 24 (document currently at 28)
Review result Has Nits
Review completed: 2019-03-14


Review result: Ready with nits
Reviewer: Steve Hanna

I reviewed this document as part of the Security Directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the Security Area
Directors.  Document authors, document editors, and WG chairs should
treat these comments just like any other IETF Last Call comments.

This document specifies how the SDP (Session Description Protocol)
offer/answer exchange can be used to achieve an out-of-band non-DCEP
negotiation for establishing a data channel.

Major Concerns:


Minor Concerns:

The last sentence in the Security Considerations section says:

   Error cases like the use of unknown parameter values or violation the
   odd/even rule must be handled by closing the corresponding Data

I suspect that the "must" in this sentence should be "MUST". Nothing else in
the document seems to state this requirement but it does seem necessary.


This document has many small English language errors.  For example, the
first paragraph of the Introduction has three things that need to be
- s/a bi-directional data channels/bi-directional data channels/
- s/prtocols/protocols/
- s/an endpoint applications/endpoint applications/

Please enlist a native English speaker as a proofreader.