Last Call Review of draft-ietf-perc-private-media-framework-08
review-ietf-perc-private-media-framework-08-genart-lc-dunbar-2019-02-08-00
Request | Review of | draft-ietf-perc-private-media-framework |
---|---|---|
Requested revision | No specific revision (document currently at 12) | |
Type | Last Call Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2019-02-13 | |
Requested | 2019-01-30 | |
Authors | Paul Jones , David Benham , Christian Groves | |
I-D last updated | 2019-02-08 | |
Completed reviews |
Secdir Last Call review of -08
by Vincent Roca
(diff)
Genart Last Call review of -08 by Linda Dunbar (diff) Tsvart Last Call review of -08 by Gorry Fairhurst (diff) Secdir Telechat review of -10 by Vincent Roca (diff) Genart Telechat review of -09 by Linda Dunbar (diff) |
|
Assignment | Reviewer | Linda Dunbar |
State | Completed | |
Request | Last Call review on draft-ietf-perc-private-media-framework by General Area Review Team (Gen-ART) Assigned | |
Reviewed revision | 08 (document currently at 12) | |
Result | Not ready | |
Completed | 2019-02-08 |
review-ietf-perc-private-media-framework-08-genart-lc-dunbar-2019-02-08-00
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-perc-private-media-framework-?? Reviewer: Linda Dunbar Review Date: 2019-02-08 IETF LC End Date: 2019-02-13 IESG Telechat date: Not scheduled for a telechat Summary: This document describes a solution framework for ensuring that media confidentiality and integrity are maintained end-to-end. Major issues: The SRTP Master Key described in Section 6.4 is not listed in the Figure 4 Key Inventory. What is the relationship between the KEK listed in the Figure 4 Key Inventory and the SRTP Master Key? Section 6.3 talks about Key distributor sending KEK to endpoints. Is it via untrusted network? how to prevent the KEK from leaking to other points? Is KEK same as EKT Key? if yes, why use two names? it is confusing. Section 5: the first paragraph says that the "Key requirements are that endpoint can verify it is connected to the correct Key Distributor..", But How? can you include a reference to the method? Minor issues: Nits/editorial comments: Section 3.2.2: is it a typo? extra "to" in the following sentence? "...is necessary to for proper conference-to-endpoint mappings." Best Regards, Linda