Last Call Review of draft-ietf-perc-private-media-framework-08
review-ietf-perc-private-media-framework-08-genart-lc-dunbar-2019-02-08-00

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-perc-private-media-framework-??
Reviewer: Linda Dunbar
Review Date: 2019-02-08
IETF LC End Date: 2019-02-13
IESG Telechat date: Not scheduled for a telechat

Summary:
This document describes a solution framework for ensuring that media
confidentiality and integrity are maintained end-to-end.

Major issues:
 The SRTP Master Key described in Section 6.4 is not listed in the Figure 4 Key
 Inventory. What is the relationship between the KEK listed in the Figure 4 Key
 Inventory and the SRTP Master Key?

Section 6.3 talks about Key distributor sending KEK to endpoints.  Is it via
untrusted network?  how to prevent the KEK from leaking to other points?
 Is KEK same as EKT Key? if yes, why use two names? it is confusing.

Section 5: the first paragraph says that the "Key requirements are that
endpoint can verify it is connected to the correct Key Distributor..", But How?
can you include a reference to the method?

Minor issues:

Nits/editorial comments:
Section 3.2.2: is it a typo? extra "to" in the following sentence?
"...is necessary to for proper conference-to-endpoint mappings."

Best Regards,

Linda