Last Call Review of draft-ietf-sipcore-199-

Request Review of draft-ietf-sipcore-199
Requested rev. no specific revision (document currently at 06)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-02-02
Requested 2010-01-14
Draft last updated 2010-02-02
Completed reviews Secdir Last Call review of -?? by Samuel Weiler
Secdir Telechat review of -?? by Samuel Weiler
Assignment Reviewer Samuel Weiler
State Completed
Review review-ietf-sipcore-199-secdir-lc-weiler-2010-02-02
Review completed: 2010-02-02


I have reviewed this document as part of the security directorate's 

ongoing effort to review all IETF documents being processed by the 

IESG.  Document editors and WG chairs should treat these comments just 

like any other last call comments.

This defines an intermediate "we're done" response, allowing parties
to tear down some state, while still requiring a final response.

The obvious risk (forging these, just like forging a TCP reset) is

Even though the point of the 199 response is to allow early resource
release, I notice that some state is still being maintained for these
sessions.  It might be worth explicitly reminding readers of when they
can timeout (is there a timeout specified somewhere?).

I'm also a little worried about the implications of one party or
another trying to continue the dialog, perhaps maliciously, after
sending or receiving one of these.  What if one of these were used to
disable a monitoring or billing system, but the parties continued to
use the open session?  (Compare to sending a weak C-tone on a
wiretapped PSTN line.)


Please expand the acronyms in the abstract.  (The id-nits checklist
says the abstract "Should be meaningful to someone not versed in the
technology; most abbreviations must be expanded on first use.")

-- Sam