Telechat Review of draft-ietf-sipcore-digest-scheme-10
review-ietf-sipcore-digest-scheme-10-genart-telechat-even-2019-10-22-00
Request | Review of | draft-ietf-sipcore-digest-scheme |
---|---|---|
Requested revision | No specific revision (document currently at 15) | |
Type | Telechat Review | |
Team | General Area Review Team (Gen-ART) (genart) | |
Deadline | 2019-10-29 | |
Requested | 2019-10-14 | |
Authors | Rifaat Shekh-Yusef | |
I-D last updated | 2019-10-22 | |
Completed reviews |
Secdir Last Call review of -08
by David Mandelberg
(diff)
Genart Telechat review of -10 by Roni Even (diff) Opsdir Telechat review of -10 by Al Morton (diff) |
|
Assignment | Reviewer | Roni Even |
State | Completed | |
Request | Telechat review on draft-ietf-sipcore-digest-scheme by General Area Review Team (Gen-ART) Assigned | |
Posted at | https://mailarchive.ietf.org/arch/msg/gen-art/oC0ciY0ekkuXwy5kkwpJZQztcOs | |
Reviewed revision | 10 (document currently at 15) | |
Result | Almost ready | |
Completed | 2019-10-22 |
review-ietf-sipcore-digest-scheme-10-genart-telechat-even-2019-10-22-00
I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please wait for direction from your document shepherd or AD before posting a new version of the draft. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-sipcore-digest-scheme-?? Reviewer: Roni Even Review Date: 2019-10-22 IETF LC End Date: None IESG Telechat date: 2019-10-31 Summary: The document is almost ready for publication as a standard track RFC Major issues: Minor issues: 1. In section 2.4 " If the UAC cannot respond to any of the challenges in the response, then it SHOULD abandon attempts to send the request, e.g. if the UAC does not have credentials or has stale credentials for any of the realms, unless a local policy dictates otherwise." Yet RFC3261 section 22.2 " If no credentials for a realm can be located, UACs MAY attempt to retry the request with a username of "anonymous" and no password (a password of ""). Is this deprecated ? 2. RFC3261 algorithm includes "MD5-sess" while section 2.6 removed it 3. it may be good to have a backward compatibility section. Nits/editorial comments: