Last Call Review of draft-ietf-sipcore-keep-

Request Review of draft-ietf-sipcore-keep
Requested rev. no specific revision (document currently at 12)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2011-01-05
Requested 2010-12-16
Authors Christer Holmberg
Draft last updated 2011-01-04
Completed reviews Secdir Last Call review of -?? by Jürgen Schönwälder
Assignment Reviewer Jürgen Schönwälder 
State Completed
Review review-ietf-sipcore-keep-secdir-lc-schoenwaelder-2011-01-04
Review completed: 2011-01-04


I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG.  These comments were written primarily for the benefit of the
security area directors.  Document editors and WG chairs should treat
these comments just like any other last call comments.

This document discusses how to negotiate the usage of keep-alive
messages using a new SIP "keep" Via header field. The document appears
to be well worked out and the security considerations seem to be
adequate. I spotted to mostly editorial nits in the security

a) [...]  This specification does not specify a connection
   reuse mechanism, and it does it address security issues related to
   connection reuse.  [...]

   s/it does it/it does not/

b) [...]  They do not instruct the enity to
   place a value in a "keep" parameter of any request it forwards.  [...]



Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <