Last Call Review of draft-ietf-tram-stun-origin-05
review-ietf-tram-stun-origin-05-genart-lc-black-2015-03-21-00
| Request | Review of | draft-ietf-tram-stun-origin |
|---|---|---|
| Requested revision | No specific revision (document currently at 06) | |
| Type | Last Call Review | |
| Team | General Area Review Team (Gen-ART) (genart) | |
| Deadline | 2015-03-17 | |
| Requested | 2015-03-04 | |
| Authors | Alan Johnston , Justin Uberti , John Yoakum , Kundan Singh | |
| I-D last updated | 2015-03-21 | |
| Completed reviews |
Genart Last Call review of -05
by David L. Black
(diff)
Secdir Last Call review of -05 by Tero Kivinen (diff) Opsdir Last Call review of -05 by Tim Chown (diff) |
|
| Assignment | Reviewer | David L. Black |
| State | Completed | |
| Request | Last Call review on draft-ietf-tram-stun-origin by General Area Review Team (Gen-ART) Assigned | |
| Reviewed revision | 05 (document currently at 06) | |
| Result | Ready w/issues | |
| Completed | 2015-03-21 |
review-ietf-tram-stun-origin-05-genart-lc-black-2015-03-21-00
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at < http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. Document: draft-ietf-tram-stun-origin-05 Reviewer: David L. Black Review Date: March 20, 2015 IETF LC End Date: March 17, 2015 Summary: This draft is on the right track, but has open issues described in the review. This draft describes the addition of a web origin attribute to STUN and usage of that attribute in several protocol contexts. The draft is well- written and easy to read. I found one minor issue which may be editorial. Major issues: None. Minor issues: Section 2.7 discusses use of multiple STUN origins with Web RTC and concludes by imposing a "MUST" requirement on use of multiple STUN origins with HTTP in general (use first origin, ignore others). While Web RTC may be the predominant or only current use of STUN and TURN with HTTP, this "MUST" could foreclose the use of STUN origins with other uses of HTTP. I'm not sure what those possible future uses might be, but at a minimum this draft ought to more tightly scope its discussion of use of STUN origins with HTTP to limit that usage to Web RTC. If there's a good way for a STUN or TURN server to detect Web RTC usage, requiring STUN and TURN servers to look for Web RTC as the use of HTTP, and only impose this "MUST" requirement if Web RTC is detected would better align that requirement with the discussion in this draft. Nits/editorial comments: idnits 2.13.01 turned up a reference problem: == Unused Reference: 'RFC7350' is defined on line 490, but no explicit reference was found in the text That RFC should be cited somewhere. In addition, there are no RFCs cited or referenced for TLS and DTLS - they should be added (I believe that RFC 5246 and RFC 6347 are appropriate, respectively). Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 david.black at emc.com Mobile: +1 (978) 394-7754 ----------------------------------------------------