Last Call Review of draft-ietf-xmpp-3921bis-
review-ietf-xmpp-3921bis-secdir-lc-barnes-2010-10-29-00

Request Review of draft-ietf-xmpp-3921bis
Requested rev. no specific revision (document currently at 20)
Type Last Call Review
Team Security Area Directorate (secdir)
Deadline 2010-10-21
Requested 2010-10-07
Authors Peter Saint-Andre
Draft last updated 2010-10-29
Completed reviews Secdir Last Call review of -?? by Richard Barnes
Assignment Reviewer Richard Barnes
State Completed
Review review-ietf-xmpp-3921bis-secdir-lc-barnes-2010-10-29
Review completed: 2010-10-29

Review
review-ietf-xmpp-3921bis-secdir-lc-barnes-2010-10-29

I have reviewed this document as part of the security directorate's 


ongoing effort to review all IETF documents being processed by the IESG. 


 These comments were written primarily for the benefit of the security 


area directors.  Document editors and WG chairs should treat these 


comments just like any other last call comments.






This document describes an instant-messaging and presence system based 


on the core system of exchanging XML stanzas described in RFC 3920 and 


draft-ietf-xmpp-3920bis.  As the document rightly notes, the underlying 


transport protocol addresses most of the security considerations for 


this document, and that document seems to have a thorough discussion of 


security considerations (although I have not done a thorough review). In 


general, I think that the security considerations in this document 


adequately describe the additional risks posed by the instant-messaging- 


and presence-specific parts of the protocol (beyond those of the base 


protocol), and corresponding mitigations.






One thing that might merit clarification: The overriding 


application-layer security concern here is the proper routing of 


presence and instant messaging stanzas through the XMPP system. 


(Underlying communications security concerns are addressed by the core 


spec.)  For the most part, these concerns with requirements on servers 


to act in certain ways on behalf of the user.  It could be helpful to 


the reader to re-state some of the communications patterns from Section 


13.1 of draft-ietf-xmpp-3920bis and comment on the particular roles that 


the entities play in the context of instant messaging and presence 


(e.g., routing unicast <message> stanzas, fan-out of broadcast presence 


messages).




--Richard