Hi,
I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.
These comments were written primarily for the benefit of the security area
directors. Document editors and WG chairs should treat these comments just
like any other last call comments.
The document seems to have limited scope. It defines an extension via which a
user can ask another user to send a request to a third party. The opening
statement in the document does not convince me this is a generically useful
extension comparing with leaving such facility application specific. The text
does not tell me what motivates the second user to comply with the
multiple-refer extension, or why the first user does not want to send the
command directly given it knows the list of recipients. My guess is that the
second user either has more information or have more resources (that the first
user would believe) but the document does not explain that.
I am rather uncomfortable with the security aspects of this extension. The
security considerations section in the current document looks like boilerplate
and I suspect there are plenty of security issues to consider. For example, it
would be helpful if it can go though all possible SIP commands that could be
used in the multiple-refer method and illustrate what kinds of authorization
should be checked, and discuss the implications for the second user if the
later chooses to comply.
Thanks,
--larry
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf