Hi Arun
Those changes look good to me.
Thanks
Stewart
On 04/01/2017 17:53, Arun Arunachalam (carunach) wrote:
Hi Stewart,
Thanks for taking the time to review !
Please see inline and let us know your input.
On Jan 3, 2017, at 10:11 AM, Stewart Bryant
<stewart(_dot_)bryant(_at_)gmail(_dot_)com> wrote:
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please treat these comments just
like any other last call comments.
For more information, please see the FAQ at
<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
Document: draft-ietf-insipid-logme-reqs-11
Reviewer: Stewart Bryant
Review Date: 2017-01-03
IETF LC End Date: 2017-01-13
IESG Telechat date: unknown
Summary: Ready with minor issue
This is a well written document that describes a useful feature in
its intended purpose. However I could not help but think that it has
an inevitable alternate use in the observation of users. There is
guidance on how to prevent this, but that seems easily ignored. Thus
the guidance from Security Area review will be of particular importance.
Major issues:
None.
Minor issues:
6.1. Trust Domain
Since a "log me" marker may cause a SIP entity to log the SIP header
and body of a request or response, the "log me" marker SHOULD be
removed at a trust domain boundary.
SB> I am not convinced that SHOULD is strong enough given that the traffic
SB> is leaving the trust domain.
We can change from SHOULD to MUST.
Nits/editorial comments:
3.1. Network Boundary
Figure 2 shows a network boundary between GW-A1
in operator A's network and the SBC in operator B's network. A
SB> SBC needs expanding on first use.
We will change it to “…and the Session Border Controller (SBC)…”.
===================
[RFC5853] gives examples of manipulating signaling to prevent the
sending network passing on sensitive information, for example
topology hiding, or the receiving network protecting itself from
signaling that is not under its control, for example protocol repair.
SB> The last sentence does not scan well.
We can rewrite this paragraph as follows:
Topology hiding and protocol repair (see [RFC5853]) are two common
functions that manipulate signaling at the network boundary. These
functions are performed by SIP device types (see [RFC7092]) such as
Session Border Controller and Interconnection Border Control Function
(IBCF).
===================
o REQ9: The "log me" marker mechanism SHOULD allow a SIP
intermediary to request logging SIP requests and responses on
behalf of the originating endpoint. The typical use case for this
requirement is for compatibility with UAs that have not
SB> UA needs expanding on first use.
We will change it to “….with User Agents (UA) that have not …"
Thanks!
Arun
_______________________________________________
insipid mailing list
insipid(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/insipid