Draft:  draft-ietf-rddp-security-08.txt
Reviewer: Joel M. Halpern [joel@stevecrocker.com]
Review Date: Friday 4/21/2006 8:10 PM
IETF LC Date: 4/19/2006

Summary: Ready with nits

(This review treats DDP and RDMAP as given, and do not comment 
directly on those protocols.)

   Given the nature of RDDP, this document is a very good idea. I 
am glad to see it.

   This review does not check the completeness of the security 
coverage.  However, as a lay reader I am quite impressed.

   The document is ready for publication as an Informational RFC, 
and probably ready as a Proposed Standard.
    
   Personally, I would put the one IPSec requirement into the main 
document, and consider the rest of the material to be in the category 
of good advice.  This is driven by the fact that the actual advice is 
somewhere between difficult and impossible to observe on the wire.

   minor point:  The last sentence of the introduction reads:

   If all recommended mitigations are in place the implemented usage
models, the RDMAP/DDP protocol can be shown to not expose any new
security vulnerabilities.

   Aside from the linguistic oddity of this sentence, it is unclear 
what state is being compared.  I.e., compared with what condition is 
there an absence of new security vulnerabilities.   (Presumably some 
state other than "not communicating".)  There are scattered other odd 
English usages.

    minor: In section 2.3.2, in describing three mechanisms, the text 
refers to one mechanism (X) and one mechanism (Y and Z).  It should 
refer to two mechanisms (Y and Z).

     IDNits reports some references missing and some unused.