Document: draft-ietf-xcon-conference-scenarios-05 Reviewer: Dondeti, Lakshminath [ldondeti@qualcomm.com] Review Date: Wednesday 10/12/2005 10:43 PM CST Telechat Date: Thursday 10/13/2005 Summary: Draft title: Conferencing scenarios draft-ietf-xcon-conference-scenarios-05 Summary: Security considerations section might need a more detailed coverage of the security issues related to the various scenarios listed in the document. Russ has some notes along these lines, but I will go one step further. I think this document should explore the security issues with the various scenarios listed. Within the text, in some places there are references to "authorized participants" who can create a side bar, whereas in other places there are references to "a participant" who can authenticate and authorize other users. "Authorized participant" sounds better. Also, there are no notes in the security considerations along these lines. Consider for instance the following rule: The Conference manager can delegate group membership management authority to other participants. An authorized participant can allow other participants to join after verifying their authenticity, and authorization to join the group. The conference manager may restrict that a delegate cannot allow other participants to remain in the group longer than the delegate itself. The GSAKMP protocol developed in MSEC has some notes on how this might work in secure groups. Some additional things to consider are as follows. The conference manager can control access to the group by using various group key management techniques. For details see [RFC4046]. The group security policy work and the source authentication techniques being specified in MSEC might also be relevant. (Conference mixing is not a scenario considered in MSEC, so applicability may be somewhat limited) Before I go into more details, I would like to hear from the authors and/or the chairs whether these considerations are covered by other XCON I-Ds. Or perhaps these don't matter (I think they do). thanks and regards, Lakshminath