Hello,




 




I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area
 directors.  Document editors and WG chairs should treat these comments just like any other last call comments.




 




 




This document defines a mechanism for securely identifying originators of SIP requests. It does so by defining a SIP header field for conveying a signature used for validating the identity, and for conveying a reference
 to the credentials of the signer.




 




 




In general, this draft is the update of previous RFC4474 with some improvements like: better support of telephone numbers as identifiers, reducing the material scope of the Identity signature to those not changed by the
 intermediaries, replacing previous signed-identity-digest format with PASSporT (signing algorithms now defined in a separate specification) and so on. This draft already includes a very comprehensive and detailed consideration about privacy and security threats,
 I have no more security issues in addition to them.




 




 




Summary: this document appears in reasonably good shape, and is written well. I think it is ready.




 




 




Thanks!




 




B.R.




Frank