Draft:  draft-ietf-sipping-session-policy-framework-01
Reviewer: Shida Schubert
Review Date: 28 Aug 06
Review Deadline: 25 Aug 06
Status: Initial review 

Summary: This draft is almost ready for publication, but needs some
clarifications and has nits that should be fixed before publication.

The requested clarifications are listed:

 Section 1. 
  - 4th paragraph, 3rd sentence mentions a user-interaction 
for providing consent on the policy provided by the policy server 
but there is no mentioning of this in section 4.x. Did you 
mean user or UA here? I think this needs to be clarified.

 Section 4.4.1
  Last sentence in the 4th paragraph, defines a normative 
behavior for UAC where UAC SHOULD NOT change the order of 
policy servers

Section 4.4.2 
 - 2nd paragraph, last sentence: I think when non-cachable 
is appended after the URI, recipient(UAC) is only supposed to 
remove the URI from the cache that has the same value as the 
one received with the "non-cacheable". If that's true, the last 
sentence should say the following.

OLD:
It SHOULD remove the current URI from the cache
   when receiving a "non-cacheable" URI.

NEW:
It SHOULD not store the URI in the cache when 
receiving a "non-cacheable" URI and SHOULD remove 
the URI if it was already cached.

Section 4.4.2
 - 3rd paragraph and 4th paragraph contradicts one 
another. 4th paragraph mentions that UAC SHOULD store 
the list of policy server's URI it contacted but 
3rd paragraph states that UAC SHOULD only cache URI 
for the local policy server. I think some coherence 
is needed between the paragraph.

Section 4.4.4
 - There is no normative behavior for Policy server 
when UAS is inquiring for the policy. I think if there 
is nothing for policy server to do, then that should be 
stated as well.


Editorial nits:
--------------------------
Section 1:
 - 6th paragraph, last sentence: I would suggest the 
following changes to clarify that session-independent 
policy does change.

OLD:
 Since these policies are not based on a specific session 
description, they can be created independent of an attempt to 
set up a session and only need to be conveyed to the user 
agent once (e.g. at the time the device is powered on). 

NEW:
 Since these policies are not based on a specific session 
description, they can be created independent of an attempt to 
set up a session and only need to be conveyed to the user 
agent once (e.g. at the time the device is powered on) until 
relevant policies change

Section 4.2:
 - 1st paragraph, 4th sentence to the end of 2nd paragraph 
explains the benefit of separate channel over piggy back model, 
but do we still need this in the draft? I personally think this 
can be removed. May be you can note the decision that was made 
in the change-log.

Section 4.4.1
 - 2nd paragrah, last sentence: I would suggest the 
following changes to clarify that request reflecting the 
policies are to be sent to the same proxy where original 
request was sent. Also behavior of UAC when no policies 
were provided should be mentioned as well.

OLD: 
 The UAC SHOULD apply the policies received and resend
 the updated request.

NEW:
 The UAC SHOULD apply the policies received and resend 
the updated request to the same proxy it sent the original 
request. If no policies were received it SHOULD resend the 
request without changing its session parameters to the 
same proxy it sent the original request.