Re: [alto] Roman Danyliw's Discuss on draft-ietf-alto-new-transport-17: (with DISCUSS and COMMENT)
mohamed.boucadair@orange.com Thu, 07 December 2023 08:18 UTC
Return-Path: <mohamed.boucadair@orange.com>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3432C09036E; Thu, 7 Dec 2023 00:18:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=orange.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SiCX1F9UcyOH; Thu, 7 Dec 2023 00:18:21 -0800 (PST)
Received: from smtp-out.orange.com (smtp-out.orange.com [80.12.126.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D572C09036B; Thu, 7 Dec 2023 00:18:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=orange.com; i=@orange.com; q=dns/txt; s=orange002; t=1701937101; x=1733473101; h=to:cc:subject:date:message-id:references:in-reply-to: mime-version:content-transfer-encoding:from; bh=CJZqkbJcAWuxqN2Opci+3lBjCWJ4gog+WBaeKUx6ug0=; b=KRVQzkAA/6K7HDwZDoNu/NqIkoUiJkr9+6fwyS022s5r6inYTi1fr44O 6PAlrHlggS8/DpJAB75mMqSSHqkR2XaUiyW6GORanJO91P28eMBoW5OYh AAtKKW3IFUn/XnHUO+r6EphzWwh3DqSRj06riRKV4G0etBaXEYQveoR5U dYAfhy8RFrxkNhkZ3HFiH6qH86VU3apER2wg4fZF2Ccy/fxrTa67ZIbZB IJ1yMTsLP/Lu7gLNgyyTQQ8g1XKBAEO1g6NHsFHC4rcwuM+5sPBBD567i ptBVRVBfFGrHF2IbaLUck16j5jE8Zxp3fFfaDsEoQ8X1UHLvex5GQh+7u A==;
Received: from unknown (HELO opfedv3rlp0e.nor.fr.ftgroup) ([x.x.x.x]) by smtp-out.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Dec 2023 09:18:19 +0100
Received: from unknown (HELO opzinddimail8.si.fr.intraorange) ([x.x.x.x]) by opfedv3rlp0e.nor.fr.ftgroup with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Dec 2023 09:18:18 +0100
Received: from opzinddimail8.si.fr.intraorange (unknown [127.0.0.1]) by DDEI (Postfix) with ESMTP id 23D8D76A235; Thu, 7 Dec 2023 09:18:18 +0100 (CET)
Received: from opzinddimail8.si.fr.intraorange (unknown [127.0.0.1]) by DDEI (Postfix) with ESMTP id DA1B976A230; Thu, 7 Dec 2023 09:18:17 +0100 (CET)
Received: from smtp-out365.orange.com (unknown [x.x.x.x]) by opzinddimail8.si.fr.intraorange (Postfix) with ESMTPS; Thu, 7 Dec 2023 09:18:17 +0100 (CET)
Received: from mail-vi1eur04lp2050.outbound.protection.outlook.com (HELO EUR04-VI1-obe.outbound.protection.outlook.com) ([104.47.14.50]) by smtp-out365.orange.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Dec 2023 09:18:17 +0100
Received: from DU2PR02MB10160.eurprd02.prod.outlook.com (2603:10a6:10:49b::6) by DB9PR02MB7130.eurprd02.prod.outlook.com (2603:10a6:10:220::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7068.26; Thu, 7 Dec 2023 08:18:15 +0000
Received: from DU2PR02MB10160.eurprd02.prod.outlook.com ([fe80::27b4:adc2:3e72:3702]) by DU2PR02MB10160.eurprd02.prod.outlook.com ([fe80::27b4:adc2:3e72:3702%4]) with mapi id 15.20.7068.025; Thu, 7 Dec 2023 08:18:15 +0000
From: mohamed.boucadair@orange.com
X-TM-AS-ERS: 10.218.35.131-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-DDEI-TLS-USAGE: Used
Authentication-Results: smtp-out365.orange.com; dkim=none (message not signed) header.i=none; spf=Fail smtp.mailfrom=mohamed.boucadair@orange.com; spf=Pass smtp.helo=postmaster@EUR04-VI1-obe.outbound.protection.outlook.com
Received-SPF: Fail (smtp-in365b.orange.com: domain of mohamed.boucadair@orange.com does not designate 104.47.14.50 as permitted sender) identity=mailfrom; client-ip=104.47.14.50; receiver=smtp-in365b.orange.com; envelope-from="mohamed.boucadair@orange.com"; x-sender="mohamed.boucadair@orange.com"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 include:spfa.orange.com include:spfb.orange.com include:spfc.orange.com include:spfd.orange.com include:spfe.orange.com include:spff.orange.com include:spf6a.orange.com include:spffed-ip.orange.com include:spffed-mm.orange.com -all"
Received-SPF: Pass (smtp-in365b.orange.com: domain of postmaster@EUR04-VI1-obe.outbound.protection.outlook.com designates 104.47.14.50 as permitted sender) identity=helo; client-ip=104.47.14.50; receiver=smtp-in365b.orange.com; envelope-from="mohamed.boucadair@orange.com"; x-sender="postmaster@EUR04-VI1-obe.outbound.protection.outlook.com"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/14 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/50 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all"
IronPort-Data: A9a23:A73hv63AUU7k9CFksfbD5eZ2kn2cJEfYwER7XKvMYLTBsI5bp2MGz zRJXGvVPKzeajf1c4siYIvl/UNQv5Dcm9A1GlA5qSg9HnlHl5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkjk7xdOKn9BGQ7InQLpLkEunIJyttcgFtTSYlmHpLlvUw6mJSqYDR7zil5 5Wq/6UzBHf/g2QvazhMtPrawP9SlK+aVA0w7wVWic9j7Ae2e0k9VPo3Oay3Jn3kdYhYdsbSq zHrlezREsvxpn/BO/v9+lrJWhRiro36ZGBivkFrt52K2XCukMCQPpETb5LwYW8P49mAcksYJ N9l7fRcQi9xVkHAdXh0vxRwS0lD0aN6FLDvM32hiu+z7Ez8T1zv5e5JDkQUZaoc5bMiaY1O3 aRwxDElQy25377z/pPiD+5mi4IkMdXhO54Ztjd41zbFAP06QJfFBaLX+dtf2zR2jcdLdRrcT 5NBNXwzM1KZP1sSYj/7C7pm9Ausrnz4czRdpV7Tr60q6GHfxQ1r+L/3Odzad5qBQsA9ckOw/ zOarzSpU0By2Nq32Se0z1GNmNf1x3nbV6scNeGD1/UwnwjGroAUIEZNDwfkyRWjsWakV953I EEO5mwpt6da3E2mVdbVXhCkrjiDpBF0c9NUD+p/4wGEy7DPyweUGmZCSSROAPQqrsY4WXkr2 0OH2trtGTsqtrCKDG6H/7GPtTSoJQAUIHMMIygeQmMt6t3/p6kygw7BCNF5H8adjdT0Fjj36 yuBsW4zi6hVhshj6kmg1VXOgjbpuJmQQxMvvlnTRjj9s1s/Y5O5bYu171Sd9exHMIuSUliGu j4DhtSa6+cNS5qKkURhXdnhApm74ui+Ex3/gGRTOJoH7BOv/lz7WoRPtWQWyFhSDu4IfjrgY Un2sAxX5YNOMHbCUUORS9PpYyjN5fm4fekJRszpgsxyjo9ZXTPvwc2DTUuZ3mSojkl1nLwlY cufaZz0UC5cDrl7xj2rQetbyaUs2i012WLUQ9b80gij1r2dInWSTN/p0WdijMhotctoQy2Mq L6z0vdmLT0ACYUShQGIqeYuwagidyRTOHwPg5U/mhS/CgRnAno9LPTa3KksfYdo94wMyb+Rr iHiBhABmQGu7ZEiFelsQiE6AF8IdccnxU/XwQRwZgj2s5TeSdrxs/tEKsZtFVXZ3Lc/laIvE ZHphPls8twUEW6bpFzxnLH4rYd4cw+six7GNC2/eFACk21IFmT0FivfVlK3rkEmV3Lp3eNn+ uHI/l2BHfIrGV85ZO6IM63H8r9ElSNB8A6EdxCVeoU7lYSF2NQCFhEdeddscpFTc0WZmWXKv +tUaD9BzdTwT0YO2IGhrci5Q02BSoOSwmIy86jnAbeK2e3y01eZmdMFbsfRODfXWSXz5bmoY vhTw7fkKvobkV1Wso16VbF20aY54NiprLhfpuihNGuedEylU9uMPVHftfSjdIUVrlOahedyc kWV899VNPOCP8aN/Js5Ol8+duravR0LsmW60MnZ+HnH2RI=
IronPort-HdrOrdr: A9a23:fTWWLqnoLeKPmj5J+B5VhOEeoEfpDfOUimdD5ihNYBxZY6Wkfp +V8cjzhCWftN9OYhodcIi7SdK9qXO1z/5ICcJ7B8bHYOCUghrTEGgE1/qp/9SAIVy0ygcz79 YGT0ETMrPN5B1B/L7HCWqDYpsdKbu8gcaVbI7lph8AIj2CKZsQljuRYTzrcXGeMTM2YKbRY6 DshPavyQDARV0nKuCAQlUVVenKoNPG0Lj8ZwQdOhIh4A6SyRu19b/TCXGjr1gjegIK5Y1n3X nOkgT/6Knmmeq80AXg22ja6IkTsMf9y+FEGNeHhqEuW3vRY0eTFcVcso+5zXMISdKUmRQXeR 730lId1vFImjPsl6eO0F/QMkfboXETAjTZuCKlaDPY0LDErXQBeoZ8bMtiA2XkA0ZMhqAC7I tbm22erJZZFhXGgWD04MXJTQhjkg6urWMlivN7tQ0obWIyUs4kkWUkxjIjLL4QWCbhrIw3Gu hnC8/RoP5QbFOBdnjc+m1i2salUHg/FgqPBhFqgL3c7xFG2HRii0cIzs0WmXkNsJo7Vplf/u zBdqBljqtHQMMaZb90QO0BXcy0AGrQRg+kChPaHX33UKUcf37doZ/+57s4oOmsZZwT1ZM33I /MVVtJ3FRCDn4Gyff+rqGj3iq9M1lVBw6du/22z6IJyoHBeA==
X-Talos-CUID: 9a23:4gyRpG9y8JYUZeIFX+eVv1wRBPsGUl7c9kv3IGmjLmRsauWyTUDFrQ==
X-Talos-MUID: 9a23:5E9niQgTf11CaP3ZaO6xbcMpJNpZ3oePFng3y88mtOCKFHBLGjzHk2Hi
X-IronPort-AV: E=Sophos;i="6.04,256,1695679200"; d="scan'208";a="19488899"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fKWeL2u2Ujq6PKxNDh20mniVqj+BQwIhIC7HlsXUXbiL8Trxf18lzzZy249i+dlCG4HW1rn7QsfLqV5sxqrDBQRxKsBg0hwWeihAx/+kT/lFge89h2yXk5c8ovPlxRuu2NQcvbHk5nYb0zjBEhLZt77mIfkzpT6xAGgwfn/aZSNsB91IIK9ViHGJkVdvz0PL5lcMr3fts5gE/tRmSbHR5f8FEJesn88eytNd2hZA0l3nkx+E4fS6z/9ODn9lUPAKXX1JIyhscNAyU92ke/Kqzp3qAZtGd7FnY1DyFYA99O6YII0W0LyaECI+eNzSbEeaWMTU80TdkNMjuxJD46unWQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NtNUgv/6CcbClPgjXVepR3mCkAS4Ek2k3xEgyuLVYHg=; b=gq+qyqSNYp4+f+6nZbL006jh0lRwTRzKeLJO2R8ld7B9QvfMrTlZlUa9vEJ5yZKGCb1CLZch+g2O09+qMzwnN7b5CnMtLtauS6lBJSYEk3LHXG8RsA2XojvPdE9htaNZFog8//HTWUKeUxtQXth09kXyI6xBdrJh0lGLjNnPRoXFgcHmFTqSfCOywhrxxGTA5wzanW293mS1qZYSFgGErftVh4i2wzM6RTUnP988srpl4sZwmhTJEs/Ro+jPj0wYnvW+ePJMnkJRRHkBR5+MfZqwq1utXGUGC11UZQC6qVuF+O9xHAfNSsJlwHV37XimZSnOShYvIdA75TGJaJTXTg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=orange.com; dmarc=pass action=none header.from=orange.com; dkim=pass header.d=orange.com; arc=none
To: Roman Danyliw <rdd@cert.org>
CC: The IESG <iesg@ietf.org>, "alto-chairs@ietf.org" <alto-chairs@ietf.org>, "draft-ietf-alto-new-transport@ietf.org" <draft-ietf-alto-new-transport@ietf.org>, "alto@ietf.org" <alto@ietf.org>, "kaigao@scu.edu.cn" <kaigao@scu.edu.cn>
Thread-Topic: [alto] Roman Danyliw's Discuss on draft-ietf-alto-new-transport-17: (with DISCUSS and COMMENT)
Thread-Index: AQHaCmNGxjSbnotwOEaw/Gms3Xk6srCdtoXw
Content-Class:
Date: Thu, 07 Dec 2023 08:18:15 +0000
Message-ID: <DU2PR02MB101608FAFBB6FBDB7ACCC7AAE888BA@DU2PR02MB10160.eurprd02.prod.outlook.com>
References: <169811524611.9451.4946205247504860406@ietfa.amsl.com> <58627ea3.17d3.18b664417c8.Coremail.kaigao@scu.edu.cn> <2818ed87.2a17.18b7b670077.Coremail.kaigao@scu.edu.cn>
In-Reply-To: <2818ed87.2a17.18b7b670077.Coremail.kaigao@scu.edu.cn>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Enabled=true; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SetDate=2023-12-07T08:17:47Z; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Method=Privileged; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_Name=unrestricted_parent.2; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_SiteId=90c7a20a-f34b-40bf-bc48-b9253b6f5d20; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ActionId=eb89e043-ba96-45c4-979f-f5c1db8c33c0; MSIP_Label_07222825-62ea-40f3-96b5-5375c07996e2_ContentBits=0
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU2PR02MB10160:EE_|DB9PR02MB7130:EE_
x-ms-office365-filtering-correlation-id: c036f335-6643-4a6a-1015-08dbf6fd0fa3
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: GbKknyqtLzxNhJUpcH4fhyFAqhIG48ENtzdYz1AarXQwPU4S3i0YDgXRXpt4ACmWEh8cSqEy36v2pDglFWHjssbFwW1ODTt+5MCD8u2qC6ULsFkZPUz1AEE/d4OCYrto2tCWF6/bTVlvx8QGkUErFYDdoJaXMOVW0X1U2pTu4mueySa+1K4d3WTW74UrPle4+jMaOr7oo0oZ+7rBU/pXcQjlV/tWtzPnNM+40Ol3Ut3jM3CCPZTzL6ndS171i9RDEAzmAVcQrbC8ACS4JxZLnOLUwvebZ+eLRYzBD8KmdNIOC/jI8W3UCwnF08lje3yc1l3qUIYgrniMBXUktp6idUJiEe265HDq+zdW9AM9RaYqEFkEcw2K3YMF6r/Xaxw4C7xZfGhIGfYbAtKvwTmEtFS+seJiWkF8YgIYUdToOsWLodYzQnpwMPIQ7v9CbFfwn+UFWX+D96Kj24DiZIfzY+gXMzlLebRVFK5IsrGdUcLaiJPI5vaBf60r3Wg9A+dvpIJ5wPYVg8RvaUnofqzhbKDjxPuiBUhkAyFzSHRNHtpCo17Nf7FYvn8gmFGXn0gczS2toF+USqkXGIky9cRk+NFrVpQB2YCjYjj6FfyUd1c=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU2PR02MB10160.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(396003)(39860400002)(136003)(366004)(376002)(346002)(230922051799003)(186009)(1800799012)(451199024)(64100799003)(76116006)(55016003)(66556008)(66476007)(4326008)(8676002)(66946007)(478600001)(966005)(8936002)(122000001)(26005)(54906003)(64756008)(6916009)(66446008)(316002)(52536014)(9686003)(45080400002)(7696005)(6506007)(71200400001)(86362001)(5660300002)(38070700009)(2906002)(38100700002)(83380400001)(41300700001)(33656002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: xHWcXjE9E/fihRaSuc/eZXvDvvL4UO1TDfccgbhxgvU9Rl7JNTFpdghDAudMFn60YkfUUWxLmFaOOqxVToYZvx06whGgoP/cNGS8iihAQtyaCX6XJKPx05W3j2tmH0T9V3QFN1S0Sk7QD8DYNCR0vSh/YyeaKkp7mfpV0SeS8SWIkioYryhT2A/mnW1ro5R2TRRkyFN+lznhCXCIG5/Xz/r7JE7R7txRTeHryDHXUyPFersc8D83xWOclFLAgFNKgNhzdIGQ/NN21fWKubq4BITbf8NajUFQ0pRQ9Wt9PRBZ6uENQTCWbHpKmnTbdk2U/qEVsalFIWydvnPEjZhr2Ol9nJpn/D4E8w8NNHlts+2Y1Y14FeDcmu4onmKg1m/Az7F2x+6RrMzdxruzrrXDpw9J76d1anqbabgh4DfSgC+ji3EcdvJ5O827QX8M5jn/4n0IrzG1KD1kS4ebbkIKX8jHH3K8/zpnHH0ED5j5jmTEO1rImDE+bVO0LCLXug+OPXmVjms/tWLoBGk7j4/sD+Cj1Wx/Hmh/e5aDwLACAW1E4FEOCfPB25zLJOV3qw3v4lHl/S9MHkymH+DKtSld9WHFj1O5Qy/OQj2GN2tGfXEriVZSYsnFquC/L84jr/IoXafTt9LkbatqjLfoEn2aflT9FJITjxrwousqzT1i6PGTjqaBWX2KWYyVn5KpRGzY6SRBULhvQLy3lX/aVPaytLuRHOWihI1aDwiIfXq5+7vLt+r6xWfQnnplTBgynD+UPQ8dZ9+AyCp0sbQ0zf7DJw0eBBJyVBLpsgO6nDSBKRk+zU4CzY/mF33td6MhHMUHLA1/PvFnSGZRi3CeGGWxXzeeuHFHAMEMrYL+SmvpwbcOLxYub174vAAz2Mfg39ZEDESH5pAGjhybkjGJdUkiXWKAawSDV1jc0ptMqry+51VjSUKomK/oLrYGmn2IoOM3sI8rukALEG8pJRHbOAHTfX16UYSlfFaP6+VQfG7JCMcNxSZEK1ZxA5X7IK1yj9s59S/xMcJ/6sKG+c5qmmcsLYcPof+MUuj+1UbY1pu1o9TAka5yWOSOefyD9jjGHnxfYMzUfB0c0b4SbG/D2eNcLnCSLG+EY3csguMkfjPwlft8vqdYBTdI2iA8z5aj4g7M/SUy1tJ9AhByV2vThhtizqKEwqC9OLSEwb05rcWq5lv5nQPCkN2M515tiNCKOwgbe2H60XtfBl/PIhZT+mccS6+GmYdYWYLFP/r8dMN7i5r5YlOSavfJ2YqxrKxK7cG95K4bPT4h39g04C20QoLWRVUvQe+RAQIdokRADXc5VRvikNayVXQorcWKxNZ6KYzOOVMefNOr1iwuebhKxlNEmpbu8x0MhZ9kQaXB3B2dY9z2VLqHnjQ3H+4sXUzfGaxmwYJjIEUFlGQ8Kb4cYY5MEEmMT7W3ZnLO9KXPwhiB8fmzPqX5am8t9sv7cjmkIWsCuWwW7klqD+hy9pb6O3htJXZs22a4VnfD1JjLOKKTgGI6tpIUV6QVdpdIiT43e63/6AW91d0NOeClfOPTEII8gqvA0s6uV20GIDUv7Aiej7ls7OMCDO+yMcQR1EfOwYqpnuAV1wEgK+Mw81MNA+hO4g==
Content-Type: text/plain; charset="iso-8859-1"
MIME-Version: 1.0
X-OriginatorOrg: orange.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU2PR02MB10160.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c036f335-6643-4a6a-1015-08dbf6fd0fa3
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Dec 2023 08:18:15.2013 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 90c7a20a-f34b-40bf-bc48-b9253b6f5d20
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 9jgIRng2w/BiqIPHqOQ3Lu/Goxki2u6V91cBGefWkJFUEtboHFdEoeVyGRDGeSmVZgVCnvJDyDu9CbDBOdEp/B1tsxdCoM1yyY0qsI/VeV8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR02MB7130
X-TM-AS-ERS: 10.218.35.131-127.5.254.253
X-TM-AS-SMTP: 1.0 c210cC1vdXQzNjUub3JhbmdlLmNvbQ== bW9oYW1lZC5ib3VjYWRhaXJAb 3JhbmdlLmNvbQ==
X-TMASE-Version: DDEI-5.1-9.0.1002-28042.006
X-TMASE-Result: 10--46.927600-10.000000
X-TMASE-MatchedRID: CxmI61mtwh+ROBVNmXUDuOMAv8MPl5pzEHQQ1mfDW+168VpiQd7QGKou tKL35w99S0b45Tfj4cjK+QFXYp+GtZW/1oAE3Ry6CtzGvPCy/m5gSkbYPaRxGnES2yQqTGUMTU0 nYw36c+Tcv1sBZ/NtL7qTTgHqmFGOBQgs4fLa+ckwYApm54/SZnRtdYJvaoYuvDGpIrQZI9HZGA D5GwW8huFGEYPXtIM8Hyqx1Q6Hw9UXN/vQ2FyJOxd8ENHLtW0z3ttnLVC/czOQ92uzk7A5l1YWG Y8tbKb+jWWhwpKfm/4LjoT7/uyaFSNCFng30qlIIBYc5Hfv4BPzeNk0/4RGB5ToYrkrVbau+Hv2 UJ08906GM6cm519w3SqlsZ7X4XxGyCxFBMsQ7UAdZEkR8Y/mebLNyeOYi+pfOz5+urQ2wrdmeCL E2iu14DORM72Q+WkW5N88eFlUbyNmhFh97sSric36paW7ZnFo/jYKd9VlUo7TuhOdxZoR2HDGuc oP1x/mEFRfkXUcAJmVxHCJQ4dSbr7LNrhabVDxF+qQpCWTUjk7x+Tuf7McDDABh2rVVNejx5eT/ RDGajIdOSx2Ya3yfIkkC+bM0b3Rmv/lCFMzyYKwOmfjQ30zeQgqPpbA7sp1CuSPuSVW5+7ynQxW Ko+F0XlQi+AGQkPa7LPYr4M0eLc86qvoHrhEgBCigDe7z0fslwT0XposETXN/524wIksTNSHnJD q2yhM1QaUQIYsyVT9gC1Rc2JVI6imPM07Al9SutvHF25zoU8iSMnphO25RaQJ1xV9DHX2lIOVA+ gJRdLjtXFLFuP+NQ5cMyia5rZlSSOWVJeuO1DAV+CHstPU+FW962Y8P26cFMkUvzgg/cXkA/7Kq i9JmVdIuMGCFNYpC24oEZ6SpSk+Mqg+CyrtwA==
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
X-TMASE-INERTIA: 0-0;;;;
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/alto/AQDTvM7xHkRxXeAvW9M9YuAFGJ0>
Subject: Re: [alto] Roman Danyliw's Discuss on draft-ietf-alto-new-transport-17: (with DISCUSS and COMMENT)
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Dec 2023 08:18:25 -0000
Hi Roman, This is a nudge to check whether the revised spec and the clarification provided by kai addressed your concerns. For convenience, the changes made since your review can be tracked here: https://author-tools.ietf.org/iddiff?url1=draft-ietf-alto-new-transport-17&url2=draft-ietf-alto-new-transport-21&difftype=--html Thank you Med (Doc Shepherd) > -----Message d'origine----- > De : alto <alto-bounces@ietf.org> De la part de kaigao@scu.edu.cn > Envoyé : dimanche 29 octobre 2023 13:27 > À : Roman Danyliw <rdd@cert.org> > Cc : The IESG <iesg@ietf.org>; alto-chairs@ietf.org; draft-ietf-alto- > new-transport@ietf.org; alto@ietf.org > Objet : Re: [alto] Roman Danyliw's Discuss on draft-ietf-alto-new- > transport-17: (with DISCUSS and COMMENT) > > Hi Roman, > > I hope you are OK with our responses to your DISCUSS points. This is > the follow-up update regarding your comments. > > First, for the comment on Digest authentication, we agree that this is > a fair request as RFC 7285 says Digest authentication is mandatory. An > example using Digest authentication is added in Sec 6.3. > > For the comment on mandating RFC 9325, I am a bit hesitated to do so. > First, this seems a bit repetitive as Section 15.1.2 in RFC 7285 > already says > > "Software engineers developing and service providers deploying ALTO > should make themselves familiar with possibly updated standards > documents as well as up-to-date Best Current Practices on > configuring > HTTP over TLS." > > Second, RFC 9325 seems to be applicable to any protocol building on > top of TLS, not specific to ALTO. It is also applicable to any > extension to ALTO. It feels a bit weird to add something that is > broader than the scope of the extension specified in the document, > especially when it does not require specific attentions to the TLS > layer. > > We could certainly add a sentence saying that developers of this > extensions should follow RFC 9325 if you think this is really > important. Otherwise we intend to not include the discussion on TLS. > > Best, > Kai > > > -----Original Messages----- > > From: kaigao@scu.edu.cn > > Send time:Wednesday, 10/25/2023 17:57:00 > > To: "Roman Danyliw" <rdd@cert.org> > > Cc: "The IESG" <iesg@ietf.org>, alto-chairs@ietf.org, > > draft-ietf-alto-new-transport@ietf.org, alto@ietf.org > > Subject: Re: [alto] Roman Danyliw's Discuss on > > draft-ietf-alto-new-transport-17: (with DISCUSS and COMMENT) > > > > Hi Roman, > > > > Thanks for the review. Please see inline. > > > > Best, > > Kai > > > > > > > -----Original Messages----- > > > From: "Roman Danyliw via Datatracker" <noreply@ietf.org> Send > > > time:Tuesday, 10/24/2023 10:40:46 > > > To: "The IESG" <iesg@ietf.org> > > > Cc: alto-chairs@ietf.org, draft-ietf-alto-new-transport@ietf.org, > > > alto@ietf.org > > > Subject: [alto] Roman Danyliw's Discuss on > > > draft-ietf-alto-new-transport-17: (with DISCUSS and COMMENT) > > > > > > Roman Danyliw has entered the following ballot position for > > > draft-ietf-alto-new-transport-17: Discuss > > > > > > When responding, please keep the subject line intact and reply to > > > all email addresses included in the To and CC lines. (Feel free to > > > cut this introductory paragraph, however.) > > > > > > > > > Please refer to > > > > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fww > > > w.ietf.org%2Fabout%2Fgroups%2Fiesg%2Fstatements%2Fhandling-ballot- > po > > > > sitions%2F&data=05%7C01%7Cmohamed.boucadair%40orange.com%7Cb767734f0 > > > > 9704481993708dbd87a6810%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7 > > > > C638341792466819799%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQ > > > > IjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mqO > > > DvELZY%2BRRd%2BP5DXCADt80aHoBoZ4mMHrxf8sspPw%3D&reserved=0 > > > for more information about how to handle DISCUSS and COMMENT > positions. > > > > > > > > > The document, along with other ballot positions, can be found > here: > > > > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fda > > > tatracker.ietf.org%2Fdoc%2Fdraft-ietf-alto-new- > transport%2F&data=05% > > > > 7C01%7Cmohamed.boucadair%40orange.com%7Cb767734f09704481993708dbd87a > > > > 6810%7C90c7a20af34b40bfbc48b9253b6f5d20%7C0%7C0%7C638341792466819799 > > > > %7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI > > > > 6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=0w%2FEszcA1tbg0DdXEVs6 > > > unVMO8OD19xLN%2BZLJtDQCyA%3D&reserved=0 > > > > > > > > > > > > ------------------------------------------------------------------ > -- > > > -- > > > DISCUSS: > > > ------------------------------------------------------------------ > -- > > > -- > > > > > > ** Section 6.2. Construction of the "tips-view-uri". > > > > > > -- Under what circumstances would it be appropriate to use http > > > (instead of > > > https) for the tips-view-uri for this new protocol mechanism? Why > > > is http needed? Could https be the only option? I appreciate > that > > > there is history of an http URL from RFC7285 published in 2014, > but > > > has field experience continue to dictate a need for this insecure > > > approach for an entirely new service? If it is needed would there > be a away to express a preference for secure transport? > > > > > > > [KAI] One reason I can think of to keep http is to allow caching of > > incremental updates (whose uri is based on the tips-view-uir) for a > > given resource whose content is intended to be publicly accessible, > > which could happen if the server is hosted by the ISP and a cost map > > is intended to be accessible by all its users. How about we add the > following sentence in sec 6.2: > > > > An ALTO server SHOULD always use "https" unless the ALTO resource > is intended to > > be publicly accessible and does not raise any security concerns. > > > > > -- Is there any underlying assumption in how "tips-view-path" is > > > constructed? I asked because Section 9.3 says "An outside party > that > > > can read the TIPS response or that can observe TIPS requests can > > > obtain the TIPS view URI and use that to send fraudulent 'DELETE' > > > requests thus disabling the service for the valid ALTO client. > This > > > can be avoided by encrypting the requests and responses (Section > 15 > > > of [RFC7285])." Observing the tips-view-uri is one way to spoof > the > > > URI, but what if it could be guessed? Is there an assumption that > a > > > unguessable random string is part of the path? As far as I can > > > find, no text explicitly says that, although the examples imply > it. > > > If the string is guessable being encrypted doesn't help but using > some kind of authentication would. > > > > > > > > > > [KAI] In -17, the fraudulent 'DELETE' issue no long exists as we now > > require the server to close of TIPS views, as suggested by the > HTTPDIR > > reviewer and the AD. I think that would address this issue. > > > > > ------------------------------------------------------------------ > -- > > > -- > > > COMMENT: > > > ------------------------------------------------------------------ > -- > > > -- > > > > > > Thank you to Donald Eastlake for the SECDIR review. > > > > > > ** Section 6.3. The example in Figure 10 describes Basic Auth. > > > Section 8.3.5 of RFC7295 notes that Digest Auth is MTI. Recommend > using that instead. > > > > > > ** Section 9. > > > The security considerations (Section 15 of [RFC7285]) of the > base > > > protocol fully apply to this extension. For example, the same > > > authenticity and integrity considerations (Section 15.1 of > [RFC7285]) > > > still fully apply; > > > > > > Since ALTO TIPS is a new protocol mechanism is it possible to > > > improve on the TLS guidance in Section 8.3.5 of RFC7295 (from > circa > > > 2014)? Specifically, can > > > RFC9325 be mandated? > > > > > > > > > > > > _______________________________________________ > > > alto mailing list > > > alto@ietf.org > > > > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fww > > > > w.ietf.org%2Fmailman%2Flistinfo%2Falto&data=05%7C01%7Cmohamed.boucad > > > > air%40orange.com%7Cb767734f09704481993708dbd87a6810%7C90c7a20af34b40 > > > > bfbc48b9253b6f5d20%7C0%7C0%7C638341792466819799%7CUnknown%7CTWFpbGZs > > > > b3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0% > > > > 3D%7C3000%7C%7C%7C&sdata=N5ABDN%2BLaxE7ZcWS4%2FNstmxjOldJiwiZtsw1yDZ > > > T6Cg%3D&reserved=0 > > _______________________________________________ > > alto mailing list > > alto@ietf.org > > > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww. > > > ietf.org%2Fmailman%2Flistinfo%2Falto&data=05%7C01%7Cmohamed.boucadair% > > > 40orange.com%7Cb767734f09704481993708dbd87a6810%7C90c7a20af34b40bfbc48 > > > b9253b6f5d20%7C0%7C0%7C638341792466819799%7CUnknown%7CTWFpbGZsb3d8eyJW > > > IjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000% > > > 7C%7C%7C&sdata=N5ABDN%2BLaxE7ZcWS4%2FNstmxjOldJiwiZtsw1yDZT6Cg%3D&rese > > rved=0 > _______________________________________________ > alto mailing list > alto@ietf.org > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww. > ietf.org%2Fmailman%2Flistinfo%2Falto&data=05%7C01%7Cmohamed.boucadair% > 40orange.com%7Cb767734f09704481993708dbd87a6810%7C90c7a20af34b40bfbc48 > b9253b6f5d20%7C0%7C0%7C638341792466819799%7CUnknown%7CTWFpbGZsb3d8eyJW > IjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000% > 7C%7C%7C&sdata=N5ABDN%2BLaxE7ZcWS4%2FNstmxjOldJiwiZtsw1yDZT6Cg%3D&rese > rved=0 ____________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
- [alto] Roman Danyliw's Discuss on draft-ietf-alto… Roman Danyliw via Datatracker
- Re: [alto] Roman Danyliw's Discuss on draft-ietf-… kaigao
- Re: [alto] Roman Danyliw's Discuss on draft-ietf-… kaigao
- Re: [alto] Roman Danyliw's Discuss on draft-ietf-… mohamed.boucadair
- Re: [alto] Roman Danyliw's Discuss on draft-ietf-… Qin Wu