Re: [alto] SECDIR review of draft-ietf-alto-new-transport-07

Donald Eastlake <d3e3e3@gmail.com> Fri, 31 March 2023 00:43 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D76EC14CE24; Thu, 30 Mar 2023 17:43:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U3rfyklDiCvc; Thu, 30 Mar 2023 17:43:35 -0700 (PDT)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4507C14CE4A; Thu, 30 Mar 2023 17:43:35 -0700 (PDT)
Received: by mail-ed1-x52d.google.com with SMTP id ew6so83478997edb.7; Thu, 30 Mar 2023 17:43:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1680223414; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=gX4jAy410mGcjsqZ0FHWrxzeQ/gVE/7ZOegzeWTtfXQ=; b=RlqhCJUlGgly69F+igXCsDbp1ojYCV1v1TgDrx9i+BYjKplEumvAShIHa1sYReDB4W BVCDrafgh53ZAiCIjBmSeThgJ+0BEr4NkuoJ4dtHd0H8ExOomOAJnbWbO4cudHIFvCC+ CP0SQfrLs/niK7tY0JOz5NH+ESAVVG/1+Yq/FZ2uofHMKI/ArV8R3ha5cUoPJJklDZea 0YfqMtXad9EKGgDWa9ckBJZIdErB54OTanO2UFb5o2CqlFNuyJHW37n3AuHcq4F5+ZN3 CeXTSX41g7w4IglwsWKbNxf1eAOZbWKJTjTo2EZcsUPtkifl3E667aFPdMCE9w+BoSxw INtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680223414; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gX4jAy410mGcjsqZ0FHWrxzeQ/gVE/7ZOegzeWTtfXQ=; b=weQx/GUIIQIA+ETsu2TQHcqpLsTtFbXYJe/4qMKYi1PBoKKIl/at5d24zJKSoezglD VRNRGcoKKiN0zfQbaCvUXozIxWQQNpdEDqbrzN9V6Qs0TGU1cfaVqYNAP0CnwtG6qBKE 5JwBD/UIdkfSVArkO4m/JEbDgNbZJYQgpz2hh1q7tOfb5Cg0BfbWkfUBi0U2vY1VeJFw M+0Kd3vEZShKnoOl3nEYqWeuZvfqMAqgulEyJq+V+hIm2WCouPTQ03gmBygEcGSq7Tnd i13a2D9x+8F/cIN2UWqZ9Gta7sutKCO4P5cjK9HnWDNL61bdmbgNkn5hdNFdAV2u6l+S bpRw==
X-Gm-Message-State: AAQBX9cAA914Pvu96m52jpBdJ+2rTQ6V3594GWKuj+Le9LK8QMOumNmh IAytrg777Wo99vC3al7D1Epc6H2Cl68DUZJIfqU=
X-Google-Smtp-Source: AKy350b75vBhaPR0EegGz4JTbgqccD5MRNkz6irDaBSw+3xF7BdW0qj2SXww7f049s1muFB/HyJkaSfvosru6kJgKYU=
X-Received: by 2002:a17:907:3f1b:b0:90a:33e4:5a69 with SMTP id hq27-20020a1709073f1b00b0090a33e45a69mr12877119ejc.3.1680223413576; Thu, 30 Mar 2023 17:43:33 -0700 (PDT)
MIME-Version: 1.0
References: <CAF4+nEHvsgTs3DKz99sa3Uqxz2wkbpXcChqiknUtA4WQLcxvqg@mail.gmail.com> <CAOj3RjYk51ev2FwJtBRrr1LTuSLyZdFaEnkdPoWuiq+0ExXaOg@mail.gmail.com>
In-Reply-To: <CAOj3RjYk51ev2FwJtBRrr1LTuSLyZdFaEnkdPoWuiq+0ExXaOg@mail.gmail.com>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Thu, 30 Mar 2023 20:43:18 -0400
Message-ID: <CAF4+nEF3JkzJfepPV0i0gOX+TiuHoF=K+PmYe=Z1j58UZgsh5g@mail.gmail.com>
To: Lachlan Keller <lachlan.keller@yale.edu>
Cc: "iesg@ietf.org" <iesg@ietf.org>, secdir <secdir@ietf.org>, draft-ietf-alto-new-transport.all@ietf.org, IETF ALTO <alto@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b5a70005f8277f15"
Archived-At: <https://mailarchive.ietf.org/arch/msg/alto/KaXJsTAmgSrKLRGR7oITVkv1584>
Subject: Re: [alto] SECDIR review of draft-ietf-alto-new-transport-07
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Mar 2023 00:43:40 -0000

Hi Lachlan,

I'm happy with all of your responses and consider my comments to have been
resolved.

Thanks,
Donald
===============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e3e3@gmail.com


On Thu, Mar 30, 2023 at 5:46 PM Lachlan Keller <lachlan.keller@yale.edu>
wrote:

> Hi Donald,
>
> Thank you so much for your review and comments. Please see the responses
> inline.
>
> Best,
> Lachlan
>
> On Tue, Mar 28, 2023 at 11:10 AM Donald Eastlake <d3e3e3@gmail.com> wrote:
>
>> I have reviewed this document as part of the security directorate's
>> ongoing effort to review all IETF documents being processed by the IESG.
>> Document editors and WG chairs should treat these comments just like any
>> other comments.
>>
>> The summary of the review is Ready with Nits.
>>
>> *Security:*
>>
>> While I'm not all that into ALTO, it seems to me that this draft is all
>> about messages and message exchanges between ALTO entities where the
>> security (authentication, encryption, ...) has been specified in previous
>> standards track documents such as RFC 7285. There are a few additional
>> security considerations which seem to be well covered by the Security
>> Considerations section of this draft.
>>
>> *Nits:*
>>
>> Section 1.0, Page 4:
>> OLD
>> functioning for HTTP/1.x. TIPS also provides an ALTO server to
>> NEW
>> functioning for HTTP/1.x. TIPS also provides for an ALTO server to
>>
>
> LACHLAN: fixed
>
>>
>> Section 2.1.1, Page 8: Seems too vague. A sentence about tips-view-uri
>> wouldn't hurt. At the bottom it says "Use the URI as above". Which URI
>> above? What exactly does "use" mean?
>>
>
> LACHLAN: Thanks for this comment - propose changing "Use the URI as above"
> to "Construct same URIs as with client pull for push promise URIs." As for
> the tips-view-uri clarification, propose adding "<tips-view-uri>  //
> relative URI to TIPS view (see Section 4.2)"
>
>>
>> Section 2.2, Page 9, Figure 3: Figure looks kind of incomplete. Shouldn't
>> there be arrows from R1 to R2/R3?
>>
>
> LACHLAN: You are right that figure 3 is technically incomplete. We will
> move it to the appendix as it was supposed to just show the thought process
> of part of the design decisions we made.
>
>>
>> Section 2.3, Page 10: In the text on "Information Resource Directory" the
>> first sentence is confusing. What is the thing that is requested to
>> discover? Maybe you should replace "Requested" at the start of the sentence
>> with "Produced when a server is requested"...
>>
>
> LACHLAN: Propose changing text to "Contains a list of available
> information resources provided by an ALTO server that can be requested by
> ALTO clients" to clarify the section.
>
>>
>> Section 2.3, Page 11 at top: That's Figure 4, not 1.
>>
>
> LACHLAN: good catch
>
>>
>> Section 2.4, Page 12, 1st paragraph: I think a service runs "over" a
>> connection, not "inside" a connection.
>>
>
> LACHLAN: fixed
>
>>
>> Section 4.4, Page 23: Seems kind of feeble. How about, given that a
>> disconnect is treated as a DELETE, something like the following, which
>> probably implies that the server maintains a use count. (This document need
>> not mention such a count.)
>> OLD
>> set associated with the TIPS view. A server will not want to delete
>> NEW
>> set associated with the TIPS view. A server MUST NOT delete
>>
>>
> LACHLAN: Great point. Because there are actually multiple options with how
> to treat the DELETE, we’ve now added a new considerations section that
> discusses management of shared TIPS views for clarity. See Kai’s response
> to the ART ART review for more details, where this was pointed out as well.
>
>
>>
>> Thanks,
>> Donald
>> ===============================
>>  Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>>  2386 Panoramic Circle, Apopka, FL 32703 USA
>>  d3e3e3@gmail.com
>>
>