IETF Logo Mail Archive

Re: [alto] I-D Action: draft-ietf-alto-cost-calendar-06.txt

Jensen Zhang <jingxuan.n.zhang@gmail.com> Thu, 05 July 2018 07:58 UTC

Return-Path: <jingxuan.n.zhang@gmail.com>
X-Original-To: alto@ietfa.amsl.com
Delivered-To: alto@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97C34130E78 for <alto@ietfa.amsl.com>; Thu, 5 Jul 2018 00:58:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KgZqvWg8fNfF for <alto@ietfa.amsl.com>; Thu, 5 Jul 2018 00:58:23 -0700 (PDT)
Received: from mail-yw0-x232.google.com (mail-yw0-x232.google.com [IPv6:2607:f8b0:4002:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04E11130E44 for <alto@ietf.org>; Thu, 5 Jul 2018 00:58:23 -0700 (PDT)
Received: by mail-yw0-x232.google.com with SMTP id t198-v6so2663875ywc.3 for <alto@ietf.org>; Thu, 05 Jul 2018 00:58:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=E50l4VtuVZ5LDo9P1o4GdyPUH19mzwdREtxl4Fl2w4A=; b=MmECdjE/D1xB5qgrrXwmjojumxmiW46iIDlYNr/eUNeNXvINns+61ZqgJISSOgHczD B0xwm7s/LjFreYtSPE5y9WS1YzhIXzg6pT99tIw23EcmWs1tD4RRgte6Fp9k8GfMqklZ eAYSRTwgiiAaOEDyDsdR844lNRjDxftSk7vL+88smFqI6wPYUlNJewx9YmiAN0OvIKYo MKzNVcFhuKtcka9z188fZESGP3L9X+2Bx6WMZEFSCd2b8Xp5b4/+B51WnLqhz38otWA2 1BJOhCUMOqjGCOKpMsHhYG5gwVoWqdIu5vkwWk1Gy+3dxfRHjD95VyOp7BbHdhWiV9wC D89Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=E50l4VtuVZ5LDo9P1o4GdyPUH19mzwdREtxl4Fl2w4A=; b=mx5YzgTJoYgdOqehV1ww0v44yVJAKszzzgZSgv/yWaSvO0wmhxQLbZ689usE4Vi4iO YHIlNfX1WoWWMPpsJU3duMEfB6EODMRoFHT+/i1ASv6NpCFr/UUGaoQTekly3vAqmia4 JwvfXL4+iY7ZDgb7/9Bw2xeEUvRa80XxvNZF/4GwntDD43e1jHjSGeAfQlaY6ElI5zxH WC/0kgGmu40ERG0fjDKS45maP/HSXT1JN6U1qqZURvKvaJXyVYSBdpHk0KYUW0kZ8Ygl kXV4zriR5f5U/4ma6L4tdvPzRD13S5UtfGC6qcn1htKRpYTdmbFYBRPbzzm8LmwXBaKt X+7Q==
X-Gm-Message-State: APt69E1hU/Y5EtxvP+0zoVQoUMuIgtGv/W066cg9r1cqD9Am6xQg4w2C 7IZOtYK1IA51yuIhfnl5Jt2hN9ZhcjqAarE4R8k=
X-Google-Smtp-Source: AAOMgpdzPW1sVstVMTklQIOiFToz4Rqs2sCfxRRHnoYIhNlo91D6qGObN3acdmOVqvpTkqGR/hgXFaXRrg7a7IroQbM=
X-Received: by 2002:a0d:f042:: with SMTP id z63-v6mr2266940ywe.248.1530777502181; Thu, 05 Jul 2018 00:58:22 -0700 (PDT)
MIME-Version: 1.0
References: <153054415221.16179.11095308245366639421@ietfa.amsl.com> <AM4PR07MB3236A46F286ED954257B68C595430@AM4PR07MB3236.eurprd07.prod.outlook.com> <afea2289-9443-c561-dee5-144349169ce1@nokia.com> <CAAbpuyq_BvGr7eZuc-mDBdUjAD7r1moPAvS=3EEG-JO2_ApaUw@mail.gmail.com> <BLUPR02MB12029ACDBA97639F3AA12CA3B5420@BLUPR02MB1202.namprd02.prod.outlook.com> <c2ebbeb6-451c-e310-019c-89be90167a89@nokia.com> <CAEDarXLkmGe8CR=YxmWMYCYAz8V=MtOQb76V42xdoyGWqCoFZw@mail.gmail.com>
In-Reply-To: <CAEDarXLkmGe8CR=YxmWMYCYAz8V=MtOQb76V42xdoyGWqCoFZw@mail.gmail.com>
From: Jensen Zhang <jingxuan.n.zhang@gmail.com>
Date: Thu, 05 Jul 2018 03:58:09 -0400
Message-ID: <CAAbpuyrrM8K=a1B1UtsU5PrLbKW_OSbNpD91AyUaxTF-nP1V4Q@mail.gmail.com>
To: "Vijay K. Gurbani" <vijay.gurbani@nokia.com>
Cc: IETF ALTO <alto@ietf.org>, Danny Alex Lachos Perez <dlachosper@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000003f709105703be93a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/alto/sM9oAFTgPVpz-fto9Xmd7RtC274>
Subject: Re: [alto] I-D Action: draft-ietf-alto-cost-calendar-06.txt
X-BeenThere: alto@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <alto.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/alto>, <mailto:alto-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/alto/>
List-Post: <mailto:alto@ietf.org>
List-Help: <mailto:alto-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/alto>, <mailto:alto-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2018 07:58:27 -0000

Hi Vijay and WG,

I just finish the review of Section 6 and 7 of the cost calendar draft.
Hopefully, it is not too late.

There is no major issue in these two sections. But just some sentences are
not clear for me. I post my recommended edits. May need authors to check
whether my understanding is correct.

Following is my detailed review:

-------
Section 6., paragraph 2:

>    The calendaring information provided by this extension requires
>    additional considerations on three security considerations discussed
>    in the base protocol: potential undesirable guidance to clients
>    (Section 15.2 of [RFC7285]), confidentiality of ALTO information
>    (Section 15.2 of [RFC7285]), and availability of ALTO (Section 15.5
>    of [RFC7285]).  For example, by providing network information in the
>    future in a calendar, this extension may improve availability of

  improve availability -> improve the availability


Section 6., paragraph 4:

>    For confidentiality of ALTO information, an operator should be
>    cognizant that this extension may introduce a new risk: an ALTO
>    client may get information for future events that are scheduled
>    through calendaring.  Possessing such information, the client may use
>    it to achieve its goal: (1) initiating connections only at
>    advantageous network costs, leading to unexpected network load; (2)

  "unexpected network load" is not clear for me here. Do you mean the
  skew of the network load which can lead to the congestion? How about
  changing the words to "leading to imbalance of the network load and
  potential congestion"


Section 6., paragraph 6:

>    To mitigate this risk, the operator should address the risk of ALTO
>    information being leaked to malicious clients or third parties.  As
>    specified in Section 15.3.2 ("Protection Strategies") of [RFC7285],
>    the ALTO server should authenticate ALTO clients and use the
>    Transport Layer Security (TLS) protocol so that Man In The Middle
>    (MITM) attacks to intercept an ALTO Calendar are not possible.
>    [RFC7285] ensures the availability of such a solution in its
>    Section 8.3.5.  "Authentication and Encryption", which specifies that

  Please make the reference format consistent: Section 8.3.5
  ("Authentication and Encryption")


Section 6., paragraph 7:

>    "ALTO server implementations as well as ALTO client implementations
>    MUST support the "https" URI scheme [RFC2818] and Transport Layer
>    Security (TLS) [RFC5246].

  Here misses the close quotation mark.


Section 6., paragraph 8:

>    For potential undesirable guidance of ALTO information, an ALTO

  potential -> the potential


Section 6., paragraph 9:

>    client should be cognizant that using calendaring information can
>    have risks: (1) a repeat pattern may be only statistical, and (2)

  The meaning of the term "repeat pattern" is not clear for me. Do you
  mean the "repeated" attributed provided by the ALTO server is just a
  recommended value and may be different from the real daily pattern?


Section 6., paragraph 10:

>    future events may change.  Hence, a more robust ALTO client should
>    adapt and extend protection strategies specified in Section 15.2 of
>    the base protocol: it should develop self check and also ensure
>    information update, to reduce the impact of this risk.

  self check -> self-check

-------

Best,
Jensen

On Wed, Jul 4, 2018 at 5:23 AM Danny Alex Lachos Perez <dlachosper@gmail.com>
wrote:

> Hello ALTO WG
>
> Some grammar, spelling, and punctuation issues about this draft are as
> follows:
>
>    - Introduction
>    - "Statement [RFC5693] and ALTO Requirements [RFC5693].Thus the
>       current"
>          - Consider adding a space after "[RFC5693]."
>       - "locations, e.g. to reduce their costs.  ALTO intentionally
>       avoids"
>       - "e.g. due to diurnal patterns of traffic demand or planned events
>       such"
>          - Consider adding a comma after "e.g."
>       - "In this draft an "ALTO Cost Calendar" is specified by
>       information"
>          - Consider adding a comma after "In this draft"
>       - Section 2
>       - "information resources capabilities, where as attributes with
>       time"
>          - where as -> whereas
>       - "duration of the Calendar: e.g. the number of intervals provided"
>          - Consider adding a comma after "e.g."
>       - "IRD, the ALTO requests and responses for Cost calendars."
>          - Consider adding a comma after "ALTO requests"
>       - "historic or be a prediction for upcoming time periods."
>          - historic -> historical
>       - Section 3
>       - "example an ALTO Server may provide a calendar for ALTO values"
>          - Consider adding a comma after "example"
>       - Section 4
>       - "exchange: by providing it, an ALTO Server will avoid unecessary"
>          - unecessary -> unnecessary
>       - "When the Client gets the Calendar for "routingcost", it sees that
>       the"
>          - sees -> seems
>       - "Monday, Tuesday, Wednesday and Thursday.  The ALTO Client thus
>       may"
>          - Consider adding a comma after "Wednesday"
>          - extra space after "Thursday."
>       - Section 6
>    - "future in a calendar, this extension may improve availability of"
>          - Consider adding the article "the" after "improve"
>
> Ss
>
> Danny Lachos
>
>
> On Tue, Jul 3, 2018 at 12:58 PM Vijay K. Gurbani <vijay.gurbani@nokia.com>
> wrote:
>
>> Dawn: Excellent.  Thanks a lot.  Jensen has also volunteered to look at
>> S6 and S7.
>>
>> As soon as you post your reviews of these sections by Wed, we'll move
>> the work ahead, subject to what you find in your review, of course.
>>
>> Cheers,
>>
>> On 07/03/2018 10:33 AM, Dawn Chan wrote:
>> > Hi Vijay,
>> >
>> > I can do a review of S6 and S7 too.
>> >
>> > Dawn
>> >
>> >
>> > ________________________________________
>> > From: Jensen Zhang <jingxuan.n.zhang@gmail.com>
>> > Sent: Tuesday, July 3, 2018 10:55:18 AM
>> > To: Vijay K. Gurbani
>> > Cc: 92yichenqian@tongji.edu.cn; Chan Dawn; Randriamasy, Sabine (Nokia
>> - FR/Paris-Saclay); alto@ietf.org; geng.li@yale.edu
>> > Subject: Re: [alto] I-D Action: draft-ietf-alto-cost-calendar-06.txt
>> >
>> > Hi Vijay,
>> >
>> > I will give a review on S6 and S7 by Wednesday.
>> >
>> > Best,
>> > Jensen
>> >
>> > On Tue, Jul 3, 2018, 6:26 AM Vijay K. Gurbani <vijay.gurbani@nokia.com
>> <mailto:vijay.gurbani@nokia.com>> wrote:
>> > Sabine: Thank you for getting this out.  I was hoping that all nits
>> > identified by IDNits tool will be taken care in this revision.
>> > Unfortunately, IDNits reports three warnings for -06.  These need to be
>> > eventually fixed, perhaps as part of Auth-48, etc.
>> >
>> > But before I can send the draft to IESG, I need key members of the WG
>> > who have reviewed previous versions of this draft to review the newly
>> > added Security Considerations section.  You only need to review this
>> > section, as previous versions of the draft were reviewed in their
>> > entirety.  The new addition here is S6 (Security Considerations) and S7
>> > (Operations Considerations).
>> >
>> > Can I please request a subset of the following people to review S6 and
>> S7:
>> >
>> >    Yichen Qian, Li Geng, Dawn Chen, and Jensen Zhang
>> >
>> > I will like at least two people from the above set to read S6 and S7 and
>> > let the WG know whether the draft is ready to be moved out of the WG.
>> >
>> > Please do so soon, preferably by Wed midnight (US Eastern).  The
>> > sections are short, but your reading and feedback to the WG will be
>> > invaluable.
>> >
>> > Thank you,
>> >
>> > On 07/02/2018 10:23 AM, Randriamasy, Sabine (Nokia - FR/Paris-Saclay)
>> wrote:
>> >> Hello,
>> >>
>> >> In this version 06:
>> >>
>> >> - Section 6 Security Considerations has been revised for a more
>> complete threat model,
>> >> - A new Section 7 "Operations Considerations" has been added and now
>> contains the initial text on Security Considerations of version
>> draft-ietf-alto-cost-calendar-05.
>> >>
>> >> Thanks,
>> >> Sabine
>> >>
>> >> -----Original Message-----
>> >> From: alto [mailto:alto-bounces@ietf.org<mailto:alto-bounces@ietf.org>]
>> On Behalf Of internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>
>> >> Sent: Monday, July 02, 2018 5:09 PM
>> >> To: i-d-announce@ietf.org<mailto:i-d-announce@ietf.org>
>> >> Cc: alto@ietf.org<mailto:alto@ietf.org>
>> >> Subject: [alto] I-D Action: draft-ietf-alto-cost-calendar-06.txt
>> >>
>> >>
>> >> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>> >> This draft is a work item of the Application-Layer Traffic
>> Optimization WG of the IETF.
>> >>
>> >>         Title           : ALTO Cost Calendar
>> >>         Authors         : Sabine Randriamasy
>> >>                           Richard Yang
>> >>                           Qin Wu
>> >>                           Lingli Deng
>> >>                           Nico Schwan
>> >>       Filename        : draft-ietf-alto-cost-calendar-06.txt
>> >>       Pages           : 27
>> >>       Date            : 2018-07-02
>> >>
>> >> Abstract:
>> >>    The goal of Application-Layer Traffic Optimization (ALTO) is to
>> >>    bridge the gap between network and applications by provisioning
>> >>    network related information in order to allow applications to make
>> >>    network informed decisions.  The present draft extends the ALTO cost
>> >>    information so as to broaden the decision possibilities of
>> >>    applications to not only decide 'where' to connect to, but also
>> >>    'when'.  This is useful to applications that need to schedule their
>> >>    data transfers and connections and have a degree of freedom to do
>> so.
>> >>    ALTO guidance to schedule application traffic can also efficiently
>> >>    help for load balancing and resources efficiency.  Besides, the ALTO
>> >>    Cost Calendar allows to schedule the ALTO requests themselves and
>> >>    thus to save a number of ALTO transactions.
>> >>
>> >>    This draft proposes new capabilities and attributes on filtered cost
>> >>    maps and endpoint cost maps enabling an ALTO Server to provide "Cost
>> >>    Calendars".  These capabilities are applicable to ALTO metrics with
>> >>    time-varying values.  With ALTO Cost Calendars, an ALTO Server
>> >>    exposes ALTO cost values in JSON arrays where each value corresponds
>> >>    to a given time interval.  The time intervals as well as other
>> >>    Calendar attributes are specified in the IRD and ALTO Server
>> >>    responses.
>> >>
>> >>
>> >>
>> >> The IETF datatracker status page for this draft is:
>> >> https://datatracker.ietf.org/doc/draft-ietf-alto-cost-calendar/
>> >>
>> >> There are also htmlized versions available at:
>> >> https://tools.ietf.org/html/draft-ietf-alto-cost-calendar-06
>> >> https://datatracker.ietf.org/doc/html/draft-ietf-alto-cost-calendar-06
>> >>
>> >> A diff from the previous version is available at:
>> >> https://www.ietf.org/rfcdiff?url2=draft-ietf-alto-cost-calendar-06
>> >>
>> >>
>> >> Please note that it may take a couple of minutes from the time of
>> submission until the htmlized version and diff are available at
>> tools.ietf.org<http://tools.ietf.org>.
>> >>
>> >> Internet-Drafts are also available by anonymous FTP at:
>> >> ftp://ftp.ietf.org/internet-drafts/
>> >>
>> >> _______________________________________________
>> >> alto mailing list
>> >> alto@ietf.org<mailto:alto@ietf.org>
>> >> https://www.ietf.org/mailman/listinfo/alto
>> >>
>> >> _______________________________________________
>> >> alto mailing list
>> >> alto@ietf.org<mailto:alto@ietf.org>
>> >> https://www.ietf.org/mailman/listinfo/alto
>> >>
>> >
>> > - vijay
>> > --
>> > Vijay K. Gurbani / vijay.gurbani@nokia.com<mailto:
>> vijay.gurbani@nokia.com>
>> > Network Data Science, Nokia Networks
>> > Calendar: http://goo.gl/x3Ogq
>> >
>>
>> - vijay
>> --
>> Vijay K. Gurbani / vijay.gurbani@nokia.com
>> Network Data Science, Nokia Networks
>> Calendar: http://goo.gl/x3Ogq
>>
>> _______________________________________________
>> alto mailing list
>> alto@ietf.org
>> https://www.ietf.org/mailman/listinfo/alto
>>
> _______________________________________________
> alto mailing list
> alto@ietf.org
> https://www.ietf.org/mailman/listinfo/alto
>

v2.23.0 | Report a Bug | By Email