[Anima] Review of draft-ietf-anima-voucher-02

Sheng Jiang <jiangsheng@huawei.com> Mon, 15 May 2017 09:49 UTC

Return-Path: <jiangsheng@huawei.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 7122F129BD7; Mon, 15 May 2017 02:49:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 5Yz9CdMt4ja4; Mon, 15 May 2017 02:49:15 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A33B129566; Mon, 15 May 2017 02:45:17 -0700 (PDT)
Received: from (EHLO lhreml701-cah.china.huawei.com) ([]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DGQ31145; Mon, 15 May 2017 09:45:15 +0000 (GMT)
Received: from NKGEML411-HUB.china.huawei.com ( by lhreml701-cah.china.huawei.com ( with Microsoft SMTP Server (TLS) id 14.3.301.0; Mon, 15 May 2017 10:45:14 +0100
Received: from NKGEML515-MBX.china.huawei.com ([fe80::a54a:89d2:c471:ff]) by nkgeml411-hub.china.huawei.com ([]) with mapi id 14.03.0235.001; Mon, 15 May 2017 17:45:09 +0800
From: Sheng Jiang <jiangsheng@huawei.com>
To: Anima WG <anima@ietf.org>
CC: "anima-chairs@ietf.org" <anima-chairs@ietf.org>
Thread-Topic: Review of draft-ietf-anima-voucher-02
Thread-Index: AdLNX+f8nW2hbPYgQsahYgXj0ecekQ==
Date: Mon, 15 May 2017 09:45:08 +0000
Message-ID: <5D36713D8A4E7348A7E10DF7437A4B927CD9CE1C@NKGEML515-MBX.china.huawei.com>
Accept-Language: en-GB, zh-CN, en-US
Content-Language: zh-CN
x-originating-ip: []
Content-Type: multipart/alternative; boundary="_000_5D36713D8A4E7348A7E10DF7437A4B927CD9CE1CNKGEML515MBXchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.591978AC.001C, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: 6a09d196242fc6fa9810e732d4504d90
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/C8msWV8VlPz46BURmJeME8vTfv0>
Subject: [Anima] Review of draft-ietf-anima-voucher-02
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 May 2017 09:49:17 -0000

Hi, authors of draft-ietf-anima-voucher,

I am doing a thorough review as the document shepherd with my ANIMA chair hat on. Please address the below comments so that we could process this document further. I cannot claim myself a security expert, so extra security expert review is needed, either in WGLC or IESG review stage.

Firstly, there is report that this document has warnings or errors returned by YANG validation. Please

Secondly, please check the references and normative words. This document has a "MUST not", which is not an accepted usage according to RFC 2119. RFC6066 & RFC5652 has been quota in the document, but not defined; and normative reference to an Informational RFC 2315.

Thirdly, there are 19 question marks in the document. Most of these are discussed and reach conclusions, I believe. Please remove these question marks and relevant text. If there are still open questions, please discuss in mailing list and address them, before we could process WGLC.

In section 2, The quota from Konrad Lorenz should be put into quotation marks.

"This document describes vouchers in detail."It is better to give a reference to the specific section 4.

In definition of Domain CA, "Optionally, it certifies all elements." What does the term "element" mean? This term does not appear anywhere else in the document.

In definition of MASA, "It does not track ownership." It is not clear for me, whether the MASA is technically not be able to track ownership or in the commercial deployment model, it MUST NOT/SHOULD NOT track ownership. There is no enough description or discussion on the relationship between the MASA and device ownership.

A few inconsistent for capital abbreviation, such as cn-id, dns-id, etc.

A few DISCUSS & EDNOTE from editor notes should be removed.

The normative words in design consideration seems odd for me. The design consideration means not protocol definition neither behavior specification although security consideration may be specification in my eyes. It should not have normative words.

Typo: "informative", "informative"; "Circustance", "Circumstances"; "maintanence", "maintenance"; hardware security modules (HSMs), Hardware Security Modules (HSMs).