Re: [auth48] AUTH48: RFC-to-be 9419 <draft-iab-path-signals-collaboration-03> for your review
rfc-editor@rfc-editor.org Thu, 01 June 2023 18:53 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: auth48archive@ietfa.amsl.com
Delivered-To: auth48archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2763C151076; Thu, 1 Jun 2023 11:53:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.807
X-Spam-Level:
X-Spam-Status: No, score=-0.807 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, CTE_8BIT_MISMATCH=0.84, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C3SVj9-YtLEt; Thu, 1 Jun 2023 11:53:45 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1DBEC151070; Thu, 1 Jun 2023 11:53:45 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id BD2E9EDE66; Thu, 1 Jun 2023 11:53:45 -0700 (PDT)
To: jari.arkko@ericsson.com, ted.ietf@gmail.com, tpauly@apple.com, mirja.kuehlewind@ericsson.com
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, iab@ietf.org, auth48archive@rfc-editor.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20230601185345.BD2E9EDE66@rfcpa.amsl.com>
Date: Thu, 01 Jun 2023 11:53:45 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/auth48archive/3tvcjQ2dOvp4kgk1BF_O4xthUAs>
Subject: Re: [auth48] AUTH48: RFC-to-be 9419 <draft-iab-path-signals-collaboration-03> for your review
X-BeenThere: auth48archive@rfc-editor.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Archiving AUTH48 exchanges between the RFC Production Center, the authors, and other related parties" <auth48archive.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/auth48archive/>
List-Post: <mailto:auth48archive@rfc-editor.org>
List-Help: <mailto:auth48archive-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/auth48archive>, <mailto:auth48archive-request@rfc-editor.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jun 2023 18:53:49 -0000
Authors, While reviewing this document during AUTH48, please resolve (as necessary) the following questions, which are also in the XML file. 1) <!--[rfced] Would it be correct to rephrase the document title as follows for clarity (i.e., "Application Considerations for" instead of "Considerations on Application -")? Original: Considerations on Application - Network Collaboration Using Path Signals Perhaps: Application Considerations for Network Collaboration Using Path Signals --> 2) <!-- [rfced] Please insert any keywords (beyond those that appear in the title) for use on https://www.rfc-editor.org/search. --> 3) <!--[rfced] Informative reference RFC 793 has been obsoleted by RFC 9293. Per Section 4.8.6 in the RFC Style Guide (RFC 7322), we recommend replacing RFC 793 with RFC 9293. May we update the reference? Original: For instance, on-path elements use various fields of the TCP header [RFC0793] to derive information about end-to-end latency as well as congestion. Suggested: For instance, on-path elements use various fields of the TCP header [RFC9293] to derive information about end-to-end latency as well as congestion. --> 4) <!-- [rfced] FYI, to make the two categories easier to read, we formatted this text as a list. Please let us know of any objections. Original: Many protocol mechanisms throughout the stack fall into one of two categories: authenticated and private communication that is only visible to a very limited set of parties, often one on each "end"; and unauthenticated public communication that is also visible to all network elements on a path. Current: Many protocol mechanisms throughout the stack fall into one of two categories: * authenticated private communication that is only visible to a very limited set of parties, often one on each "end", and * unauthenticated public communication that is visible to all network elements on a path. --> 5) <!--[rfced] To avoid using "ensures" and "ensuring" in close proximity, may we rephrase this sentence as follows? Original: For instance, QUIC replaces TCP for various applications and ensures end-to-end signals are only accessible by the endpoints, ensuring evolvability [RFC9000]. Perhaps: For instance, QUIC replaces TCP for various applications so that end-to-end signals are only accessible by the endpoints, ensuring the ability to evolve [RFC9000]. --> 6) <!-- [rfced] FYI, to make the items easier to read, we formatted this text as a list. Please let us know of any objections. Original: Authentication and trust must be considered in both directions: how endpoints trust and authenticate signals from network path elements, and how network path elements trust and authenticate signals from endpoints. Current: Authentication and trust must be considered in both directions: * how endpoints trust and authenticate signals from network path elements and * how network path elements trust and authenticate signals from endpoints. --> 7) <!--[rfced] We rephrased this sentence for clarity; please let us know of any objections. Original: This section also provides some examples and explanation of situations that not following the principles can lead to. Current: This section also provides some examples and explanation of situations that can arise when the principles are not followed. --> 8) <!-- [rfced] Please clarify "they are from and to other parties". Would "they are coming from and going to other parties" help clarify? Original: Note that these communications are conceptually independent of the base flow, even if they share a packet; they are from and to other parties, rather than creating a multiparty communication. Perhaps: Note that these communications are conceptually independent of the base flow, even if they share a packet; they are coming from and going to other parties, rather than creating a multiparty communication. --> 9) <!-- [rfced] We would like to rephrase this information as follows for clarity and to reduce redundancy. Please let us know if the preferred text is agreeable or if you prefer otherwise. Original: The goal is that any information should be provided knowingly, for a specific purpose, sent in signals designed for that purpose, and that any use of information should be done within that purpose. And that an analysis of the security and privacy implications of the specific purpose and associated information is needed. Perhaps: The goal is that any information should be provided knowingly for a specific purpose, sent in signals designed for that purpose, and used within that purpose. In addition, an analysis of the security and privacy implications of the specific purpose and associated information is needed. --> 10) <!--[rfced] Would it be clearer to say "Even if" instead of "Whether" and "it does not mean" instead of "it does not follow" in the following sentence? Original: Whether a communication is with an application server or network element that can be shown to be associated with a particular domain name, it does not follow that information about the user can be safely sent to it. Perhaps: Even if communication with an application server or network element can be shown to be associated with a particular domain name, it does not mean that information about the user can be safely sent to it. --> 11) <!--[rfced] The following list is not parallel. Please let us know if the perhaps text captures the intended meaning. Original: And of course we need to choose such cases where the collaboration can be performed safely, is not a privacy concern, and the incentives of the relevant parties are aligned. Perhaps: And, of course, we need to choose such cases where the collaboration can be performed safely, there are no privacy concerns, and the incentives of the relevant parties are aligned. --> 12) <!--[rfced] Some of the bullet points in this list begin with a complete sentence and some begin with a fragmented sentence (see #4, #5, and #6). Please let us know if/how we may make the list parallel. Original: * Some forms of collaboration may depend on business arrangements, which may or may not be easy to put in place. * Secure communications with path elements is needed as discussed in Section 2.3. * The use of path signals for reducing the effects of denial-of- service attacks, e.g., perhaps modern forms of "source quench" designs could be developed. * Ways of protecting information when held by network elements or servers, beyond communications security. * Sharing information from networks to applications. * Sharing information from applications to networks. * Data privacy regimes generally deal with more issues than merely whether some information is shared with another party or not. * The present work has focused on the technical aspects of making collaboration safe and mutually beneficial, but of course, deployments need to take into account various regulatory and other policy matters. --> 13) <!--[rfced] For better readability, we combined the following sentences. Please let us know if this is accurate or please clarify. Original: Finding practical ways for this has been difficult, both from the mechanics and scalability point view. And also because there is no easy way to find out which parties to trust or what trust roots would be appropriate. Current: Finding practical ways for this has been difficult, both from the mechanics and scalability point of view, especially because there is no easy way to find out which parties to trust or what trust roots would be appropriate. --> 14) <!--[rfced] May we rephrase this sentence for clarity as follows? Original: Data privacy regimes generally deal with more issues than merely whether some information is shared with another party or not. Perhaps: Data privacy regimes generally deal with multiple issues, not just whether or not some information is shared with another party. --> 15) <!-- [rfced] IAB Formatting a) Please review the guidance for IAB documents <https://www.rfc-editor.org/materials/iab-format.txt> and let us know if any changes are needed. Note that if you include an "IAB Members at the Time of Approval" section (since this document has IAB consensus), it will appear before the Acknowledgements section and will list the members listed on <https://www.iab.org/about/iab-members/> unless you specify otherwise. --> 16) <!-- [rfced] Please review the "Inclusive Language" portion of the online Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> and let us know if any changes are needed. Note that our script did not flag any words in particular, but this should still be reviewed as a best practice. --> Thank you. RFC Editor/st/kc On Jun 1, 2023, at 11:52 AM, rfc-editor@rfc-editor.org wrote: *****IMPORTANT***** Updated 2023/06/01 RFC Author(s): -------------- Instructions for Completing AUTH48 Your document has now entered AUTH48. Once it has been reviewed and approved by you and all coauthors, it will be published as an RFC. If an author is no longer available, there are several remedies available as listed in the FAQ (https://www.rfc-editor.org/faq/). You and you coauthors are responsible for engaging other parties (e.g., Contributors or Working Group) as necessary before providing your approval. Planning your review --------------------- Please review the following aspects of your document: * RFC Editor questions Please review and resolve any questions raised by the RFC Editor that have been included in the XML file as comments marked as follows: <!-- [rfced] ... --> These questions will also be sent in a subsequent email. * Changes submitted by coauthors Please ensure that you review any changes submitted by your coauthors. We assume that if you do not speak up that you agree to changes submitted by your coauthors. * Content Please review the full content of the document, as this cannot change once the RFC is published. Please pay particular attention to: - IANA considerations updates (if applicable) - contact information - references * Copyright notices and legends Please review the copyright notice and legends as defined in RFC 5378 and the Trust Legal Provisions (TLP – https://trustee.ietf.org/license-info/). * Semantic markup Please review the markup in the XML file to ensure that elements of content are correctly tagged. For example, ensure that <sourcecode> and <artwork> are set correctly. See details at <https://authors.ietf.org/rfcxml-vocabulary>. * Formatted output Please review the PDF, HTML, and TXT files to ensure that the formatted output, as generated from the markup in the XML file, is reasonable. Please note that the TXT will have formatting limitations compared to the PDF and HTML. Submitting changes ------------------ To submit changes, please reply to this email using ‘REPLY ALL’ as all the parties CCed on this message need to see your changes. The parties include: * your coauthors * rfc-editor@rfc-editor.org (the RPC team) * other document participants, depending on the stream (e.g., IETF Stream participants are your working group chairs, the responsible ADs, and the document shepherd). * auth48archive@rfc-editor.org, which is a new archival mailing list to preserve AUTH48 conversations; it is not an active discussion list: * More info: https://mailarchive.ietf.org/arch/msg/ietf-announce/yb6lpIGh-4Q9l2USxIAe6P8O4Zc * The archive itself: https://mailarchive.ietf.org/arch/browse/auth48archive/ * Note: If only absolutely necessary, you may temporarily opt out of the archiving of messages (e.g., to discuss a sensitive matter). If needed, please add a note at the top of the message that you have dropped the address. When the discussion is concluded, auth48archive@rfc-editor.org will be re-added to the CC list and its addition will be noted at the top of the message. You may submit your changes in one of two ways: An update to the provided XML file — OR — An explicit list of changes in this format Section # (or indicate Global) OLD: old text NEW: new text You do not need to reply with both an updated XML file and an explicit list of changes, as either form is sufficient. We will ask a stream manager to review and approve any changes that seem beyond editorial in nature, e.g., addition of new text, deletion of text, and technical changes. Information about stream managers can be found in the FAQ. Editorial changes do not require approval from a stream manager. Approving for publication -------------------------- To approve your RFC for publication, please reply to this email stating that you approve this RFC for publication. Please use ‘REPLY ALL’, as all the parties CCed on this message need to see your approval. Files ----- The files are available here: https://www.rfc-editor.org/authors/rfc9419.xml https://www.rfc-editor.org/authors/rfc9419.html https://www.rfc-editor.org/authors/rfc9419.pdf https://www.rfc-editor.org/authors/rfc9419.txt Diff file of the text: https://www.rfc-editor.org/authors/rfc9419-diff.html https://www.rfc-editor.org/authors/rfc9419-rfcdiff.html (side by side) Diff of the XML: https://www.rfc-editor.org/authors/rfc9419-xmldiff1.html The following files are provided to facilitate creation of your own diff files of the XML. Initial XMLv3 created using XMLv2 as input: https://www.rfc-editor.org/authors/rfc9419.original.v2v3.xml XMLv3 file that is a best effort to capture v3-related format updates only: https://www.rfc-editor.org/authors/rfc9419.form.xml Tracking progress ----------------- The details of the AUTH48 status of your document are here: https://www.rfc-editor.org/auth48/rfc9419 Please let us know if you have any questions. Thank you for your cooperation, RFC Editor -------------------------------------- RFC9419 (draft-iab-path-signals-collaboration-03) Title : Considerations on Application - Network Collaboration Using Path Signals Author(s) : J. Arkko, T. Hardie, T. Pauly, M. Kuehlewind WG Chair(s) : Area Director(s) :
- [auth48] AUTH48: RFC-to-be 9419 <draft-iab-path-s… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9419 <draft-iab-pa… rfc-editor
- Re: [auth48] AUTH48: RFC-to-be 9419 <draft-iab-pa… Ted Hardie
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Karen Moore
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Tommy Pauly
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Alice Russo
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Ted Hardie
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Karen Moore
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Tommy Pauly
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Karen Moore
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Karen Moore
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Ted Hardie
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Karen Moore
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Jari Arkko
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Ted Hardie
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Mirja Kuehlewind
- Re: [auth48] [IAB] AUTH48: RFC-to-be 9419 <draft-… Karen Moore