[BEHAVE] AD review: draft-ietf-behave-ftp64-09
"David Harrington" <ietfdbh@comcast.net> Tue, 17 May 2011 18:04 UTC
Return-Path: <ietfdbh@comcast.net>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E283E0720 for <behave@ietfa.amsl.com>; Tue, 17 May 2011 11:04:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.658
X-Spam-Level:
X-Spam-Status: No, score=-101.658 tagged_above=-999 required=5 tests=[AWL=-0.689, BAYES_00=-2.599, SARE_PROLOSTOCK_SYM3=1.63, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZiqkQYR7akCs for <behave@ietfa.amsl.com>; Tue, 17 May 2011 11:04:01 -0700 (PDT)
Received: from qmta04.westchester.pa.mail.comcast.net (qmta04.westchester.pa.mail.comcast.net [76.96.62.40]) by ietfa.amsl.com (Postfix) with ESMTP id 3F5A9E06B0 for <behave@ietf.org>; Tue, 17 May 2011 11:04:01 -0700 (PDT)
Received: from omta17.westchester.pa.mail.comcast.net ([76.96.62.89]) by qmta04.westchester.pa.mail.comcast.net with comcast id khw51g00B1vXlb854i40YW; Tue, 17 May 2011 18:04:00 +0000
Received: from davidPC ([67.189.235.106]) by omta17.westchester.pa.mail.comcast.net with comcast id ki3z1g0062JQnJT3di40ja; Tue, 17 May 2011 18:04:00 +0000
From: David Harrington <ietfdbh@comcast.net>
To: behave@ietf.org, draft-ietf-behave-ftp64@tools.ietf.org, behave-chairs@tools.ietf.org
Date: Tue, 17 May 2011 14:03:44 -0400
Message-ID: <3A4AC3EA076C4B6389C5E6F31CD9A16E@davidPC>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MIMEOLE: Produced By Microsoft MimeOLE V6.1.7600.16776
Thread-Index: AcwUvMMFrYSWNSWpQUip9+I5PSK5+g==
Subject: [BEHAVE] AD review: draft-ietf-behave-ftp64-09
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2011 18:04:02 -0000
Hi, I reviewed draft-ietf-behave-ftp64 and have a few questions. Overall I think the document looks to be in good shape. I spotted a few things that might cause IESG approval to be delayed, and had a couple questions because I am not an expert in the content. Some text modifications might make things clearer. 1) should security considerations discuss trust between client-alg and alg- server? I assume TLS cannot be used end-to-end for FTP, but must be hop-to-hop client-to-alg, and alg-to-server. Assuming different credentials apply, the secuirty association must be established between the client and the alg, not client-server, and the security association must be established between the alg and server, not client-server. I would also assume that how this is accomplished depends on whether active or passive mode is being used to establish connections. The text as written might already already say that only passive mode is used in the presence of TLS protection, but I'm not sure that is what the text says. This might be made clearer. 2) section 4 "As such, an ALG used with a stateful translator MUST support EPSV and MAY support EPRT. However, an ALG used with a stateless translator SHOULD also support EPRT. " Is there a requirement regarding stateless and EPSV? 3) in section 9, "Implementations SHOULD NOT try to detect the situation where both PASV and PORT commands are issued prior to a command that initiates a transfer, but rather, apply the same translation they would have if there had not been a PASV command prior to a PORT command or a PORT command prior to a PASV command. " I find this a bit ambiguous. Is it expected that the translation they would have done be based on having received only the second command (as if the first had not been received), or based on not having received either? 4) should the NOOP in section 12 be reflected in the ABNF algs-command ? 5) draft-liu-ftp64-extensions should be updated to draft-ietf-ftpext2-ftp64 during subsequent processing. 6) The normative reference to ftpext2 work could cause this document to be held up in processing. is there a way to eliminate this reference? Can an implementation "support EPSV successfully" without this ftpext2 extension? The text isn't clear that "successfully" means requiring support for an IPv4-IPv6 translation environment; that is only implied by the choice of reference [2428] vs [ftpext2]. Thanks, David Harrington Director, IETF Transport Area ietfdbh@comcast.net (preferred for ietf) dbharrington@huaweisymantec.com +1 603 828 1401 (cell)
- [BEHAVE] AD review: draft-ietf-behave-ftp64-09 David Harrington
- Re: [BEHAVE] AD review: draft-ietf-behave-ftp64-09 Iljitsch van Beijnum
- Re: [BEHAVE] AD review: draft-ietf-behave-ftp64-09 Iljitsch van Beijnum