[bfcpbis] Comments on draft-ietf-bfcpbis-rfc4582bis-13
"Ben Campbell" <ben@nostrum.com> Tue, 03 March 2015 03:24 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: bfcpbis@ietfa.amsl.com
Delivered-To: bfcpbis@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6352F1A026A for <bfcpbis@ietfa.amsl.com>; Mon, 2 Mar 2015 19:24:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c_hfmLXAR29p for <bfcpbis@ietfa.amsl.com>; Mon, 2 Mar 2015 19:24:10 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 779411A020A for <bfcpbis@ietf.org>; Mon, 2 Mar 2015 19:24:10 -0800 (PST)
Received: from [10.0.1.23] (cpe-173-172-146-58.tx.res.rr.com [173.172.146.58]) (authenticated bits=0) by nostrum.com (8.15.1/8.14.9) with ESMTPSA id t233NxdF089940 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 2 Mar 2015 21:24:09 -0600 (CST) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host cpe-173-172-146-58.tx.res.rr.com [173.172.146.58] claimed to be [10.0.1.23]
From: Ben Campbell <ben@nostrum.com>
To: "draft-ietf-bfcpbis-rfc4582bis.all@tools.ietf.org" <draft-ietf-bfcpbis-rfc4582bis.authors@tools.ietf.org>
Date: Mon, 02 Mar 2015 21:23:58 -0600
Message-ID: <8B1B0603-B1DE-4A68-B196-19BE90F600DB@nostrum.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9r5066)
Archived-At: <http://mailarchive.ietf.org/arch/msg/bfcpbis/1kItsZkYfimoANJCcJg08GeYoLQ>
X-Mailman-Approved-At: Tue, 03 Mar 2015 06:21:48 -0800
Cc: Richard Barnes <rlb@ipv.sx>, bfcpbis@ietf.org
Subject: [bfcpbis] Comments on draft-ietf-bfcpbis-rfc4582bis-13
X-BeenThere: bfcpbis@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BFCPBIS working group discussion list <bfcpbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/bfcpbis/>
List-Post: <mailto:bfcpbis@ietf.org>
List-Help: <mailto:bfcpbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bfcpbis>, <mailto:bfcpbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Mar 2015 03:24:12 -0000
(no hats—please treat as any other IETF last call feedback) Hi, Here are some comments on draft-ietf-bfcpbis-rfc4582bis-13. I've divided them into substantive and editorial comments. I've tried to limit comments to the actual "bis" parts, but I don't know how successful I've been at that. Thanks! Ben. *** substantive comments *** — 5.1, "ver" Am I correct that the guidance for receiving an unsupported version applies when you get the wrong version for the transport? (even if you might have supported that version on a different transport?) If so, it would be good to mention that. Also it would be nice to elaborate a bit more on the case of a device only supporting 4582. Given that you aren't allowed to send version 1 over UDP, how would this ever be an issue? Are you worried about early UDP implementations that still use version 1? If so, that would be worth a note. — 5.1, payload length: How is a TCP recipient expected to know a payload length was wrong? (Other than the parser failing on the next message?) Also, in the "note", what is the "message size" for a fragmented message over UDP? Is it the size of a fragment, or the size of the message before fragmentation plus the additional common headers? In either case, the REQUIRED part seems more a statement of fact (i.e. you mathematically can't express a size that won't fit) than a normative requirement. 5.3.11: It seems like "Hello" does quite a bit more than liveness checks. (e.g., establishing the connection for UDP, capabilities query). Also, if Hello is used for liveness checks, I missed any discussion about the procedures for using it for that purpose. (Note that 6.2.4 says to use STUN for liveness checks for non-reliable transports.) -- 6.2.1: Is this section only applicable to non-reliable transports? Also, the bit about only sending one message until you get an ack is not quite true even for UDP if you consider fragmented messages. -- 6.2.1, last paragraph: Can you elaborate on what it means to say the "default MUST be" a certain value? Do you mean an implementation MUST use that for a default if no other value is selected? Or is this more a statement of fact (the default value _is_...)? -- 6.2.3, paragraph 5: "The Fragment Offset field denotes the number of bytes..." The definition said the unit was 4-octet units. -- 8: If a request times out completely on a non-reliable transport, does that impact the state of the "bfcp connection"? -- 9.1: The text mentions sending self-signed certs or fingerprints in an "initial integrity protected channel". I assume that means the signaling protocol? The language does not seem to allow for a CA issued certs validated with PKI techniques. Is that the intent? If so, can they be mixed and matched? (i.e. a self-signed client cert and a CA issued server cert?) 13.1.1, last paragraph: What if the Ack is never received? What if it is received after T2 expires? (In the latter case, does the device need to be prepared to receive an Ack for which it no longer has transaction state?) 13.7, paragraph 2: Is the normative requirement to send an error 12 if you don't support the version redundant with similar normative language in the definition of "ver"? -- section 14, last sentence: I think you mean to require the use of encryption if TLS/DTLS is used, but the language can be read to globally require TLS/DTLS, which is not consistent with guidance elsewhere. -- Appendix A: For non-reliable transports, do both endpoints share a transaction ID sequence, or does each end keep it's own independent sequence? I would have guessed the latter, but in step 5 of the example, the server originated transaction has a transaction ID that is one higher than the latest value sent by the client. -- Note following Figure 48: "... does not and SHOULD not" That's an odd construction. Do you mean a statement of fact, or a normative requirement? If the latter, why is this a SHOULD and not a MUST? Can you imagine a situation where it might be valid for the client to ack the initial FloorRequestStatus message? *** editorial comments *** — section 3, 1st paragraph: The bis version considers new requirements beyond those mentioned, doesn't it? (e.g., UDP support?) It would be nice to mention that here. — 4.1, paragraph 7: I'm a bit surprised to see the unreliable transport message flows buried in an appendix. Aren't those the whole point of the update? — 5.1, Res: The phrase "At this point," doesn't seem to add anything, and may confuse readers. —5.2, "M" bit: The phrase "In all other cases,..." is a little ambiguous. I assume you mean "Attributes specified in future extensions that do not have the "M" bit set..."
- [bfcpbis] Comments on draft-ietf-bfcpbis-rfc4582b… Ben Campbell
- Re: [bfcpbis] Comments on draft-ietf-bfcpbis-rfc4… Paul E. Jones
- Re: [bfcpbis] Comments on draft-ietf-bfcpbis-rfc4… Charles Eckel (eckelcu)