Re: [Cbor] [Gen-art] Genart last call review of draft-ietf-cbor-cddl-control-05

Lars Eggert <lars@eggert.org> Mon, 18 October 2021 11:00 UTC

Return-Path: <lars@eggert.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4E953A0BE0; Mon, 18 Oct 2021 04:00:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, WEIRD_QUOTING=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eggert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id elFUy_oEZ9B9; Mon, 18 Oct 2021 04:00:07 -0700 (PDT)
Received: from mail.eggert.org (mail.eggert.org [91.190.195.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0719D3A0BDF; Mon, 18 Oct 2021 04:00:03 -0700 (PDT)
Received: from smtpclient.apple (unknown [IPv6:2a00:ac00:4000:400:f59e:182:f628:e27f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.eggert.org (Postfix) with ESMTPSA id DD1B8600C9E; Mon, 18 Oct 2021 13:59:50 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=eggert.org; s=dkim; t=1634554791; bh=hvKSjt56R5xl/oRvFqxp5PCDTM1VdyrALP00bPRwMJI=; h=From:Subject:Date:In-Reply-To:Cc:To:References; b=nx85VF3HgOA+R426WPYHo7zCyMCql6wBNgdWkyQyJ44SGm7vGD3GJmrIPb96pfrvJ orRe9bM8OvhF9l/BcyaKCt2t8dqTm6gvvf13KXZ9+33zz1OwtD/fegx6Xbg5lxch1B ZVtTJHRTktwHwje3D/vjND4KeIEIyBd/1beXfwRE=
From: Lars Eggert <lars@eggert.org>
Message-Id: <9C69C609-4351-479E-974F-634FFFB5D82A@eggert.org>
Content-Type: multipart/signed; boundary="Apple-Mail=_799C3B8A-5FB4-4CB8-88E8-A0A2CC855E2B"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Date: Mon, 18 Oct 2021 13:59:48 +0300
In-Reply-To: <163181597437.23922.16020691497893082297@ietfa.amsl.com>
Cc: General Area Review Team <gen-art@ietf.org>, cbor@ietf.org, draft-ietf-cbor-cddl-control.all@ietf.org, last-call@ietf.org
To: Theresa Enghardt <ietf@tenghardt.net>
References: <163181597437.23922.16020691497893082297@ietfa.amsl.com>
X-MailScanner-ID: DD1B8600C9E.A549E
X-MailScanner: Found to be clean
X-MailScanner-From: lars@eggert.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/eqGQCYWNzYF0Z8r8szEoD4L5Tak>
Subject: Re: [Cbor] [Gen-art] Genart last call review of draft-ietf-cbor-cddl-control-05
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Oct 2021 11:00:13 -0000

Theresa, thank you for your review. I have entered a No Objection ballot for this document.

Lars


> On 2021-9-16, at 21:12, Theresa Enghardt via Datatracker <noreply@ietf.org> wrote:
> 
> Reviewer: Theresa Enghardt
> Review result: Ready with Nits
> 
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair.  Please treat these comments just
> like any other last call comments.
> 
> For more information, please see the FAQ at
> 
> <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
> 
> Document: draft-ietf-cbor-cddl-control-05
> Reviewer: Theresa Enghardt
> Review Date: 2021-09-16
> IETF LC End Date: 2021-09-21
> IESG Telechat date: Not scheduled for a telechat
> 
> Summary: This document is fairly clear and concise, and basically ready for
> publication. I noticed a few minor issues and nits that could further enhance
> document clarity.
> 
> Major issues: None.
> 
> Minor issues:
> 
> Section 1:
> Please consider adding a brief description of what a control operator is, how
> it can be used, and what its components are.
> 
> .feature is described as "Detecting feature use in extension points"
> (introduction) VS "indicating the use of a non-basic feature in an instance"
> (abstract) - How can a control operator detect feature use, doesn't it merely
> indicate? If both of these descriptions are meant to conved the same meaning,
> please consider changing the "purpose" of .feature to something like "Name of a
> feature that is used", or, ideally, find a different word to capture what a
> feature is.
> 
> Section 2:
> "CDDL as defined in [RFC8610] does not have any mechanisms to compute
>   literals.  As an 80 % solution, this specification adds three control
>   operators"
> What are the missing 20%? Please consider briefly mentioning the limitations of
> the new operators.
> 
> "Not all tools may be able to work with non-unique targets or controllers."
> Here, "tool" refers to "CDDL tool" as used in RFC8610, correct? If so, please
> consider making all references to "tool" in this document more precise.
> 
> Section 2.3:
> Please consider adding the outcome of the .det operation in the example in
> Figure 3: The definition of dedenting includes "determining the smallest amount
> of left-most blank space (number of leading space characters) in all the
> non-blank lines". If I understand correctly, taking this definition literally,
> the operation ("oid" .det cbor-tags-oid) would result in no space being removed
> at all, because the string "oid" does not contain anly left-most blank spaces.
> But I suspect that the example is intended to show dedenting of the contents of
> the cbor-tags-oid variable. Perhaps I'm missing something about CDDL here that
> was discussed in RFC8610.
> 
> Section 7 (Security considerations):
> Can there be any additional security concerns if CDDL specifications can
> contain ABNF or "arbitrary" features? While this document obviously can't go
> into specifics, maybe it's worth calling out that one needs to pay specific
> attention if these control operators are used.
> 
> Nits/editorial comments:
> 
> Section 2.2
> "concatenating the target text string ""foo"""
> Is foo intended to be in two double quotes, or should there only be one pair of
> quotes?
> 
> Section 3
> "by defining a ".abnf" control operator"
> Should this say 'an ".abnf" control operator' instead?
> 
> 
> _______________________________________________
> Gen-art mailing list
> Gen-art@ietf.org
> https://www.ietf.org/mailman/listinfo/gen-art