Re: [CDNi] AD review of draft-ietf-cdni-uri-signing-19

Barry Leiba <barryleiba@computer.org> Fri, 22 January 2021 15:09 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: cdni@ietfa.amsl.com
Delivered-To: cdni@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FA903A12E7; Fri, 22 Jan 2021 07:09:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.403
X-Spam-Level:
X-Spam-Status: No, score=-1.403 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hWBc8fEwyGA8; Fri, 22 Jan 2021 07:09:18 -0800 (PST)
Received: from mail-lj1-f172.google.com (mail-lj1-f172.google.com [209.85.208.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C00A03A12FD; Fri, 22 Jan 2021 07:09:17 -0800 (PST)
Received: by mail-lj1-f172.google.com with SMTP id l12so4344522ljc.3; Fri, 22 Jan 2021 07:09:17 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=YR4BUhSwZ0cqlHorteB1mRN/+oVR9L4EOVMonJdT8Zg=; b=Q2hKNyYdUAQSngUaGi44al6R8QyUoDiL6j06M3z1K6tG9n1ic98y7vCbWE1Khr/3It vHXdyXaeCvHKlJTS96wVeIx3hSqLmYdEB5bekXpqVfznGf9u9IqmZ2BKm6yt92aTP0+r nnoE+5b9ESuu/5ei7+BJIzvjCRm3n+eIlem12rh1fagLZM0SYdqHDbiPn3anTITGPE8j ufWbVcSgnSAnr6SDTW8LGE2iIW+xjcLbJTZxRWmd6jyQ0OirRC/ESdWLufAi3uXHGIsh /c7qw4lb2EjN6AsZJ6+cFM822869RgoW3haJLNBtn+WUi2n78wUhvcKmnq11d1yfKtaW 5i5w==
X-Gm-Message-State: AOAM531bMhNoluu3g2zFP8a7XVqoUxJGSU6KvkEIGoI729kRZZSuoGbt kmAeMH0kIZYt0JrRO34x2x6mISDZvgX7OD+/OfM=
X-Google-Smtp-Source: ABdhPJzpW+M3bR4oR4A2/CWUKdDZbmLNsf2rjdzcLVB2JksMijfgdFcx/SwTrF6RijrpvMoeZV1zX8QX8JTKW9e2jtw=
X-Received: by 2002:a2e:b047:: with SMTP id d7mr39629ljl.467.1611328155707; Fri, 22 Jan 2021 07:09:15 -0800 (PST)
MIME-Version: 1.0
References: <CALaySJJkZiRYx16cUYDtD2LU+3qAKMtMB_qY7cwkpQnWMnVMpg@mail.gmail.com> <CABF6JR3fJ8qiCwiv-5br9bepUQAsh4_x3ae8Z0oMA5SBgfa4CQ@mail.gmail.com>
In-Reply-To: <CABF6JR3fJ8qiCwiv-5br9bepUQAsh4_x3ae8Z0oMA5SBgfa4CQ@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
Date: Fri, 22 Jan 2021 10:09:04 -0500
Message-ID: <CALaySJ+qHBXVsK-BPu2vySDSP+Kqa_tTLrUr4RvuuCqWZd5Tzg@mail.gmail.com>
To: Phil Sorber <sorber@apache.org>
Cc: "draft-ietf-cdni-uri-signing.all@ietf.org" <draft-ietf-cdni-uri-signing.all@ietf.org>, "<cdni@ietf.org>" <cdni@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/cdni/0ePcb3RMfLL0V_N8woFu_yLWQw8>
Subject: Re: [CDNi] AD review of draft-ietf-cdni-uri-signing-19
X-BeenThere: cdni@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This list is to discuss issues associated with the Interconnection of Content Delivery Networks \(CDNs\)" <cdni.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cdni>, <mailto:cdni-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cdni/>
List-Post: <mailto:cdni@ietf.org>
List-Help: <mailto:cdni-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cdni>, <mailto:cdni-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jan 2021 15:09:19 -0000

Hi, Phil, and thanks for getting this reply out.

> Let's iterate there and I will submit an updated draft once you are
> satisfied with the changes.

Makes sense.

> > — Section 2 —
> >
> >    HTTP or HTTPS URI [RFC7230] (Section 2.7).
> >
> > This is a quirk of the tools and not a fault in the draft, but this
> > results in the html version having a clickable link to RFC 7230, and then
> > another clickable link to Section 2.7 of this document (which, of course,
> > isn’t there).  I think if you change this to “HTTP or HTTPS URI (see
> > [RFC7230] Section 2.7)” the generated link will work better.
>
> I made this change but not sure if it had the intended effect. Please
> confirm.

It's a small thing, so let's not sweat it, but I can't check it until
the new draft is posted and HTML-ized.  Let's assume it'll have the
intended effect, and if it doesn't we'll let the RFC Editor deal with
it.

> > — Section 2.1.15 —
> >
> >    The URI Container (cdniuc) claim takes one of the following forms
> >
> > This is the only claim definition that doesn’t say “[optional]”.  Should
> > it?
> >
>
> I see it as optional in the latest published version of the draft already.
> Was there another claim you were meaning instead?

No, this was my mis-reading: cdniuc is actually defined in 2.1.11, and
it is labelled correctly there.  It's not labelled as "[optional]"
here in 2.1.15, but it shouldn't be.  Never mind.

> > — Section 6.7 —
> > Thanks for including advice to the experts.
> >
> >    Expert Reviewers should be empowered to pass judgements
> >    as they see fit
> >
> > This is very vague and, to me, implies more capriciousness than I think
> > you really intend.  Can you come up with another way to word this that
> > gives a bit more guidance?  What sorts of judgments are they likely to make?
> >
>
> This one I agree with you on, but I struggled in adding it. I made some
> changes, but more guidance is welcome.

Let's call this one resolved also; thanks.

So I think your updated version should be ready to post as -20.  Please do!

Barry