[CDNi] Éric Vyncke's Discuss on draft-ietf-cdni-uri-signing-22: (with DISCUSS)
Éric Vyncke via Datatracker <noreply@ietf.org> Mon, 15 November 2021 12:56 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: cdni@ietf.org
Delivered-To: cdni@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E32C3A0AB1; Mon, 15 Nov 2021 04:56:16 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Éric Vyncke via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-cdni-uri-signing@ietf.org, cdni-chairs@ietf.org, cdni@ietf.org, kevin.j.ma@ericsson.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.39.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Éric Vyncke <evyncke@cisco.com>
Message-ID: <163698097601.25884.10279368995590596035@ietfa.amsl.com>
Date: Mon, 15 Nov 2021 04:56:16 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/cdni/iuxxQ_n7YhdqUcQQ02PxCT-TDQ4>
Subject: [CDNi] Éric Vyncke's Discuss on draft-ietf-cdni-uri-signing-22: (with DISCUSS)
X-BeenThere: cdni@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "This list is to discuss issues associated with the Interconnection of Content Delivery Networks \(CDNs\)" <cdni.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cdni>, <mailto:cdni-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cdni/>
List-Post: <mailto:cdni@ietf.org>
List-Help: <mailto:cdni-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cdni>, <mailto:cdni-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Nov 2021 12:56:16 -0000
Éric Vyncke has entered the following ballot position for draft-ietf-cdni-uri-signing-22: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-cdni-uri-signing/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thank you for the work put into this document. Thank you for fixing all my previous COMMENTs in the -22 revision. I am afraid that I need to keep my DISCUSS about the cdniip even with the addition of a paragraph at the end of section 2.1.10... This paragraph ressembles to an application statement but it it really light. Why did the authors select not to use RFC 8174 normative language “NOT RECOMMENDED” ? The section 7 (security considerations) is still very light on the IP address sharing. -éric == DISCUSS == -- Section 2.1.10 -- About "Client IP (cdniip) claim", I really wonder whether this could be used in real life as some IPv4 Carrier-Grade NAT (CGN) have a large pool of "public" IPv4 addresses that could select different public IPv4 addresses if badly designed. How will it work with dual-stack UAs where some connections could be over IPv4 and some over IPv6 ? Now to mention a dual-home (Wi-Fi & mobile data) UA ? Or what if the dCDN is between the UA and the CGN (assuming that the uCDN or CSP are upstream of the CGN) ? Also, "If the received signed JWT contains a Client IP claim" uses singular rather than "one or several" I also noted that Section 7 (security considerations) puts some restrictions on the usefulness of cdniip. I would welcome some applicability statements on the use of cdniip.
- [CDNi] Éric Vyncke's Discuss on draft-ietf-cdni-u… Éric Vyncke via Datatracker
- Re: [CDNi] Éric Vyncke's Discuss on draft-ietf-cd… Andrew Ryan