IETF Logo Mail Archive

Re: [CDNi] Early AD review of draft-ietf-cdni-metadata-18

Kevin Ma J <kevin.j.ma@ericsson.com> Mon, 13 June 2016 21:01 UTC

Return-Path: <kevin.j.ma@ericsson.com>
X-Original-To: cdni@ietfa.amsl.com
Delivered-To: cdni@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1853012DA23 for <cdni@ietfa.amsl.com>; Mon, 13 Jun 2016 14:01:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T7RX1fO4V0_1 for <cdni@ietfa.amsl.com>; Mon, 13 Jun 2016 14:01:09 -0700 (PDT)
Received: from usplmg20.ericsson.net (usplmg20.ericsson.net [198.24.6.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 126ED12DA20 for <cdni@ietf.org>; Mon, 13 Jun 2016 14:01:09 -0700 (PDT)
X-AuditID: c618062d-f79886d000002334-59-575f158ebb4a
Received: from EUSAAHC005.ericsson.se (Unknown_Domain [147.117.188.87]) by usplmg20.ericsson.net (Symantec Mail Security) with SMTP id 39.EE.09012.E851F575; Mon, 13 Jun 2016 22:20:31 +0200 (CEST)
Received: from EUSAAMB103.ericsson.se ([147.117.188.120]) by EUSAAHC005.ericsson.se ([147.117.188.87]) with mapi id 14.03.0294.000; Mon, 13 Jun 2016 17:01:07 -0400
From: Kevin Ma J <kevin.j.ma@ericsson.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>, "cdni@ietf.org" <cdni@ietf.org>
Thread-Topic: [CDNi] Early AD review of draft-ietf-cdni-metadata-18
Thread-Index: AQHRxXKTDE1Cgkb4nEmGuN8N4i4y4p/n4rTg
Date: Mon, 13 Jun 2016 21:01:05 +0000
Message-ID: <A419F67F880AB2468214E154CB8A556206E14426@eusaamb103.ericsson.se>
References: <A419F67F880AB2468214E154CB8A556206DE1909@eusaamb103.ericsson.se> <1464861734.1246901.625717065.0912CC9E@webmail.messagingengine.com> <1465822376.2345831.636047169.2F7E30C4@webmail.messagingengine.com>
In-Reply-To: <1465822376.2345831.636047169.2F7E30C4@webmail.messagingengine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.12]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrILMWRmVeSWpSXmKPExsUyuXRPuG6/aHy4wcUprBb73x9isng6+w+r A5PHzlMH2DyWLPnJFMAUxWWTkpqTWZZapG+XwJXRc3obW8Ec2Yqdf1ayNDA+Euti5OSQEDCR +Pr/BROELSZx4d56ti5GLg4hgaOMEg0L5jBBOMsZJdb9mc8KUsUmoCXx+OtfsA4RAV+J1Yv+ gcWFBZwkJqyYywwRd5bY2vKGDcI2knj08Q87iM0ioCpxdUovC4jNC9S76fZlqAU3GSWWr1wB NohTIEBi0vzPYAsYgU76fmoNmM0sIC5x68l8qFMFJJbsOc8MYYtKvHwMcYSEgJLEnNfXmCHq dSQW7P7EBmFrSyxb+JoZYrGgxMmZT1gmMIrOQjJ2FpKWWUhaZiFpWcDIsoqRo7S4ICc33chg EyMwIo5JsOnuYLw/3fMQowAHoxIPr8Li2HAh1sSy4srcQ4wSHMxKIrxzZeLDhXhTEiurUovy 44tKc1KLDzFKc7AoifOKPVIMFxJITyxJzU5NLUgtgskycXBKNTA6b969XfNK56MQl/CmiLic nHPWXex6sq/LtXbFme+Y3v9peUj9scjSRNXzr1Knt3t9Yv5xW5PxPPO3JWnBvmffh3mn+Bv/ L3YwUczfe3HeX1HOm0pzUyx+u27zUEm8kKsVayC+sIhla8ansn6nEGvHjZumFYl05S4TW/hI /FHLl+jeg20MD5RYijMSDbWYi4oTARv8FjCEAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/cdni/lOSZD3MZ-au2JV9dzi3VymQ5gnk>
Subject: Re: [CDNi] Early AD review of draft-ietf-cdni-metadata-18
X-BeenThere: cdni@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This list is to discuss issues associated with the Interconnection of Content Delivery Networks \(CDNs\)" <cdni.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cdni>, <mailto:cdni-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cdni/>
List-Post: <mailto:cdni@ietf.org>
List-Help: <mailto:cdni-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cdni>, <mailto:cdni-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jun 2016 21:01:13 -0000

Hi Alexey,

  We will address and upload a new diff.

thanx!

--  Kevin J. Ma

> -----Original Message-----
> From: CDNi [mailto:cdni-bounces@ietf.org] On Behalf Of Alexey Melnikov
> Sent: Monday, June 13, 2016 8:53 AM
> To: cdni@ietf.org
> Subject: [CDNi] Early AD review of draft-ietf-cdni-metadata-18
> 
> Thank you for addressing most of my concerns. Here is the updated list
> of issues:
> 
> In 4.1.2: hostname need to have defined syntax (at least by reference).
> You also need to say whether IDN domain names are
> allowed here.
> 
> In 6.1:
> 
>    The CDNI metadata interface specified in this document is a read-only
>    interface.  Therefore support for other HTTP methods such as PUT,
>    POST, DELETE, etc. is not specified.  A server implementation of the
>    CDNI metadata interface MUST reject all methods other than GET and
>    HEAD.
> 
> I think the change to the MUST is too strong and is a wrong thing to do,
> because that means that existing HTTP/1.1 software might have to be
> modified to
> support this specification.
> 
> So I would prefer that you either delete the last sentence or reword to
> say
> "doesn't have to support any methods other that ..."
> 
> In 8.3:
> 
>    An implementation of the CDNI metadata interface MUST use strong
>    encryption and mutual authentication to prevent undetectable
> 
> Encryption doesn't necessarily provide integrity of data, so I would
> change "strong encryption" to TLS.
> 
>    modification of metadata (see Section 8.5).
> 
> 
> On Thu, Jun 2, 2016, at 11:02 AM, Alexey Melnikov wrote:
> > In order to speed up publication of this draft, I decided to do early AD
> > review. Here are my comments. My apologies if they are a bit cryptic, if
> > you are unsure of what I meant, please ask!
> >
> > In 1.2: content can only be delivered using HTTP/1.1 and not HTTP/1.1
> > over TLS? Is last para saying that this is an unsolved problem (e.g.
> > LURK BOF solution is needed)?
> >
> > In 4.1.2: hostname and IP addresses need to have defined syntaxes (at
> > least by reference). You also need to say whether IDN domain names are
> > allowed here.
> >
> > In 4.1.5: does "case insensitive" only applies to ASCII range? I.e.,
> > encoded UTF-8 sequences in URIs are not affected.
> >
> > In 4.2.6: URI needs a Normative Reference (RFC 3986).
> >
> > In 4.3.7: need a reference to a document/registry defining ASNs.
> >
> > In 6.1: need a reference to HTTP/1.1 spec.
> >
> > Should OPTIONS method be allowed?
> >
> > In 6.2/6.3: Is discovery of the initial URI truly out of scope? You can
> > define a .well-known URI to allow bootstrapping.
> > If it is defined, is it likely to be used?
> >
> > In 7.3: Nit: HTTP/1.1 over TLS needs 2 references, not just one.
> >
> > In 7.4: I think I am sad that you haven't defined any initial
> > authentication mechanism. Has this been discussed in the WG?
> >
> > In 8.1, last para: a requirement to implement mutual authentication is
> > underspecified. Do you mean TLS mutual authentication? If yes, say so.
> > If other mechanisms can be used, say so as well.
> > If you meant to reference 8.5 here, please do so.
> >
> > Why is this only a SHOULD (and not a MUST)?
> >
> > In 8.2: similarly, how can the SHOULD be satisfied? Do you mean TLS or
> > something else? Reference 8.5?
> >
> > In 8.3: similar issue.
> >
> > Also encryption doesn't necessarily provide integrity of data, so the
> > last sentence sounds wrong.
> >
> > In 8.4: similar issue.
> 
> _______________________________________________
> CDNi mailing list
> CDNi@ietf.org
> https://www.ietf.org/mailman/listinfo/cdni

v2.23.0 | Report a Bug | By Email