[CDNi] Éric Vyncke's Abstain on draft-ietf-cdni-uri-signing-24: (with COMMENT)
Éric Vyncke via Datatracker <noreply@ietf.org> Mon, 03 January 2022 12:50 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: cdni@ietf.org
Delivered-To: cdni@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A59B3A0029; Mon, 3 Jan 2022 04:50:26 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Éric Vyncke via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-cdni-uri-signing@ietf.org, cdni-chairs@ietf.org, cdni@ietf.org, kevin.j.ma@ericsson.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.41.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Éric Vyncke <evyncke@cisco.com>
Message-ID: <164121422588.17933.9304319813134930700@ietfa.amsl.com>
Date: Mon, 03 Jan 2022 04:50:26 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/cdni/ldUutKEDrCj83ULpTAXv0-A8wMI>
Subject: [CDNi] Éric Vyncke's Abstain on draft-ietf-cdni-uri-signing-24: (with COMMENT)
X-BeenThere: cdni@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "This list is to discuss issues associated with the Interconnection of Content Delivery Networks \(CDNs\)" <cdni.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cdni>, <mailto:cdni-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cdni/>
List-Post: <mailto:cdni@ietf.org>
List-Help: <mailto:cdni-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cdni>, <mailto:cdni-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jan 2022 12:50:27 -0000
Éric Vyncke has entered the following ballot position for draft-ietf-cdni-uri-signing-24: Abstain When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/blog/handling-iesg-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-cdni-uri-signing/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you for fixing all my previous COMMENTs in the -22 revision and addressing parts of my previous DISCUSS by using “NOT RECOMMENDED” in section 2.1.10 in the -24 revision. I am afraid that I still do not see the value of having cdniip in this document, but, as I do not want to block this document, I am balloting ABSTAIN. The section 7 (security considerations) is still very light on the IP address sharing. I would welcome some applicability statements on the use of cdniip. -éric == DISCUSS (kept for archive) == -- Section 2.1.10 -- About "Client IP (cdniip) claim", I really wonder whether this could be used in real life as some IPv4 Carrier-Grade NAT (CGN) have a large pool of "public" IPv4 addresses that could select different public IPv4 addresses if badly designed. How will it work with dual-stack UAs where some connections could be over IPv4 and some over IPv6 ? Now to mention a dual-home (Wi-Fi & mobile data) UA ? Or what if the dCDN is between the UA and the CGN (assuming that the uCDN or CSP are upstream of the CGN) ? Also, "If the received signed JWT contains a Client IP claim" uses singular rather than "one or several" I also noted that Section 7 (security considerations) puts some restrictions on the usefulness of cdniip. I would welcome some applicability statements on the use of cdniip.
- [CDNi] Éric Vyncke's Abstain on draft-ietf-cdni-u… Éric Vyncke via Datatracker