Re: [core] Roman Danyliw's No Objection on draft-ietf-core-problem-details-05: (with COMMENT)
Carsten Bormann <cabo@tzi.org> Wed, 15 June 2022 19:10 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65135C14792A; Wed, 15 Jun 2022 12:10:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id az2fuUUSzMX1; Wed, 15 Jun 2022 12:10:21 -0700 (PDT)
Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [134.102.50.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14484C147920; Wed, 15 Jun 2022 12:10:19 -0700 (PDT)
Received: from [192.168.217.118] (p5089ad4f.dip0.t-ipconnect.de [80.137.173.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4LNZd41p7BzDCcK; Wed, 15 Jun 2022 21:10:16 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <165513223021.44965.4177713572638466069@ietfa.amsl.com>
Date: Wed, 15 Jun 2022 21:10:15 +0200
Cc: The IESG <iesg@ietf.org>, draft-ietf-core-problem-details@ietf.org, core-chairs@ietf.org, core@ietf.org, jaime@iki.fi
X-Mao-Original-Outgoing-Id: 677013015.62464-46a8774240d022aa1efa9ce1212d9d66
Content-Transfer-Encoding: quoted-printable
Message-Id: <167785C9-4E24-4D89-A890-F6B628207D73@tzi.org>
References: <165513223021.44965.4177713572638466069@ietfa.amsl.com>
To: Roman Danyliw <rdd@cert.org>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/8PnnwIPgFyf9catssau3FnaggmE>
Subject: Re: [core] Roman Danyliw's No Objection on draft-ietf-core-problem-details-05: (with COMMENT)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2022 19:10:25 -0000
Hi Roman, thank you for this review. All the changes mentioned below are part of https://github.com/core-wg/core-problem-details/pull/35 — an editor’s copy is at https://core-wg.github.io/core-problem-details/rd-comments/draft-ietf-core-problem-details.html . Grüße, Carsten > On 2022-06-13, at 16:57, Roman Danyliw via Datatracker <noreply@ietf.org> wrote: > > Roman Danyliw has entered the following ballot position for > draft-ietf-core-problem-details-05: No Objection > […] > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-core-problem-details/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > ** Section 1. > It is designed to be reused by REST > APIs, which can identify distinct shapes of these data items specific > to their needs. > > I don’t understand the notion of “identif[ing] distinct shapes.” Section 2 > uses the terminology again. The term “shape” is often used to describe the structure of a data item used in interchange. E.g., there is a 2017 W3C recommendation for a “Shapes Constraint Language (SHACL)”. The English language sense of this term should suffice until we define “problem shape” (see below). > > ** Section 2. This section is called “Basic Problem Details”. Is that > something different than “Concise Problem Details” Good point. Section 2 defines both the overall structure of Concise Problem Details data items and the most important, predefined Standard Problem Detail entries, so it is juxtaposed against Section 3, Extending Concise Problem Details. We could call it “Structure of and basic entries in Concise Problem Details”? This gets a bit unwieldy. > ** Section 2. > It SHOULD > NOT change from occurrence to occurrence of the same problem > shape. > > Is this guidance saying that things shouldn’t change on a per application > basis, or something else? As an aside, some comment on a “problem shape.” We changed this text from -04 to -05, see https://www.ietf.org/archive/id/draft-ietf-core-problem-details-05.html#section-2-5.2.1 We still would like to stick with the term “problem shape”, which is explained in https://core-wg.github.io/core-problem-details/draft-ietf-core-problem-details.html#section-2-4 — it seems that this concept can be unfamiliar to many so it may require more text. > ** Section 2. > > The "detail" member, if present, ought to focus on helping the client > correct the problem, rather than giving debugging information. > > What is the difference between providing enough information to “correct the > problem” vs. providing debugging information? Debugging information is meant here in terms of details of the server side operation. We could say that. Changed that to …”rather than giving extensive server-side debugging information”. > > ** Section 2. Thank you for adding the base-lang to -05. I was using -04 as > the basis of my review and was going to mention BCP 18. Should text be added > to say that the base-lang and base-rtl are ignored if tag38 strings are used? We think we already say this ("presentation of unadorned text strings”, “Language tag and writing direction information for unadorned text strings …”), but the negative could be more explicit; we added “not using tag 38”. > ** Section 3.2 > Note that the URI given for the extension is for identification > purposes only and, even if dereferenceable in principle, it MUST NOT > be dereferenced in the normal course of handling problem details > (i.e., outside diagnostic/debugging procedures involving humans). > > Thank you for adding this text. Consider clarifying the impact of this > dereferencing by explaining that this could become a tracking mechanism. Added a paragraph in the Security Considerations. > ** Section 4. Given the instance and base-uri fields, and the flexibility in > the extensions, it seems that there is a possibility this format to introduce > URLs that could be dereferenced. The standard cautions of Section 7 of RFC3986 > would seem to apply if the client would follow them. Added a reference to Section 7 of RFC 3986 to the Security Considerations.
- [core] Roman Danyliw's No Objection on draft-ietf… Roman Danyliw via Datatracker
- Re: [core] Roman Danyliw's No Objection on draft-… Carsten Bormann