Re: [core] Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with DISCUSS and COMMENT)
Ari Keränen <ari.keranen@ericsson.com> Wed, 06 November 2019 20:43 UTC
Return-Path: <ari.keranen@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E95251200FE; Wed, 6 Nov 2019 12:43:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uYtNZqJLap4n; Wed, 6 Nov 2019 12:43:44 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60086.outbound.protection.outlook.com [40.107.6.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D81E1200F4; Wed, 6 Nov 2019 12:43:44 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SFG3KMrHf8F5XH3AcVlPz3+YR1tyjZ91q5DIJMpff8NALsToifhZI1o7eXnyvJ51AXyrVAQ1caAo383gumrTaQOdgARBSmktNpqpcw6FXTHmLem1PEP9kXZ9oyeVYBG/NFOqCGGTY7YDLKlEBPdzLbRKfU0sWCMPqljE+yrMYv2mQPh+oMMF1HTA9eVWRTOpUhZmRPAfFNSNV9q+GZuEenV3Q7OJ+QfIsOGyL7YrZ9E+Y5hlh+LRrKNX7BhLW6ydZLpmUrGELrUMS/VQsnWBvOr3+ZCfz93A+TqPJfs+SS+knxqeOjt+PSjG6UOBdDzENYKxOYgFLnWyIO5Aa2XwpQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sVJloX96+0XJ5k5EEwMTjDphyIi7OK7l3FhssiHMRGM=; b=UaTLFGdAy4U/fBd2XXBRuZaihCmXM6XMTpytNtnhgkpEg9UTMiDun5J6FZtrTFij8oBG9CpddOABp2LttUiOeCUPiIN3NjgSszoP1CwUrSCHZiWTLD3GYLYxMRt++f3WcYJ2fW5fQsq8C+jR2Uo61HrdSh2UNT0cm7PCQk0x6EjhQeEyeqL5HuhXD6kVKmhi/Vypf4qIb1QmeGi3+wV9KT5aaZclC0zRvSj7faCH0ljiG77f4IfrBgIZnu6dw0a0SPFRHM7mzWCuCXoRev/Cirw4Hy8tziQjEhw7f9XZIwABEcqbpzQ9cbgTml0H/qNFyGwauQAmz2hecVpjRP9nCw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sVJloX96+0XJ5k5EEwMTjDphyIi7OK7l3FhssiHMRGM=; b=CHRPQLo/SKIWXEbKwNvDAksjswfrdgBIydThMTOsT+tC/regr5zz30YqZvexfYZlU5mwPfRUaUEYvPyoUpfKs87aUA/1A0jd0Xq4Ya6I5IZSPUOQIZtbBY6m+F8Nn/BEsbJppAcR+EDk7WuLUcLmY5H6OMu+Mo/MjagJJNzGxCw=
Received: from VI1PR07MB4238.eurprd07.prod.outlook.com (20.176.6.10) by VI1PR07MB5741.eurprd07.prod.outlook.com (20.177.203.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.16; Wed, 6 Nov 2019 20:43:42 +0000
Received: from VI1PR07MB4238.eurprd07.prod.outlook.com ([fe80::4d7a:2832:2938:f3a1]) by VI1PR07MB4238.eurprd07.prod.outlook.com ([fe80::4d7a:2832:2938:f3a1%4]) with mapi id 15.20.2430.014; Wed, 6 Nov 2019 20:43:42 +0000
From: Ari Keränen <ari.keranen@ericsson.com>
To: Roman Danyliw <rdd@cert.org>
CC: The IESG <iesg@ietf.org>, "draft-ietf-core-senml-etch@ietf.org" <draft-ietf-core-senml-etch@ietf.org>, Carsten Bormann <cabo@tzi.org>, "core-chairs@ietf.org" <core-chairs@ietf.org>, "core@ietf.org" <core@ietf.org>
Thread-Topic: Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with DISCUSS and COMMENT)
Thread-Index: AQHVY1D7tA+HnVveGEq7E6ao1Arl6qd6Td4AgAMOK4CAAaImAA==
Date: Wed, 06 Nov 2019 20:43:41 +0000
Message-ID: <21FDEC63-949F-4306-9607-9B6FC5FF5650@ericsson.com>
References: <359EC4B99E040048A7131E0F4E113AFC01E709761F@marchand>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1d.0.190908
authentication-results: spf=none (sender IP is ) smtp.mailfrom=ari.keranen@ericsson.com;
x-originating-ip: [2001:14bb:150:480b:e497:74d6:5b54:49b3]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fa332163-3221-496a-4054-08d762fa0299
x-ms-traffictypediagnostic: VI1PR07MB5741:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <VI1PR07MB5741946FC52693ABB696102085790@VI1PR07MB5741.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 02135EB356
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(39860400002)(396003)(136003)(366004)(189003)(199004)(13464003)(51914003)(446003)(58126008)(478600001)(66476007)(256004)(316002)(66574012)(85202003)(33656002)(36756003)(71190400001)(6506007)(71200400001)(99286004)(53546011)(6486002)(86362001)(14444005)(186003)(8936002)(6246003)(81156014)(81166006)(2906002)(102836004)(76176011)(486006)(476003)(966005)(6512007)(46003)(8676002)(54906003)(4326008)(14454004)(7736002)(6116002)(305945005)(6916009)(2616005)(85182001)(6436002)(5660300002)(6306002)(91956017)(76116006)(66946007)(64756008)(25786009)(66446008)(66556008)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR07MB5741; H:VI1PR07MB4238.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: IBFxyuoiv87FQtjMidYKaEKfN4apRMoBZJLR5LMDIDTlhFj1xiTxBJOyLaZO+ShdCu2Z0No35UXCeUN/5dvUwO6i2uHUetu4XAsSLY0CWxzvP9CVFnpPYP36/gaoZAB2QF/1z0x26kkGSk4yOi482YnfCs6+E1IHGHp75rskxE66ctSHQ9qYabFqSgk5Ly8jS8tM1nF0nuR9R4TNb/pMEGcLDasJtCOu8BTyDB0nC+AeC39Qhc9/xEz6Cd+Akww6MqAgHTmmiFisiOouUEQwnBSml+X5mWtz7sR7sqB5oFCFNlGT7L2eXBpOvKtJhk+Dg4K5YMJco2hsqLZo0hXPoKKodGEymy56O9XvdqV0zgXsYUqwLd/Bd34h7WhxtgoouojP3tSkVaP31tlqG0ksBdM/G1wH6Oi/hCR/3me2BNrFRV6RRYUTPqX+VSuoPmbI/XV+1HoLbOZP/O9hWSa9bo5akzBmo4W1gKyXOwhy+Ao=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <9C42486A4954BB47B7F742542EB5E89F@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fa332163-3221-496a-4054-08d762fa0299
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2019 20:43:41.9849 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: FpH96sIrrLhT5RLYd1qYYKou9xmvP57x67cm67vdbxCRVYHVeaZiBemVH2BUQySnKRyA2O5O4fYH3dX5X4CWBiUf2oIfQBiaOWqX4k6zzsM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB5741
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/OHjbxmjlHBIW6EVHYYZ2v-zBp8U>
Subject: Re: [core] Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with DISCUSS and COMMENT)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 20:43:48 -0000
Thank you Roman! I merged now PR 13 so that it will be part of the next draft version. We'll still take a closer look at #14. Cheers, Ari > On 5. Nov 2019, at 21.44, Roman Danyliw <rdd@cert.org> wrote: > > Hi Ari! > > Thanks for the pull requests and explanations below. My DISCUSS and COMMENTs are addressed by PR #13 and #14. Details inline ... > >> -----Original Message----- >> From: Ari Keränen <ari.keranen@ericsson.com> >> Sent: Sunday, November 03, 2019 6:04 PM >> To: Roman Danyliw <rdd@cert.org>; The IESG <iesg@ietf.org> >> Cc: draft-ietf-core-senml-etch@ietf.org; Carsten Bormann <cabo@tzi.org>; >> core-chairs@ietf.org; core@ietf.org >> Subject: Re: Roman Danyliw's Discuss on draft-ietf-core-senml-etch-05: (with >> DISCUSS and COMMENT) >> >> Hi Roman, >> >> Thank you for your review! And apologies for late reply. Here's a PR to >> address your comments: >> https://github.com/core-wg/senml-etch/pull/13 >> >> See comments and questions inline below. >> >> >> Cheers, >> Ari >> >>> On 4. Sep 2019, at 21.45, Roman Danyliw via Datatracker >> <noreply@ietf.org> wrote: >>> ---------------------------------------------------------------------- >>> DISCUSS: >>> ---------------------------------------------------------------------- >>> >>> (1) Section 5. It’s helpful that this document notes the relevance of >>> SenML’s security and privacy considerations (i.e., Section 13 of >>> RFC8428). However, this references seems circular. RFC8428 says, >>> “SenML formats alone do not provide any security and instead rely on >>> the protocol that carries them to provide security.” This document seems >> to be that “protocol that carries them” >>> implying it should cover the security mechanisms. Is it not >>> appropriate to suggest that CoAPs can address the (per RFC8428) >>> “confidentiality, data integrity, and authentication as appropriate >>> for the usage.”? If not, what additional guidance can be provided? >> >> Yes, secure CoAP would be addressing the security requirements in this case. >> I can make this explicit by adding to the first paragraph: >> >> CoAP's security mechanisms are used to provide security for the FETCH and >> (i)PATCH methods. > > Works for me. Thank you. > >>> (2) Section 5. It seems like it would be appropriate for the server >>> to support access control to restrict the client’s ability access and >>> modify a resource with FETCH and (i)PATCH. My read of “Per “In FETCH >>> and (i)PATCH requests, the client can pass arbitrary names to the >>> target resource for manipulation. The resource implementer must take >>> care to only allow access to names that are actually part of (or >>> accessible through) the target resource”, doesn’t suggest that type of >> access control. >> >> Yes, access control should be OK here. Do you have any suggestion how to >> make this more clear here? Note that each SenML name may or may not >> map to a separate resource (hence the wording "are actually part of (or >> accessible through) the target resource"). > > I was stumbling over the "are actually part of ..." phrase. However, with your explanation, I understand now. My confusion. Consider this item resolved. > >> >>> ---------------------------------------------------------------------- >>> COMMENT: >>> ---------------------------------------------------------------------- >>> >>> (3) Section 3.1. A few questions about how general purpose of a query >>> language is possible with the FETCH: >>> >>> -- (To confirm based on the text “The SenML Records are selected by >>> giving a set of names that …”) Does a name always have to be in the >>> Fetch Request (i.e., ‘at least one “n” MUST be in the Fetch Request’)? >> >> Yes. I clarified this with: >> >> A Fetch Pack MUST contain at least one Fetch Record. A Fetch Record MUST >> contain a name and/or base name field(s). > > Thank you. This text makes it clearer. > >>> Using the third example in Section 5.1.2 of RFC8428 as a source: >>> >>> -- The current text mentions that names and time can be in the Fetch >>> Pack request. Can other fields also be used as part of the criteria, >>> say “v”? For example, would ‘{“n”:” urn:dev:ow:10e2073a01080063”, >>> “v”:”21.5”}’ return the three name+time records where the value is 21.5? >> >> The intention was that only name and time could be used to select records; >> the last paragraph says that all others must be ignored. But looking at this >> closer I realized now that we probably need to add Unit to the selection >> criteria to support cases where same sensor name is used with multiple units >> for different types of measurements. >> >> But since this would be new functionality, I'll put this into a separate PR >> (needs likely more work): >> https://github.com/core-wg/senml-etch/pull/14 > > OK. No problem. I wanted to highlight the issue. What you have in the above PR is mostly there. I leave it in your capable hands to polish. > >>> (4) Section 3.1. If there is no match for a Fetch, how is that >>> signaled back in the response? Is there any guidance to provide on >>> error handling via CoAP error codes? >> >> Good catch. Clarified this with: >> >> If no SenML Records match, empty SenML Pack (i.e., array with no >> elements) is returned as a response. > > Thanks. > >>> (5) Editorial Nits: >>> >>> -- Section 3.1. s/When SenML Records contain also time values/When >> SenML >>> Records also contain time values/ >> >> I realized this was not fully correct and rewrote that part into: >> The SenML time field can be used in a Fetch Record to further narrow the >> selection of matched SenML Records. > > Thanks. > > Regards, > Roman >
- [core] Roman Danyliw's Discuss on draft-ietf-core… Roman Danyliw via Datatracker
- Re: [core] Roman Danyliw's Discuss on draft-ietf-… Ari Keränen
- Re: [core] Roman Danyliw's Discuss on draft-ietf-… Roman Danyliw
- Re: [core] Roman Danyliw's Discuss on draft-ietf-… Ari Keränen