[core] Review of draft-koster-core-coap-pubsub-05
Jim Schaad <ietf@augustcellars.com> Thu, 04 August 2016 03:35 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8E3C12D69E; Wed, 3 Aug 2016 20:35:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.188
X-Spam-Level:
X-Spam-Status: No, score=-3.188 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.287, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SLi6epRl9aqX; Wed, 3 Aug 2016 20:35:17 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9B9C12D866; Wed, 3 Aug 2016 20:35:16 -0700 (PDT)
Received: from hebrews (24.21.96.37) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Wed, 3 Aug 2016 20:46:53 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-koster-core-coap-pubsub@ietf.org, core@ietf.org
Date: Wed, 03 Aug 2016 20:35:10 -0700
Message-ID: <04fe01d1ee01$35bf9120$a13eb360$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdHt4Mmd/aVI+5qsSE+Tcxdmb21+Nw==
Content-Language: en-us
X-Originating-IP: [24.21.96.37]
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/s5gL2KIo0BYVvNKjYGappbVyuIc>
Subject: [core] Review of draft-koster-core-coap-pubsub-05
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Aug 2016 03:35:20 -0000
I have a hard time saying that this is ready to be published, but that is in part because I think that the security aspects that are not being addressed in the document are important. Section 3.2 - The phrase "and potentially buffer messages" is causing me problems. By definition it must buffer the last data value that it includes. It would be good at this point to explain exactly why it is buffering messages here. I assume that you are talking about the flow control issues that are discussed later but I don't know this. Section 4.2 - What is the behavior of Max-Age for sub-topics? Is the topic deleted only if it has no current sub-topics? Publish rates of the topic and sub-topic may not be the same. Section 4.2 - How does a topic creator control who can a) publish to the topic, b) create sub-topics, c) subscribe to the topic. Based on how things are laid out I make the assumption that the broker is the entity that would enforce these rules. Section 4.3 - As we go forward into the world of having secure items, the rule on only publishing a fixed content type means that there will be no way for a broker to create other content types without losing the authentication source of a signature by the publisher on the content. It would be nice if it were possible to publish multiple content types at one point. I guess one method might be to look at a content type that would be list of contents w/ different content types but then the discovery method becomes odd. Also create would need to be modified to deal with the situation as well. Section 4.7 - The following language is driving me crazy. "A CoAP pubsub Client wishing to remove a topic MAY use the CoAP Delete operation". If you are going to say that it may do X, then you need to also say that what other things it could do to remove it. I think you should just remove the MAY here (and in similar places) and just say "to remove a topic uses the CoAP Delete operation". Section 7 - Should there be advice on how to distinguish between a new publish and a re-publish because a response was not received? Section 8 - DTLS will not provide authentication if there is a proxy in the way between the client and the broker that terminates the DTLS session. (The whole hop authentication vs end-to-end.) Section 8 - the last paragraph is giving me a problem. It appears to say that if the broker is not trusted hen it would have a problem doing the correct forwarding to subscribers since it would be unable to read the CoAP headers. Is that correct? Confirmation of messages. The system seems to be very light on telling one when confirmation of messages should be used and when it should not be used. For example, if notifications are being sent out from a broker - should all messages get confirmations before continuing, should only some messges get confirmations based either on the message published or on the notification that is being sent to the client. I.e. do you treat a removal from a subscription differently if it is deleted vs if the authorization for the subscriber expires? In one case doing the get will show that it no longer exists but in the other case the client will have missed messages when it was not subscribed. Jim
- Re: [core] Review of draft-koster-core-coap-pubsu… Hannes Tschofenig
- Re: [core] Review of draft-koster-core-coap-pubsu… Hannes Tschofenig
- Re: [core] Review of draft-koster-core-coap-pubsu… Jim Schaad
- [core] Review of draft-koster-core-coap-pubsub-05 Jim Schaad
- Re: [core] Review of draft-koster-core-coap-pubsu… Michael Koster