Re: [Dime] AD review for draft-ietf-dime-nat-control-06
Shwetha <shwethab@cisco.com> Thu, 10 February 2011 04:07 UTC
Return-Path: <shwethab@cisco.com>
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 574C63A6875 for <dime@core3.amsl.com>; Wed, 9 Feb 2011 20:07:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.532
X-Spam-Level:
X-Spam-Status: No, score=-8.532 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, RCVD_NUMERIC_HELO=2.067]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wT2avAo1pxM5 for <dime@core3.amsl.com>; Wed, 9 Feb 2011 20:07:32 -0800 (PST)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 6D7F23A6850 for <dime@ietf.org>; Wed, 9 Feb 2011 20:07:28 -0800 (PST)
Authentication-Results: ams-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-Files: draft-ietf-dime-nat-control-07.txt : 91314
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AskFAEDzUk2Q/khMgWdsb2JhbAClaAIVAQEWIiSfWI1ujT+CfoJeBIR9hnODOIUc
X-IronPort-AV: E=Sophos; i="4.60,450,1291593600"; d="txt'?scan'208"; a="75876708"
Received: from ams-core-3.cisco.com ([144.254.72.76]) by ams-iport-1.cisco.com with ESMTP; 10 Feb 2011 04:07:38 +0000
Received: from xbh-bgl-412.cisco.com (xbh-bgl-412.cisco.com [72.163.129.202]) by ams-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id p1A47ar5010257; Thu, 10 Feb 2011 04:07:37 GMT
Received: from xmb-bgl-417.cisco.com ([72.163.129.213]) by xbh-bgl-412.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 10 Feb 2011 09:37:36 +0530
Received: from 173.39.65.210 ([173.39.65.210]) by XMB-BGL-417.cisco.com ([72.163.129.213]) with Microsoft Exchange Server HTTP-DAV ; Thu, 10 Feb 2011 04:07:36 +0000
User-Agent: Microsoft-Entourage/12.20.0.090605
Date: Thu, 10 Feb 2011 09:39:06 +0530
From: Shwetha <shwethab@cisco.com>
To: "Romascanu, Dan (Dan)" <dromasca@avaya.com>, dime@ietf.org
Message-ID: <C97962BC.6758%shwethab@cisco.com>
Thread-Topic: [Dime] AD review for draft-ietf-dime-nat-control-06
Thread-Index: Acu8lT3ibifh6lU0Tpy5/flLeDHB8gMQwRZS
In-Reply-To: <EDC652A26FB23C4EB6384A4584434A0402B315B0@307622ANEX5.global.avaya.com>
Mime-version: 1.0
Content-type: multipart/mixed; boundary="B_3380175548_12981195"
X-OriginalArrivalTime: 10 Feb 2011 04:07:36.0993 (UTC) FILETIME=[0D2FF910:01CBC8D8]
X-Mailman-Approved-At: Wed, 09 Feb 2011 20:54:58 -0800
Subject: Re: [Dime] AD review for draft-ietf-dime-nat-control-06
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Feb 2011 04:07:33 -0000
Hello Dan, Attached is a new version of draft-ietf-dime-nat-control with your comments addressed as detailed below. Comments inline at [SB]. Please let us know if you are ok with the latest version so that we can submit this version of the draft. On 1/25/11 7:09 PM, "Romascanu, Dan (Dan)" <dromasca@avaya.com> wrote: > Please find below the AD review of draft-ietf-dime-nat-control-06. While > the document is well written and in pretty good shape, there are a > number of issues that need to be clarified and editorial nits that need > to be cleaned up before the document can be sent to IETF Last Call. > > The comments below are divided into T (Technical) and E (Editorial). > > T1. Section 4.3 - Please explain what happens with the bindings existing > prior to the reception of the Session Re-Authorization request in case > of a BINDING_FAILEURE. Are these left in place? > [SB] Existing session and bindings will not be affected if request to update an existing session fails. The requestor has a policy to bring down the session upon failure to change it, it has to be done explicitly using DNCA session termination message. Hence we have added the note below the failure scenarios for session update. Note: Already established bindings for the session will not be affected. > T2. Section 4.6 > >> The > DNCA relies on DNCA Manager and DNCA Agent to have builtin redundancy > support to recover state in case of failure. > > It looks like this requirement needs to be expressed in stronger terms, > maybe as a 2119 MUST. [SB] We have reworded it as below: DNCA Manager and DNCA Agent MUST have builtin redundancy support to recover state in case of failure. > T3. What does the following mean in section 5.5? > >> Diameter applications conforming to this specification MUST advertise > support by including the value of TBD in: [SB] We have reworded the section 5.5 on advertising Diameter application support as in RFC4006: Diameter nodes conforming to this specification MUST advertise support for DNCA by including the value of <TBD> in the Auth-Application-Id of the Capabilities-Exchange-Request and Capabilities-Exchange-Answer command [RFC3588]. > > > T4. The way [RFC4005] is referenced in section 8.3 implies that a > Normative Reference is required. [SB] Done > > T5. The security requirements in sections 5.1 and 12 seem to be > contradictory. While in section 12 it is stipulated that > >> Securing the > information exchange between the authorizing entity (the DNCA > Manager) and the NAT device requires bilateral authentication of the > involved parties, authorization of the involved parties to perform > the required procedures and functions, and procedures to ensure > integrity and confidentiality of the information exchange > > In section 5.1 identity verification and authorization of procedures are > only MAY. [SB] We have reworded section 12 as follows, to indicate that only if the messages are to be secured, it MAY be done as specified in RFC3588 Diameter protocol: "To secure the information exchange between the authorizing entity (the DNCA Manager) and the NAT device (the DNCA Agent) requires bilateral authentication of the involved parties, authorization of the involved parties to perform the required procedures and functions, and procedures to ensure integrity and confidentiality of the information exchange MAY be performed." > > E1. idnits complains about the following: > > tmp/draft-ietf-dime-nat-control-06.txt(1298): Line has weird spacing: > '...ly with wit...' > [SB]Its in the FSM table, and the extra spacing is to distinguish each column. > > tmp/draft-ietf-dime-nat-control-06.txt(1828): Unexpected reference > format: '...ocol,[RFC3588] to r...' > [SB] It has been corrected > > E2. Section 1: > >> The query functionality complements > alternative information query mechanisms, such as Simple Network > Management Protocol (SNMP) based mechanisms, if available. > > What does exactly 'complements' mean here? [SB]We wanted to provide example of another protocol like SNMP that provided SNMP query to gather information. As this line is not adding to the usecase, we have removed reference to SNMP from the paragraph. > E3. Expand LSN or include the abbreviation in the Conventions section [SB] LSN has been substituted with NAT > E4. Chose one formulation - either 'The DNCA' or 'DNCA' [SB] 'The DNCA' has been changed to DNCA throughout the document > E5. Section 3.3 - s/Diameter NAT Control Manager/DNCA Manager/ [SB] Done > > E6. Write in a consistent manner DNCA Agent (and not DNCA agent as in > section 4.1) [SB] Done > > E7. Section 4.2: s/Figure 5 shows the protocol interaction/Figure 5 > shows the initial protocol interaction/ [SB] Done > > E8. Section 4.3 s/perfborm/perform/ [SB] Done > > E9. RFC 3588 is sometimes mentioned as 3588, other times as [RFC3588] - > the latest seems to be better [SB] Done Thanks, Shwetha > > Thanks and Regards, > > Dan > > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime >
- [Dime] AD review for draft-ietf-dime-nat-control-… Romascanu, Dan (Dan)
- Re: [Dime] AD review for draft-ietf-dime-nat-cont… Shwetha