Re: [Dime] AD review of draft-ietf-dime-rfc4005bis-09.txt - part 2
Benoit Claise <bclaise@cisco.com> Wed, 11 July 2012 09:05 UTC
Return-Path: <bclaise@cisco.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A10021F86A7 for <dime@ietfa.amsl.com>; Wed, 11 Jul 2012 02:05:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.413
X-Spam-Level:
X-Spam-Status: No, score=-10.413 tagged_above=-999 required=5 tests=[AWL=0.185, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4mDJcFJtkEaq for <dime@ietfa.amsl.com>; Wed, 11 Jul 2012 02:05:40 -0700 (PDT)
Received: from av-tac-bru.cisco.com (weird-brew.cisco.com [144.254.15.118]) by ietfa.amsl.com (Postfix) with ESMTP id 4247221F858E for <dime@ietf.org>; Wed, 11 Jul 2012 02:05:40 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from strange-brew.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-bru.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id q6B95iN4024533; Wed, 11 Jul 2012 11:05:44 +0200 (CEST)
Received: from [10.60.67.85] (ams-bclaise-8914.cisco.com [10.60.67.85]) by strange-brew.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id q6B95iTX024009; Wed, 11 Jul 2012 11:05:44 +0200 (CEST)
Message-ID: <4FFD41E7.5030502@cisco.com>
Date: Wed, 11 Jul 2012 11:05:43 +0200
From: Benoit Claise <bclaise@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20120614 Thunderbird/13.0.1
MIME-Version: 1.0
To: dime mailing list <dime@ietf.org>
References: <4FFC405F.9030508@cisco.com>
In-Reply-To: <4FFC405F.9030508@cisco.com>
Content-Type: multipart/alternative; boundary="------------070807050800000207050609"
Cc: Michelle Cotton <michelle.cotton@icann.org>
Subject: Re: [Dime] AD review of draft-ietf-dime-rfc4005bis-09.txt - part 2
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2012 09:05:42 -0000
Dear all, Glen, Two more points, part of the AD review (I needed a little bit of education before making those points, hence the part 2 in my review) 1. the NASREQ application is specified in RFC4005bis, but IANA points to RFC3588bis See http://www.iana.org/assignments/aaa-parameters/aaa-parameters.xml#aaa-parameters-45 with an entry for Application id= 1, for NASREQ, with the reference [RFC-ietf-dime-rfc3588bis-33] I understand the history: RFC3588 introduced this application id value 1 in the IANA Considerations section. However, RFC3588bis, which will obsolete RFC3588, doesn't mention this application id (obviously, because it was assigned already). So don't you believe that we should correct this and have, in the IANA Considerations section of http://tools.ietf.org/id/draft-ietf-dime-rfc4005bis-09.txt , a message basically expressing: http://www.iana.org/assignments/aaa-parameters/aaa-parameters.xml#aaa-parameters-45 should contain Application id= 1, for NASREQ, with the reference [RFC4005bis] 2. In section 3.10Accounting-Answer (ACA) Command The same level of security MUST be applied to both the Accounting-Request and the corresponding Accounting-Answer message. For example, if the ACR was protected using end-to-end security techniques then the corresponding ACA message MUST be protected in the same way; note, however, that the definition of such techniques is outside the scope of this document. Note: this message about "The same level of security ..." is only available in that section Why does this apply only to Accounting-Request and Accounting-Answer? Or does it apply to all Request/Answer? Regards, Benoit. > Dear all, Glen, > > Please find below the AD review of draft-ietf-dime-rfc4005bis-09.txt > > The document is in a good enough shape to be sent to IETF LC. > Please consider my comments together with the other IETF LC comments. > > Glen, let me know if you plan on submitting a quick revision soon, or > if I should send THIS version to the IETF LC (which might lead to > redundant comment) > > > - Some idnits > http://tools.ietf.org/idnits?url=http://tools.ietf.org/id/draft-ietf-dime-rfc4005bis-09.txt > Miscellaneous warnings: > ---------------------------------------------------------------------------- > > == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but > does not include the phrase in its RFC 2119 key words list. > > Checking references for intended status: Proposed Standard > ---------------------------------------------------------------------------- > > == Missing Reference: 'BASE' is mentioned on line 219, but not defined > > I understand that this is a quote from RFC4005. To avoid the source of > confusion, here is a proposal > > OLD: > However, the presence of an > instance of the Acct-Application-Id AVP was required in RFC 4005, > as well: > > The ACR message [BASE] is sent by the NAS to report its session > information to a target server downstream. > > Either of Acct-Application-Id or Vendor-Specific-Application-Id > AVPs MUST be present. If the Vendor-Specific-Application-Id > grouped AVP is present, it must have an Acct-Application-Id > inside. > NEW: > However, the presence of an > instance of the Acct-Application-Id AVP was required in RFC 4005, > which quotes: > > "The ACR message [BASE] is sent by the NAS to report its session > information to a target server downstream. > > Either of Acct-Application-Id or Vendor-Specific-Application-Id > AVPs MUST be present. If the Vendor-Specific-Application-Id > grouped AVP is present, it must have an Acct-Application-Id > inside." > > - One small improvement > OLD: > o The accounting model to be used is now specified. > > NEW > o The accounting model to be used is now specified. See section 1.6 > > - Expand on the first ASA occurrence > > - Add an point after [I-D.ietf-dime-rfc3588bis] > > 3.1. AA-Request (AAR) Command > > The AA-Request (AAR), which is indicated by setting the Command-Code > field to 265 and the 'R' bit in the Command Flags field, is used to > request authentication and/or authorization for a given NAS user. > The type of request is identified through the Auth-Request-Type AVP > [I-D.ietf-dime-rfc3588bis] The recommended value for most situations > is AUTHORIZE_AUTHENTICATE. > > - I could not find the meaning of * in, for example, > > [ CHAP-Auth ] > [ CHAP-Challenge ] > * [ Framed-Compression ] > [ Framed-Interface-Id ] > [ Framed-IP-Address ] > * [ Framed-IPv6-Prefix ] > [ Framed-IP-Netmask ] > [ Framed-MTU ] > [ Framed-Protocol ] > [ ARAP-Password ] > [ ARAP-Security ] > * [ ARAP-Security-Data ] > * [ Login-IP-Host ] > * [ Login-IPv6-Host ] > [ Login-LAT-Group ] > [ Login-LAT-Node ] > [ Login-LAT-Port ] > [ Login-LAT-Service ] > * [ Tunneling ] > * [ Proxy-Info ] > * [ Route-Record ] > * [ AVP ] > - 3.7. Abort-Session-Request (ASR) Command > > The Abort-Session-Request (ASR) message [I-D.ietf-dime-rfc3588bis] > may be sent by any server to the NAS providing session service, to > request that the session identified by the Session-Id be stopped. > > By "any Diameter server"? like in section 3.3 btw. > > - IANA Considerations > Do we need to change all the "4005" entries in > http://www.iana.org/assignments/aaa-parameters/aaa-parameters.xml into > "4005bis"? > Or to be more correct, the new RFC id for 4005bis? > > - OLD > [RADIUSTypes] IANA, "IANA Radius Attribute Values > Registry",<http://www.iana.org/ > assignments/radius-types-3>. > > NEW: > [RADIUSTypes] IANA, "IANA Radius Attribute Values > Registry",<http://www.iana.org/ > assignments/radius-types>. > > ALTERNATE PROPOSAL > [RADIUSTypes] IANA, "IANA Radius Attribute Values > Registry",<http://www.iana.org/assignments/radius-types/radius-types.xml#radius-types-1>. > > Regards, Benoit. > > > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime
- [Dime] AD review of draft-ietf-dime-rfc4005bis-09… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… lionel.morand
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… dieter.jacobsohn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… lionel.morand
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… lionel.morand
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… lionel.morand
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… lionel.morand
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Glen Zorn
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise
- Re: [Dime] AD review of draft-ietf-dime-rfc4005bi… Benoit Claise