Re: [Dime] last review of RFC3588bis before the proto write-up -please comment
Sebastien Decugis <sdecugis@nict.go.jp> Fri, 30 July 2010 03:37 UTC
Return-Path: <sdecugis@nict.go.jp>
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0B57E3A683C for <dime@core3.amsl.com>; Thu, 29 Jul 2010 20:37:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.611
X-Spam-Level:
X-Spam-Status: No, score=-0.611 tagged_above=-999 required=5 tests=[AWL=0.744, BAYES_00=-2.599, HELO_EQ_JP=1.244]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TItxYqlSfvpV for <dime@core3.amsl.com>; Thu, 29 Jul 2010 20:37:38 -0700 (PDT)
Received: from ns2.nict.go.jp (ns2.nict.go.jp [IPv6:2001:2f8:29:300::2]) by core3.amsl.com (Postfix) with ESMTP id B5E203A65A6 for <dime@ietf.org>; Thu, 29 Jul 2010 20:37:36 -0700 (PDT)
Received: from gw2.nict.go.jp (gw2 [133.243.18.251]) by ns2.nict.go.jp with ESMTP id o6U3buLL001645 for <dime@ietf.org>; Fri, 30 Jul 2010 12:37:56 +0900 (JST)
Received: from gw2.nict.go.jp (localhost [127.0.0.1]) by gw2.nict.go.jp with ESMTP id o6U3bumv000068 for <dime@ietf.org>; Fri, 30 Jul 2010 12:37:56 +0900 (JST)
Received: from mail2.nict.go.jp (mail.nict.go.jp [133.243.18.3]) by gw2.nict.go.jp with ESMTP id o6U3buiJ000065 for <dime@ietf.org>; Fri, 30 Jul 2010 12:37:56 +0900 (JST)
Received: from mail2.nict.go.jp (localhost [127.0.0.1]) by mail2.nict.go.jp (NICT Mail) with ESMTP id 8102D1633F for <dime@ietf.org>; Fri, 30 Jul 2010 12:37:56 +0900 (JST)
Received: from [133.243.146.201] (5gou2f-dhcp41.nict.go.jp [133.243.146.201]) by mail2.nict.go.jp (NICT Mail) with ESMTP id 7C1E916337 for <dime@ietf.org>; Fri, 30 Jul 2010 12:37:56 +0900 (JST)
Message-ID: <4C524906.8070103@nict.go.jp>
Date: Fri, 30 Jul 2010 12:37:42 +0900
From: Sebastien Decugis <sdecugis@nict.go.jp>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.2.7) Gecko/20100713 Thunderbird/3.1.1
MIME-Version: 1.0
To: dime@ietf.org
References: <92BBD1AA-5740-4057-85C7-66D16018FCA5@gmail.com><AANLkTime8h7MheAgPn09vLf7UK1NAIrzC7bKJg0520X9@mail.gmail.com> <36827A5B-B697-41D7-BAA3-D9D79650B447@gmail.com> <D109C8C97C15294495117745780657AE0CBB2452@ftrdmel1>
In-Reply-To: <D109C8C97C15294495117745780657AE0CBB2452@ftrdmel1>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
Subject: Re: [Dime] last review of RFC3588bis before the proto write-up -please comment
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2010 03:37:41 -0000
I also agree with these statements. Beside, it is possible in many cases for a peer to decide whether the remote peer is RFC3588 or rfc3588bis as a side effect of the new security mechanism (indicated by the Inband-Security-Id AVP in the CER/CEA exchange), in case an implementation really needs to know it. Best regards, Sebastien. Le 30/07/2010 01:28, lionel.morand@orange-ftgroup.com a écrit : > I agree with Mark understanding, regarding to addition of missing *[AVP] in some commands and decision to keep the version number unchanged. > It would be great if other WG members confirm/contradict these statements. > > Cheers, > > Lionel > >> -----Message d'origine----- >> De : dime-bounces@ietf.org [mailto:dime-bounces@ietf.org] De >> la part de jouni korhonen >> Envoyé : jeudi 29 juillet 2010 17:52 >> À : Mark Jones >> Cc : dime@ietf.org >> Objet : Re: [Dime] last review of RFC3588bis before the proto >> write-up -please comment >> >> Hi Mark, >> >> Thanks for the quick reply. Read below.. >> >> >> On Jul 27, 2010, at 9:36 PM, Mark Jones wrote: >> >>> Hi Jouni, >>> >>> I agree with your proposed editorial changes. See inline for my >>> comments on the ABNF issues. >> Ack. >> >> >>> On Wed, Jul 21, 2010 at 8:42 AM, jouni korhonen >> <jouni.nospam@gmail.com> wrote: >>>> For the following I must to hear comments _before_ I >> proceed with the completion of the Proto Write-up: >>>> o RFC3588bis keeps version as 1 so a RFC3588 node does not really >>>> know if it is connecting with another RFC3588 or >> RFC3588bis node, or vice versa. >>>> In Sections >>>> 5.4.1, 5.4.2, 5.5.1, 5.5.2, and 7.2 we actually _change_ the >>>> existing command ABNFs that are more than just adding >> optional AVPs >>>> or sending less AVPs than before (for example adding *[AVP] to a >>>> request, which means the receiver may see AVPs that are >> beyond the >>>> ABNF it knows). According to the RFC3588bis Section 1.3.3 >> this could >>>> mean an allocation of a new command code, which again >> would require >>>> an allocation of a new application id for applications >> using the new command.. This would impact backwards >> compatibility with RFC3588. >>> Sections 5.4.1, 5.4.2, 5.5.1 and 5.5.2 added *[ AVP ] to >>> DPR/DPA/DWR/DWA respectively. This was presumably added for >>> consistency with the ABNF for other base protocol commands. >> I view the >>> change as editorial because RFC3588 also says: >>> >>> "An implementation MAY add arbitrary non-mandatory AVPs to any >>> command defined in an application, including vendor-specific AVPs >>> without needing to define a new application." >>> >>> Although this text was reworked in 3588bis, an >> implementation strictly >>> coded to RFC3588 is not going to barf a 5008 if these commands do >>> contain extra "non-mandatory" AVPs. >> Personally I tend to agree. Some implementations I know just >> ignore excess AVPs outside ABFN with M=0, and continue >> processing the command like nothing happened. I.e. the >> assumed behavior from Section 1.2.3 quoted above.. >> >>> There is no reason to exclude *[AVP] from these commands and the >>> omission from the ABNF was probably an oversight. I suspect >> it would >>> have been approved if raised as an Errata on RFC3588. >>> >>> Section 7.2 adds two optional AVPs to an ABNF that already >> had *[ AVP >>> ] so the new format would not result in 5008 or 5009. The Failed-AVP >> Ok. >> >>> AVP has the M-bit set but RFC3588 was sufficiently vague on whether >>> mandatory meant presence or comprehension that a 5008 is unlikely. >>> Given the descriptions of the missing AVPs, I think these >> are clearly >>> oversights and they would have been approved as Errata. >> Right. Actually when reading Section 7 onwards then remaining >> text makes it quite clear that Failed-AVP is part of the >> error. Following that I would also add [Experimental-Result] >> to the Section 7.2 ABNF (as that AVP also has M=1). >>>> Can we expect then receiving errors like 5008 and 5009 when the >>>> other end is fully RFC3588 compliant and the other is RFC3588bis >>>> compliant? Is this unlikely to happen? >>> No and no. Silence from the other stack implementers >> obviously means >>> they agree. ;) >> Right, hearing more opinions wouldn't make harm though. >> >>>> Can a change to AVP multiplicity in ABNF considered such >> ABNF change >>>> that requires a new command code? >>> It is tough to generalize; Did the ABNF contradict normative text? >>> >>> I think of 3588bis as a collection of Errata. There were several >>> places in RFC3588 where ambiguity could create interop issues. When >>> we've hit those, we've been able to consult (and refer partners to) >>> 3588bis in much the same way as we'd consult Errata. >> Ok. >> >> >> - Jouni >> >> >>> Regards >>> Mark >>> _______________________________________________ >>> DiME mailing list >>> DiME@ietf.org >>> https://www.ietf.org/mailman/listinfo/dime >> _______________________________________________ >> DiME mailing list >> DiME@ietf.org >> https://www.ietf.org/mailman/listinfo/dime >> > _______________________________________________ > DiME mailing list > DiME@ietf.org > https://www.ietf.org/mailman/listinfo/dime -- Sebastien Decugis Research fellow Network Architecture Group NICT (nict.go.jp)
- Re: [Dime] last review of RFC3588bis before the p… jouni korhonen
- [Dime] last review of RFC3588bis before the proto… jouni korhonen
- Re: [Dime] last review of RFC3588bis before the p… jouni korhonen
- Re: [Dime] last review of RFC3588bis before the p… Mark Jones
- Re: [Dime] last review of RFC3588bis before the p… lionel.morand
- Re: [Dime] last review of RFC3588bis before the p… Sebastien Decugis