[DNSOP] Genart telechat review of draft-ietf-dnsop-session-signal-11

Joel Halpern <jmh@joelhalpern.com> Thu, 05 July 2018 21:48 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: dnsop@ietf.org
Delivered-To: dnsop@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 38AE5130FA0; Thu, 5 Jul 2018 14:48:44 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joel Halpern <jmh@joelhalpern.com>
To: <gen-art@ietf.org>
Cc: draft-ietf-dnsop-session-signal.all@ietf.org, dnsop@ietf.org, ietf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.81.3
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <153082732415.26353.11898401544902479901@ietfa.amsl.com>
Date: Thu, 05 Jul 2018 14:48:44 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/TTP1UNYDeZ_C-xbNfJSzb82MKNE>
Subject: [DNSOP] Genart telechat review of draft-ietf-dnsop-session-signal-11
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Jul 2018 21:48:45 -0000

Reviewer: Joel Halpern
Review result: Ready with Nits

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please wait for direction from your
document shepherd or AD before posting a new version of the draft.

For more information, please see the FAQ at


Document: draft-ietf-dnsop-session-signal-11
Reviewer: Joel Halpern
Review Date: 2018-07-05
IETF LC End Date: 2018-06-25
IESG Telechat date: 2018-08-02

Summary: This document is ready for publication as a Proposed Standard RFC

Some of my earlier comments have been addressed.  It appears that an effort was
made to address more, but I was apparently unclear.  I have copied the comments
that seem to still apply, with elaboration.  If I am still unclear, please
contact me.

Major issues: N/A

Minor issues:
    Section 5.1.3 places some requirements on application level middleboxes,
    and includes a very clear explanation of why it places these requirements.
    While it may be "obvious" to one who lives and breathes DNS, I think it
    would help to explain why the usual operation of an existing middlebox will
    (typically? always?  inherently?) meet this requirement.  To rephrase, the
    text says things like "the middlebox MUST NOT blindly forward DSO messages
    in either direction." Apparently, somehow, the existing world middleboxes
    will do comply with this.  How?

    The third and fourth paragraphs of section 5.2.2 do not talk about optional
    additional TLVs.  It would be helpful if the document stated that in
    addition to those additional TLVs required by the primary TLV, other TLVs
    may be included based on their individual definition, independent of the
    definition of the primary TLV.  (Both the Encryption padding and the delay
    retry TLVs may be included in suitable messages without being called out in
    the definition of the primary TLVs.)
    An effort appears to have been made to address this, which suggests I was
    unclear.  The text says:
        A DSO response message may contain no TLVs, or it may be specified to
        contain one or more TLVs appropriate to the information being
    The definition of the specific response messages does not discuss the
    encryption padding or delay response TLVs.  They are clearly intended to
    be allowed.  So can we tune the text to make that clear.  I think the
    intention is that the specification of the response message indicates which
    TVLs are required, and that others are allowed.  So say that.

Nits/editorial comments:
    Section 5.4 talks about by default the TCP data ack and the DSO reply
    message being combined.  Doesn't this depend upon the responsiveness of the
    DSO engine?  Is there an implicit assumption about such timeliness (sub 200
    I suspect from the lack of comment on this that I am missing something