Re: [dnssd] Opsdir last call review of draft-ietf-dnssd-srp-20
Dhruv Dhody <dd@dhruvdhody.com> Sat, 08 July 2023 04:00 UTC
Return-Path: <dd@dhruvdhody.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CB45C1519B8 for <dnssd@ietfa.amsl.com>; Fri, 7 Jul 2023 21:00:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dhruvdhody-com.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p785mJsGbtDZ for <dnssd@ietfa.amsl.com>; Fri, 7 Jul 2023 21:00:54 -0700 (PDT)
Received: from mail-vk1-xa31.google.com (mail-vk1-xa31.google.com [IPv6:2607:f8b0:4864:20::a31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 242F2C1519B2 for <dnssd@ietf.org>; Fri, 7 Jul 2023 21:00:54 -0700 (PDT)
Received: by mail-vk1-xa31.google.com with SMTP id 71dfb90a1353d-47e5025a55fso1000153e0c.0 for <dnssd@ietf.org>; Fri, 07 Jul 2023 21:00:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dhruvdhody-com.20221208.gappssmtp.com; s=20221208; t=1688788853; x=1691380853; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=EPCHanhW+zECBwBZRxhjr4efvhxsgN4ci7p4e01JUKQ=; b=RCDbrgYfDHyhe+5KiJJycdz86ums6SqamAi8HpGwE8v411eioROrDfPU1Ej/lhsCq2 NPtW8KS4/JfiybqiSWZOuL46WrhG+HJC4qz+lvO9EFiPzv/Cdq6QplsTlJXvrprgtZod oXgg6z20a+QKyPMN5dI6OZmlH0+wEMeWgIcJB80mRsQGAjRbBqcufIHU5ZthG9Ya/xKt CYYbcbvl1j/Fhvpry6Et+QVj+Nf3E9p2E0EPfzxrdMIRItBaSnV7o0TI80ITZh7Yrogg 7HBsiIVROY/zh2DJGuQdiUgjcsliqXblUuiNVKnSWhDzKr9cj4GNApHAkoiWT4m60zSA kTgw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688788853; x=1691380853; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EPCHanhW+zECBwBZRxhjr4efvhxsgN4ci7p4e01JUKQ=; b=RIwMpsFUNKrVOIB3TaMxWDp5Pe6YeRRVT55sOcaSzyRZz/6PvCnjQSsleIioiRwkmw ktL+k1vJfe5enPayyMA1BoJNLbf3Phjv7j0NbL8hrxTb4GmNE8Dy4pwtAQ2japD2a0u2 EVPZWcjR8Bfpz2MOlckcXDRniH3XjU04VwOSgyCWOpkAdhOhtMCcblS6oW4q+pegu36R DSQ7Pf0/nab+Xe7P7FxwuI4rfnvC/EeKKNn9MZcqujhqXqeqBHBKHwKB9S4vle8Ivb31 cpDWuk7fDj9s7WCopt51n1i3T3iVPpmT+ud1Daw6jKYytqK3QRUWGbuedhls4RB//Syy 7BUQ==
X-Gm-Message-State: ABy/qLY2MDZ4JEd+p/ozQZM1PWDNW+B2TWfqKU6QYNWskQBfFurbCpa6 Cs6An6isdMi6MC8Bv4sYTb26XEFUEuOUD53qnH0yFRYok6knOATO
X-Google-Smtp-Source: APBJJlGBaijjPuLVPoboXy++vg/ZLCnX5Wk3oT+zUCRHsZ3o5UD4lNDSXxcur2/fxmYt7sG9n1i6jri+dvuZoT7vQ+g=
X-Received: by 2002:a67:ef88:0:b0:443:6457:10e with SMTP id r8-20020a67ef88000000b004436457010emr4714134vsp.7.1688788852988; Fri, 07 Jul 2023 21:00:52 -0700 (PDT)
MIME-Version: 1.0
References: <168664880869.29548.2642221981202557563@ietfa.amsl.com> <CAPt1N1kNbeifKejzuTg2egH0fj_NzcpHEFxVzNNNKKnZtY4Scw@mail.gmail.com>
In-Reply-To: <CAPt1N1kNbeifKejzuTg2egH0fj_NzcpHEFxVzNNNKKnZtY4Scw@mail.gmail.com>
From: Dhruv Dhody <dd@dhruvdhody.com>
Date: Sat, 08 Jul 2023 09:30:16 +0530
Message-ID: <CAP7zK5bF0LSLaEjv9buUc6zf9yK-+d=uhDaU6G2x1iOPCPsMqw@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Cc: ops-dir@ietf.org, dnssd@ietf.org, draft-ietf-dnssd-srp.all@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="000000000000aefd4f05fff1cb78"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/b5xe7jD6RquxRhPVUKwXFVfqwbA>
Subject: Re: [dnssd] Opsdir last call review of draft-ietf-dnssd-srp-20
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Jul 2023 04:00:58 -0000
Thanks Ted for taking my comments into consideration! On Sat, Jul 8, 2023 at 12:12 AM Ted Lemon <mellon@fugue.com> wrote: > Dhruv, thanks for the review! > > On Tue, Jun 13, 2023 at 5:33 AM Dhruv Dhody via Datatracker < > noreply@ietf.org> wrote: > >> Reviewer: Dhruv Dhody >> Review result: Has Nits >> >> # OPSDIR review of draft-ietf-dnssd-srp >> >> I have reviewed this document as part of the Operational directorate's >> ongoing >> effort to review all IETF documents being processed by the IESG. These >> comments were written with the intent of improving the operational >> aspects of >> the IETF drafts. Comments that are not addressed in the last-call may be >> included in AD reviews during the IESG review. Document editors and WG >> chairs >> should treat these comments just like any other last-call comments. >> >> The document is very clear and well-written. The motivation is described >> well. >> A separate section dealing with Operational Considerations would be an >> excellent addition that could explicitly deal with Backward compatibility, >> Logging requirements, Default values settings, Monitoring requirements >> etc. See >> RFC 5706 for inspiration. This is just a suggestion... >> > > Thanks. I think this isn't a bad idea in theory, but in practice the use > cases we know about for SRP are all situations where there is no operator > in the sense you mean: e.g. a Thread border router has no operator other > than the end-user, who isn't going to rely on this document. A home CE > router with an SRP server is in the same boat. > > I think there may be some value in thinking about the operations model for > SRP when deployed in an enterprise or educational setting, but we don't > actually have any experience to share, so it would be purely speculative. I > think this probably needs to wait for a later document, unfortunately. > > >> >> The document is ready. I have a few minor comments and nits - >> >> ## Minor >> >> * I suggest the I-D explicitly state the default values which can be >> overridden >> via configurations. The use of the word "typically" in section 3.2.5.3 is >> a bit >> unusual. >> > > We're reporting how this is actually used in practice. I don't know how to > write a specification that would be appropriate. We actuallly at one time > specified a value of one hour (or maybe it was two, I can't remember) but > then we saw that in practice, people were using very different values, > sometimes a different value for paired devices than unpaired, etc. So our > goal became to simply talk about the tradeoffs and make suggestions. > > >> * Section 8. My preference would be to disregard brevity and list all >> considerations for "service.arpa" instead of relying on "home.arpa" in >> RFC8375. >> In my reading, the text refers to homenet at places and seems incorrect to >> blindly rely on it. Again just a suggestion and something to think about. >> > > The IANA review agreed with you, and this will be in the new version of > the document. > > >> ## Nits >> >> * Expand IoT in Abstract. Also, put the abbreviation next to "DNS-Based >> Service >> Discovery" as you use the abbreviation later on. >> > > I just took IoT out—it's not really accurate anyway. We give the > abbreviation for DNSSD in the Introduction--it doesn't belong in the > abstract. > > >> * Section 3.1.1. >> >> * Remove the "," at "..a registration domain, or discover the >> default.." >> >> * Remove the "," at "..mechanisms are possible, but are.." >> >> * s/out of scope for this document/out of the scope of this document/ >> >> * Add a "," at "For these names they then discover" i.e. "For these >> names, >> they then discover" >> > > These are issues for the RFC editor. > > >> * Section 3.2.4 >> >> * Expand TSIG >> > > Good point, changed to Secret Key Transaction Signatures. > > >> * I suggest rewording this "The goal is not to provide the level of >> security of a network managed by a skilled operator."! >> > > The secdir review also complained about this. I deleted it—I think it's > just confusing. > > >> * Add a suitable reference for "a YXDomain RCODE" (Section 3.2.5.2) >> > > Done. > > >> * Weird capitalization in "..both the Delete An RR From An RRset update >> and the >> Add To An RRSet update,.." (Section 3.2.5.5.2) >> > > That's how we did it. I guess we could have used single quotes instead? > > >> * Section 3.3.1 >> >> * s/RFC2136/[RFC2136]/g -- If you don't want to make this update, >> consider >> using a hyphen as in RFC2136-implementations etc. >> > > Should be an xref, fixed. > >> >> * Should you also state what happens when the MUST in this section >> are not >> met? >> > > See "Valid SRP Update Requirements". I don't think it will help to add > more text about this here. > > >> >> * s/are rejected with Refused./are rejected with Refused RCODE./ (section >> 3.3.6) >> >> OK > > >> * Section 6.1 >> >> * Add reference to TCP Fast Open >> > > OK > > >> >> * s/credentials to to update/credentials to update/ >> > > Yup. > > >> >> * Table 1, please remove the last "." in "default.service.arpa."; See >> >> https://www.iana.org/assignments/locally-served-dns-zones/locally-served-dns-zones.xhtml > > > It's an FQDN, so it's correct to have a '.' on the end. > > >> * The IDNITS has some warnings. I guess that no change is needed, but just >> making sure - >> >> https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-dnssd-srp-20.txt > > > It doesn't like i18n. These are peoples' names, so too bad for it. :) > > Thanks again for the review. I have applied your suggestions except as > noted above. >
- [dnssd] Opsdir last call review of draft-ietf-dns… Dhruv Dhody via Datatracker
- Re: [dnssd] Opsdir last call review of draft-ietf… Ted Lemon
- Re: [dnssd] Opsdir last call review of draft-ietf… Dhruv Dhody