IETF Logo Mail Archive

Re: [Gen-art] genART review of draft-ietf-cdni-logging-15

"Francois Le Faucheur (flefauch)" <flefauch@cisco.com> Mon, 16 February 2015 15:16 UTC

Return-Path: <flefauch@cisco.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEC271A1EB7 for <gen-art@ietfa.amsl.com>; Mon, 16 Feb 2015 07:16:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8wcDE1lq2rLG for <gen-art@ietfa.amsl.com>; Mon, 16 Feb 2015 07:16:17 -0800 (PST)
Received: from alln-iport-3.cisco.com (alln-iport-3.cisco.com [173.37.142.90]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A61741A1BD1 for <gen-art@ietf.org>; Mon, 16 Feb 2015 07:16:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5840; q=dns/txt; s=iport; t=1424099777; x=1425309377; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=wdWvsZZal8jBaIdxL93ZuYzOILjU6sm15ck7+IakJ8E=; b=WkId2B6Jtk0eHdTJR6nMuCuaXFmkudpj81csXQnNVE1jjNS2VNklLZev jQJomY6CRIXhOOHArTU1GOnL5WZAThmE83V6yRkcAesaTavk/pNpCmBMP zOayveQ0jM/DEa3zTLQqYb3V3ihKJ9kDq/9kfDpKMIii4bGOuRYtboP+i Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AdBgDVCOJU/5xdJa1cgwZSWgTAD4IqhXECgRRDAQEBAQEBfIQMAQEBAwE6PwULAgEIFAQeECERJQIEDgWIGQMJCA3HSw2FRgEBAQEBAQEBAQEBAQEBAQEBAQEBAReLDIJDgXczB4MWgRQFjziDV4QagUaBGDiCVYhkhgQiggIBG4FQbwGBQ38BAQE
X-IronPort-AV: E=Sophos;i="5.09,588,1418083200"; d="scan'208";a="124002728"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by alln-iport-3.cisco.com with ESMTP; 16 Feb 2015 15:16:15 +0000
Received: from xhc-aln-x10.cisco.com (xhc-aln-x10.cisco.com [173.36.12.84]) by rcdn-core-5.cisco.com (8.14.5/8.14.5) with ESMTP id t1GFGF3v015300 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 16 Feb 2015 15:16:15 GMT
Received: from xmb-rcd-x10.cisco.com ([169.254.15.156]) by xhc-aln-x10.cisco.com ([173.36.12.84]) with mapi id 14.03.0195.001; Mon, 16 Feb 2015 09:16:15 -0600
From: "Francois Le Faucheur (flefauch)" <flefauch@cisco.com>
To: Martin Thomson <martin.thomson@gmail.com>
Thread-Topic: genART review of draft-ietf-cdni-logging-15
Thread-Index: AQHQRl+q01aJV4JQYUmPUiJbO0c5jZzsnR6AgAcxuQA=
Date: Mon, 16 Feb 2015 15:16:15 +0000
Message-ID: <598E015C-8A02-46A6-B065-F676FE81A331@cisco.com>
References: <CABkgnnU95w0SzS+PVZL0Lh0bCjfKr7DwYp0xajJ8-WBKnmao6w@mail.gmail.com> <CABkgnnXB73bvJ5KauMwveCNxcVof=r+ydEPZpDLCviob788exw@mail.gmail.com>
In-Reply-To: <CABkgnnXB73bvJ5KauMwveCNxcVof=r+ydEPZpDLCviob788exw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.55.161.200]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <0454B1286F163C4295A360F618DD1429@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/AKOZ4IUWpNILdiUosu7dBg7Mwxc>
Cc: "Francois Le Faucheur (flefauch)" <flefauch@cisco.com>, "gen-art@ietf.org" <gen-art@ietf.org>, "draft-ietf-cdni-logging.all@tools.ietf.org" <draft-ietf-cdni-logging.all@tools.ietf.org>
Subject: Re: [Gen-art] genART review of draft-ietf-cdni-logging-15
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Feb 2015 15:16:26 -0000

Hi,

Thank you Martin. 
We are working on this.

Francois

> On 12 Feb 2015, at 02:24, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
> And because I hit send too soon, here's more...
> 
> I think that this is ready.  I have a couple of major concerns:
> 
> Major General 1.
> 
> However, I would like to see more consideration given to forward
> compatibility.  There are a lot of normative statements regarding what
> MUST be included in the file, but no actions described for a receiver.
> That means that it is hard to establish expectations regarding file
> format evolution.  If the file is rejected when the version isn't
> "CDNI/1.0", then that makes changes to that field impossible (and the
> specification of ABNF for it somewhat pointless).
> 
> Major Specific 2.
> 
>   An implementation of the CDNI Logging interface MUST support the
>   TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 cipher suite ( [RFC5288]).
> 
> Please don't do that.  There are mandatory to implement cipher suites
> in all the specs you cite and you don't need anything special here.  I
> have no problem with recommending PFS suites, but you might be better
> served there by citing the uta TLS usage draft:
> https://tools.ietf.org/html/draft-ietf-uta-tls-bcp
> 
> S 3.4.1
>   o  cs(<HTTP-header-name>):
> HTTP header fields, esp. in HTTP/2 can contain HTAB, even if that
> isn't permitted by the grammar.  You probably want to describe how
> that is handled.
> 
> Bottom of P33 (won't adding the established-origin directive
> invalidate the MD5?  What do you expect to happen there?  (I see two
> choices, it would help if you could even *hint* at what you would
> prefer implementations to do).
> 
> Nit: HTTP/2 not HTTP/2.0
> 
> Question: There is no mention made of range requests, for which this
> might be well suited, particularly if files get large.
> 
> I note the privacy considerations are pretty reasonable.  I'd be much
> happier if IP anonymization were not optional though.
> 
> 
> 
> On 12 February 2015 at 12:02, Martin Thomson <martin.thomson@gmail.com> wrote:
>> I am the assigned Gen-ART reviewer for this draft. For background on
>> Gen-ART, please see the FAQ at
>> 
>> <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
>> 
>> Please resolve these comments along with any other Last Call comments
>> you may receive.
>> 
>> Document: draft-ietf-cdni-logging-15
>> Reviewer: Martin Thomson
>> Review Date: 2015-02-12
>> IETF LC End Date: 2015-02-18
>> IESG Telechat date: (if known)
>> 
>> Summary:
>> 
>> Major issues:
>> 
>> Minor issues:
>> 
>> S3.1 needs to define the basic atom that is used for the logging file.
>> It appears as though the atom is an octet.
>> 
>> S3.2 uses the wildcard ABNF rule (i.e., <text....>) too aggressively.
>> RECLINE (a potentially confusing name) could be more strictly defined.
>> 
>>    <CDNI Logging File> = 1*<DIRGROUP RECGROUP>
>> 
>> ... is not valid and could be:
>> 
>>    CDNI-LOG-FILE = 1*(DIRGROUP / RECGROUP)
>> 
>> That implies that an empty file is not valid.  I'd have thought that *
>> rather than 1* would be better.
>> 
>> S3.3 again uses wildcard rules too aggressively.  DIRNAME (not the
>> unix command) should be defined more explicitly, even if it is just to
>> specify what characters are allowed.  Use text to further constrain
>> it.  As it stands, a generic processor cannot know that the name
>> doesn't permit the inclusion of (for instance) ":" or CRLF.  A common
>> method is to define something like this as:
>> 
>>    DIRNAME = Version-directive / UUID-directive / ... / extension-directive
>> 
>> More commonly, go up a level and define directive using the choice.
>> That way, each directive can define a name and value together using
>> ABNF.  e.g.
>> 
>>    Version-directive = "Version" ":" HTAB "CDNI" "/" 1*DIGIT "." 1*DIGIT
>> 
>> I wouldn't be so prescriptive about the version format.  Unless there
>> are specific semantics you want to extract from each digit.
>> 
>> What is a receiver expected to do if the version *isn't* CDNI/1.0 ?
>> Discard the entire file?  That doesn't seem like a good way to ensure
>> forward compatibility.
>> 
>> UUID: this a Universally Unique IDentifier (UUID)
>>         from the UUID Uniform Resource Name (URN) namespace specified
>>         in [RFC4122]) for the CDNI Logging File.
>> 
>> I don't know how to apply this.  Is it the UUID portion of the URN or a URN?
>> 
>> Please don't use MUST here: If the
>>         two values are equal, then the received CDNI Logging File MUST
>>         be considered non-corrupted.
>> 
>> MD5 collisions are easy to manufacture.  I'd also drop the MUST from
>> the following sentence.
>> 
>> S3.4: more wildcards
>> 
>> S3.4.1: I wouldn't worry about HTTP/2 being special here.  All that
>> speculation is painful, especially since HTTP/2 will likely be
>> published before this document.  Better to just cite it and avoid
>> getting caught up in the details.
>> 
>> 
>> 
>> 
>> Nits/editorial comments:
>> 
>> There are lots of uses of lowercase "may".
>> 
>> Page 6 has a few instances of missing hyphens in dCDN3/dCDN2 etc...
>> S6.2.1: chunck
>> 
>> S3.1 the DATE/TIME rules can/should reference RFC 3339
>> 
>> S3.3 using ":" HTAB as a separator makes it hard to construct these
>> files manually.
>> 
>> S3.4 use of "c:" in combination with the unordered list is confusing
>> when the prefix is actually "c-".  Maybe use the string "c-" quotes
>> and all to denote the prefix.
>> 
>> S3.4.1 citing RFC 7230 is sufficient for HTTP/1.1; and probably for
>> HTTP in general at this moment.

v2.30.2 | Report a Bug | By Email | System Status