IETF Logo Mail Archive

Re: [Gen-art] [kitten] Genart telechat review of draft-ietf-kitten-rfc5653bis-06

Benjamin Kaduk <kaduk@mit.edu> Thu, 08 February 2018 22:32 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2ACC412711D; Thu, 8 Feb 2018 14:32:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oOJ0DaNNSZle; Thu, 8 Feb 2018 14:32:49 -0800 (PST)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0251612785F; Thu, 8 Feb 2018 14:32:48 -0800 (PST)
X-AuditID: 1209190f-45fff70000000cb0-19-5a7cd00fce60
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id CB.AE.03248.F00DC7A5; Thu, 8 Feb 2018 17:32:47 -0500 (EST)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id w18MWjWW008667; Thu, 8 Feb 2018 17:32:46 -0500
Received: from mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w18MWeWD020773 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 8 Feb 2018 17:32:43 -0500
Date: Thu, 08 Feb 2018 16:32:40 -0600
From: Benjamin Kaduk <kaduk@mit.edu>
To: Weijun Wang <weijun.wang@oracle.com>
Cc: Greg Hudson <ghudson@mit.edu>, draft-ietf-kitten-rfc5653bis.all@ietf.org, kitten <kitten@ietf.org>, gen-art <gen-art@ietf.org>, "Joel M. Halpern" <jmh@joelhalpern.com>, Alissa Cooper <alissa@cooperw.in>
Message-ID: <20180208223240.GK12363@mit.edu>
References: <19F5D23D-3677-41C6-B504-454C7595FF1F@cooperw.in> <D6DB69A6-5768-4536-89AA-40E0A905DF95@oracle.com> <366697b8-2a0c-243b-b153-ee8eb4358580@mit.edu> <8F5B79CD-B928-4B8E-97FA-D946784228B7@oracle.com> <505EACB9-D92E-4DE9-9ECC-DF931C1B924D@oracle.com> <20180207173534.GX12363@mit.edu> <20180207213248.GB12363@mit.edu> <0c34b6ba-cd35-aca5-e9d1-e15e0812413d@mit.edu> <20180207225756.GC12363@mit.edu> <933B4F63-BBDD-450D-A17A-3972F53B3EE4@oracle.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <933B4F63-BBDD-450D-A17A-3972F53B3EE4@oracle.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprOKsWRmVeSWpSXmKPExsUixCmqrct/oSbK4MxbG4vpZ/4yWiw6uo/Z 4uqrzywWH0+9YbI4unkVi8XXpRuYHdg8vjx5yeSxZMlPJo9zU74zenx8eoslgCWKyyYlNSez LLVI3y6BK2P/np9sBZ8VKhpnPWRqYJwp0cXIySEhYCLxqGM+YxcjF4eQwGImiY379kM5Gxgl jvSsYYVwzjBJHPr0gR2khUVARWJ39xdGEJsNyG7ovswMYosIaEg0PGhiBmlgFnjJKNH+6gtY QlggWqJt4TU2EJtXQEficdNCdoipN5glDu54zgyREJQ4OfMJC4jNLKAlcePfS6YuRg4gW1pi +T8OkDCngJ3E6YUtYHNEBZQl9vYdYp/AKDALSfcsJN2zELoXMDKvYpRNya3SzU3MzClOTdYt Tk7My0st0jXRy80s0UtNKd3ECA5zSf4djHMavA8xCnAwKvHwToipiRJiTSwrrsw9xCjJwaQk yru5FyjEl5SfUpmRWJwRX1Sak1p8iFGCg1lJhFe3GSjHm5JYWZValA+TkuZgURLndTfRjhIS SE8sSc1OTS1ILYLJynBwKEnwrj4H1ChYlJqeWpGWmVOCkGbi4AQZzgM0fAJIDW9xQWJucWY6 RP4Uoy7HjRev25iFWPLy81KlxHnXgxQJgBRllObBzQGlJ4ns/TWvGMWB3hLmnQVSxQNMbXCT XgEtYQJaciOoEmRJSSJCSqqBUeZK3T+JlJy8+4uEL39NF73B+X/rrRlfG44VHg8+eXxipL+9 7+TVbjtFJ54vCp96ykg78tiV29qKfPweM0NDMzZ9D857NvO13WbvGye7xD7dcV9u+//ozuy5 4u/ey8Ys2Gp6x2bJ3RlHb+7f/2bDps/9K1zqfi5S6rr+f/qS6b3cetHs7gefeBUpsRRnJBpq MRcVJwIAMYe8lCoDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/BhIyq8NtpUrAO48NuDX-WC-ZBik>
Subject: Re: [Gen-art] [kitten] Genart telechat review of draft-ietf-kitten-rfc5653bis-06
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Feb 2018 22:32:52 -0000

On Thu, Feb 08, 2018 at 11:36:23AM +0800, Weijun Wang wrote:
> Thanks a lot. I finally make 3 s/not/NOT/ and 2 s/MAY/may/.

Great!

I think that once you submit the new revision, it's up to Ekr to
verify that the diff addresses the point raised by Alissa/Joel and
then inform the secretariat that the document is approved.

Thanks again,

Ben

> 
> @@ -410,7 +410,7 @@
>        of sequence.
>  
>        Anonymous Authentication: The establishment of the security
> -      context SHOULD not reveal the initiator's identity to the context
> +      context SHOULD NOT reveal the initiator's identity to the context
>        acceptor.
>  
>     Some mechanisms may not support all OPTIONAL services, and some
> @@ -2665,7 +2665,7 @@
>     ability may depend on the availability of system resources at the
>     time that wrap is called.  However, if the implementation itself
>     imposes an upper limit on the length of messages that may be
> -   processed by wrap, the implementation SHOULD not return a value that
> +   processed by wrap, the implementation SHOULD NOT return a value that
>     is greater than this length.
>  
>     Parameters:
> @@ -2855,7 +2855,7 @@
>     The implementation MAY constrain the set of processes by which the
>     inter-process token may be imported, either as a function of local
>     security policy, or as a result of implementation decisions.  For
> -   example, some implementations MAY constrain contexts to be passed
> +   example, some implementations may constrain contexts to be passed
>     only between processes that run under the same account, or which are
>     part of the same process group.
>  
> @@ -3046,7 +3046,7 @@
>     public boolean isProtReady()
>  
>     Returns "true" if the per-message operations can be applied over the
> -   context.  Some mechanisms MAY allow the usage of per-message
> +   context.  Some mechanisms may allow the usage of per-message
>     operations before the context is fully established.  This will also
>     indicate that the get methods will return actual context state
>     characteristics instead of the desired ones.
> @@ -3713,7 +3713,7 @@
>  
>     outputToken         The output token that SHOULD be sent to the peer.
>                         Can be null if no such token is available.  It
> -                       MUST not be an empty array.  When provided, the
> +                       MUST NOT be an empty array.  When provided, the
>                         array will be cloned to protect against
>                         subsequent modifications.
> 
> Thanks
> Weijun
> 
> > On Feb 8, 2018, at 6:57 AM, Benjamin Kaduk <kaduk@mit.edu> wrote:
> > 
> > On Wed, Feb 07, 2018 at 05:43:58PM -0500, Greg Hudson wrote:
> >> On 02/07/2018 04:32 PM, Benjamin Kaduk wrote:> Line 2519, I think should
> > [line 2519]
> >> --> SHOULD, since elsewhere we use SHOULD
> >>> for sending the error token to the peer.
> >> 
> >> No opinion.  You could make a case for "that should be sent" being
> >> either descriptive on the token or prescriptive on the application.
> > 
> > Re-reading, I agree with you and retract the suggestion.
> > 
> >>> Line 2561, I could go either way on "may" vs. "MAY" -- the argument
> >>> for the former would be that it's just stating an attribute of the
> >>> operation, and this text is describing something specified elsewhere
> >>> and not introducing any restrictions or giving guidance on it.
> >>> Similarly for acceptSecContext on line 2597.
> >> 
> >> I think that's a MAY.  It seems prescriptive on the method implementation.
> > 
> > Okay.
> > 
> >>> Line 2668, SHOULD not --> SHOULD NOT
> >> 
> >> Agree.
> >> 
> >>> Line 2858, MAY --> may, since this is just describing what some
> >>> implementations could be doing and not exactly granting permission
> >>> for it.
> >> 
> >> Sure, and it's an example.
> >> 
> >>> I guess for consistency I should say the same thing about line 3049.
> >> 
> >> I guess "may" here, but no strong opinion.
> >> 
> >>> Line 3716, MUST not --> MUST NOT
> >> 
> >> Agree.
> > 
> > Thanks for double-checking my work.
> > 
> > -Ben
>

v2.23.0 | Report a Bug | By Email