[Gen-art] Review of draft-ietf-rserpool-*
Harald Tveit Alvestrand <harald@alvestrand.no> Tue, 27 September 2005 11:45 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EKDuG-0000aN-6M; Tue, 27 Sep 2005 07:45:56 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EKDuE-0000aD-Ug for gen-art@megatron.ietf.org; Tue, 27 Sep 2005 07:45:54 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA01432 for <gen-art@ietf.org>; Tue, 27 Sep 2005 07:45:54 -0400 (EDT)
Received: from eikenes.alvestrand.no ([158.38.152.233]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EKE1S-0002Mc-30 for gen-art@ietf.org; Tue, 27 Sep 2005 07:53:24 -0400
Received: from localhost (eikenes.alvestrand.no [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 597BE258067; Tue, 27 Sep 2005 13:45:18 +0200 (CEST)
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 22784-10; Tue, 27 Sep 2005 13:45:14 +0200 (CEST)
Received: from halvestr-w2k02.emea.cisco.com (eikenes.alvestrand.no [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 43DC825807F; Tue, 27 Sep 2005 13:45:09 +0200 (CEST)
Date: Tue, 27 Sep 2005 13:45:07 +0200
From: Harald Tveit Alvestrand <harald@alvestrand.no>
To: gen-art@ietf.org
Message-ID: <E5F6AB702353C7016356251B@B50854F0A9192E8EC6CDA126>
X-Mailer: Mulberry/4.0.3 (Win32)
MIME-Version: 1.0
X-Virus-Scanned: by amavisd-new at alvestrand.no
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 5011df3e2a27abcc044eaa15befcaa87
Cc: "Peterson, Jon" <jon.peterson@neustar.biz>
Subject: [Gen-art] Review of draft-ietf-rserpool-*
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1737007045=="
Sender: gen-art-bounces@ietf.org
Errors-To: gen-art-bounces@ietf.org
Cover note (not part of the review):
I have not reviewed these documents for detailed nits; I do not consider
that a good use of my time.
Neither did I forward this to the WG chairs directly, since I regard it as
the AD's business to deal with the problem - if the IESG decides that these
documents are better published anyway, disregarding my advice, it's better
if this review is published quietly.
This is the most negative review I've done so far. Sorry, John.
-----------------------------------------------------------
Document: draft-ietf-rserpool-arch-10
draft-ietf-rserpool-comp-10
draft-ietf-rserpool-threats-05
Reviewer: Harald Alvestrand
Summary: Should be killed, not improved.
These documents are, in my opinion, fundamentally flawed, and should not
just be DISCUSSed, they should be rejected, and the WG shut down.
The flaws include:
- No security architecture
- No identity architecture to base security on
- No client-locates-server architecture
- No monitoring architecture
- No transaction support architecture
Specific questions that are not answered by the architecture:
- How do the front-end servers get to agreement on which processing servers
to put load onto? Is there feedback from the servers to the front-ends,
apart from "up/down" indications?
- How do they handle state?
- Does the model support transactions? Any other integrity model?
- Are sessions sticky by default - so that second requests from the same
client are *normally* sent to the same server, or does load-balancing
happen per-request?
- Is the session mode from the users to the frontends the same as from the
frontends to the servers? Always? Some of the time?
- What is the model for identity exchange between the servers, between the
front-ends and between servers and front-ends? Do the users engage in any
kind of identity exchange with the servers at all, or do they just deal
with an "anonymous blob"?
- What is the model for a front-end going down, as seen from the users? How
do they figure out which front-end to switch to?
Formalisms that should IMHO prevent publication:
- The -arch draft is normatively dependent on the ENRP and ASAP protocols.
In fact, I'd claim that the architecture alone is incomprehensible; you
need the details of the protocols.
Omitting them from the references list is a fatal error.
- The -comp document is trying to answer the question of "why can't you
just use protocol X". As such, it's a shooting gallery for alternative
candidates. It does not answer the question of "in which cases do you need
rserpool".
Again, this has a normative dependency on the protocols.
- The -threat document is simply very badly done.
But again, it can't even be evaluated without the protocols, including the
parts of the protocols (like identity handling) that aren't specified in
the current protocol documents.
So this too is normatively dependent on the protocols.
Formalist advice: Send them back to the working group and ask for them to
be re-forwarded when the protocols are ready.
Operational advice: Disband the working group, and tell them to ask for
publication of the protocols as Experimental.
_______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Review of draft-ietf-rserpool-* Harald Tveit Alvestrand
- RE: [Gen-art] Review of draft-ietf-rserpool-* john.loughney