Re: [Gen-art] Gen-ART LC review of draft-ietf-rtcweb-use-cases-and-requirements-14.txt
Christer Holmberg <christer.holmberg@ericsson.com> Tue, 29 April 2014 11:21 UTC
Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA1C81A0840 for <gen-art@ietfa.amsl.com>; Tue, 29 Apr 2014 04:21:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Or5Bog-ysjka for <gen-art@ietfa.amsl.com>; Tue, 29 Apr 2014 04:21:24 -0700 (PDT)
Received: from sessmg23.ericsson.net (sessmg23.ericsson.net [193.180.251.45]) by ietfa.amsl.com (Postfix) with ESMTP id 031E51A083B for <gen-art@ietf.org>; Tue, 29 Apr 2014 04:21:23 -0700 (PDT)
X-AuditID: c1b4fb2d-f79036d00000126a-f7-535f8b32c825
Received: from ESESSHC024.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg23.ericsson.net (Symantec Mail Security) with SMTP id 80.C5.04714.23B8F535; Tue, 29 Apr 2014 13:21:22 +0200 (CEST)
Received: from ESESSMB209.ericsson.se ([169.254.9.191]) by ESESSHC024.ericsson.se ([153.88.183.90]) with mapi id 14.03.0174.001; Tue, 29 Apr 2014 13:21:21 +0200
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, "draft-ietf-rtcweb-use-cases-and-requirements.all@tools.ietf.org" <draft-ietf-rtcweb-use-cases-and-requirements.all@tools.ietf.org>, General Area Review Team <gen-art@ietf.org>
Thread-Topic: [Gen-art] Gen-ART LC review of draft-ietf-rtcweb-use-cases-and-requirements-14.txt
Thread-Index: AQHPXOo38K7t40wgw0yOyZFPjpPV/5sogD1A
Date: Tue, 29 Apr 2014 11:21:21 +0000
Message-ID: <7594FB04B1934943A5C02806D1A2204B1D2E3D66@ESESSMB209.ericsson.se>
References: <53544DF8.2010301@gmail.com>
In-Reply-To: <53544DF8.2010301@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [153.88.183.147]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrJLMWRmVeSWpSXmKPExsUyM+Jvja5Rd3ywwZ710hZtF/cxWSy6PZ3Z 4uqrzywOzB47Z91l91iy5CeTx5fLn9kCmKO4bFJSczLLUov07RK4Mr7tPMNecN+u4tnRTsYG xpWGXYycHBICJhLt504xQ9hiEhfurWfrYuTiEBI4yihxYssjJpCEkMASRomO36pdjBwcbAIW Et3/tEHCIgJvGSXmHDYAsYUFEiV2Hn7MBhFPkpi9YSIjhG0kMefSSlYQm0VAVeJt/zOwOK+A r0Tb9y42iPEaEg3fnoDVcApoStxrPg92DyPQPd9PrQE7gVlAXOLWk/lMEHcKSCzZcx7qZlGJ l4//sYKcJiGgJDFtaxpEuY7Egt2f2CBsbYllC18zQ6wVlDg58wnLBEbRWUimzkLSMgtJyywk LQsYWVYxihanFhfnphsZ66UWZSYXF+fn6eWllmxiBMbNwS2/dXcwrn7teIhRgINRiYe3+Etk sBBrYllxZe4hRmkOFiVx3ra73sFCAumJJanZqakFqUXxRaU5qcWHGJk4OKUaGF1cJOcphp2c 8PjfefkZtt1e1k8idYrv7EienOCcXb/CSiklskkm5sGnwG/+htzVxZ6CPfuSmx5v2qOe1HfL fnqy0SHh4J83VFVW8R2Wyv5kUrmR6cbkKzYvz62NlTC88NnnaK92i/SbEM43QvUJ2be96hsj Zq457bHKnvfmicXrH89+fWrhPiWW4oxEQy3mouJEAM+cvOR8AgAA
Archived-At: http://mailarchive.ietf.org/arch/msg/gen-art/QX-p5a3njT3HMLyaUAlwdsdc8qY
Subject: Re: [Gen-art] Gen-ART LC review of draft-ietf-rtcweb-use-cases-and-requirements-14.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2014 11:21:27 -0000
Hi Brian, Thanks for your comments! As we've had Easter vacation, and 1st May vacation is coming up, we won't be able to address your comments until next week. Just to let you know :) Regards, Christer -----Original Message----- From: Gen-art [mailto:gen-art-bounces@ietf.org] On Behalf Of Brian E Carpenter Sent: 21. huhtikuuta 2014 1:45 To: draft-ietf-rtcweb-use-cases-and-requirements.all@tools.ietf.org; General Area Review Team Subject: [Gen-art] Gen-ART LC review of draft-ietf-rtcweb-use-cases-and-requirements-14.txt I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. Document: draft-ietf-rtcweb-use-cases-and-requirements-14.txt Reviewer: Brian Carpenter Review Date: 2014-04-21 IETF LC End Date: 2014-04-25 IESG Telechat date: Summary: In good shape but still needs work. -------- Comment: -------- In case there are W3C people reading this review, let me clarify that Gen-ART reviews are by generalists who are often encountering a topic for the first time. I haven't classified the issues into "major" and "minor" but some of them really do need attention before the document advances. There are also some nits noted at the end. Issues: ------- > The following considerations are applicable to all use cases: > > o Clients can be on IPv4-only > > o Clients can be on IPv6-only > > o Clients can be on dual-stack It isn't clear whether this is intended to include the case where an IPv4-only client communicates with an IPv6-only node (or vice versa). It also isn't clear about cases in which a mobile client's connectivity changes dynamically during a session (e.g. from IPv4 to IPv6). This is partly clarified later by F17, but only partly. > o Clients can be on networks with a NAT using any type of Mapping > and Filtering behaviors (as described in RFC4787). That document is scoped for UDP only. Is that sufficient? As I understand the RTCWEB transport drafts, it is aiming at connection-oriented transport. (How many NATs support SCTP, for example?) > 3.2. Common requirements > > The requirements retrived from the Simple Video Communication Service > use-case (Section 3.3.1) by default apply to all other use-cases, and > are considred common. For each individual use-case, only the > additional requirements are listed. In fact you duplicate the additional requirements in each use case where they occur. That seems like overkill. Also there's at least one mix-up as a result, noted below. > 3.3.1.2. Common Requirements ... > F3 Transmitted streams and data must be rate > controlled (meaning that the browser must, regardless > of application behavior, reduce send rate when > there is congestion). I think that needs to be broken into two more atomic requirements. Something like F3.1 There must be a mechanism by which the transport layer can signal the occurrence of congestion to the browser. F3.2 Transmitted streams and data must be rate controlled (meaning that the browser must, regardless of application behavior, reduce send rate while there is congestion). The change from "when" to "while" is intentional, since the browser should allow the rate to increase when there is no congestion. > F11 It must be possible to protect streams and data > from wiretapping [RFC2804]. I don't see the relevance of the reference (of which I am a co-author), which mainly states that the IETF won't consider requirements *for* wiretapping. I'm sure you can find a reference that says encryption is a Good Thing. > F14 The browser must make it possible to set up a > call between two parties without one party > learning the other party's host IP address. It is not clear how to interpret that. I assume it's supposed to be a restatement of the earlier comment: > The application gives the users the opportunity to stop it from > exposing the host IP address to the application of the other user. But -- assuming the implementation model is peer-to-peer communication between the two hosts, rather than client1-server-client2 communication -- I'm afraid I don't see how F14 can be guaranteed, since the peers must be aware of each others' IP address. Even if the browser and app hide the remote address, a little Wiresharking will reveal it immediately. There's not much point stating a requirement that cannot be met. I realised at this point in the document that you need to be very explicit about whether communication is indeed intended to be peer-to-peer or via the server. And assuming it is meant to be peer-to-peer, what is the model for the rendez-vous between the peers? What requirements do you need to solve the resulting referral problem? (http://tools.ietf.org/html/draft-carpenter-referral-ps-02) This topic belongs in the Common Requirements. > 3.3.7.1. Description ... > The user in the previous use case that starts a trip is behind a > common residential router that supports prioritization of traffic. Please talk about differentiated services (RFC 2474 etc.). IP doesn't have simple priority. That's exactly why the DART WG was just formed. > 3.3.7.2. Additional Requirements > > ---------------------------------------------------------------- > REQ-ID DESCRIPTION > ---------------------------------------------------------------- > F17 The communication session must survive across a > change of the network interface used by the > session > ---------------------------------------------------------------- > F22 The browser must be able to receive streams and > data from multiple peers concurrently. > ---------------------------------------------------------------- This seems completely messed up. The reader expects requirements for QoS at this point. Isn't this "F22" really F24? > 3.3.10.2. Additional Requirements > > ---------------------------------------------------------------- > REQ-ID DESCRIPTION > ---------------------------------------------------------------- > F22 The browser should be able to take advantage > of available capabilities (supplied by network > nodes) to prioritize voice, video and data > appropriately. Again, please cite differentiated services rather than prioritization. Also, you now have two different F22s. This one seems to fit 3.3.7.2 better. Below, you also have two F25s. And other duplicates. Wasn't the idea just to add *new* requirements when they arose? As F22 shows, the duplication is error-prone. > 6. Security Considerations I am really surprised that there isn't a sub-section on Privacy Considerations. RFC 6973 describes the various types of threat and they seem specially relevant here. Nits: ----- > 2. Conventions > > The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", > "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this > document are to be interpreted as described in BCP 14, RFC 2119 > [RFC2119]. The change log says you removed this. Also there is no change log since version 10. RFC 4787 is mentioned but not listed as an Informative Reference. > A17, A23 > A13, A14, A15, A16 What are these lines that occur in a few places? RFC 2804 and RFC 5479 are Informational documents so cannot reasonably be Normative References. _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART LC review of draft-ietf-rtcweb-… Brian E Carpenter
- Re: [Gen-art] Gen-ART LC review of draft-ietf-rtc… Christer Holmberg
- Re: [Gen-art] Gen-ART LC review of draft-ietf-rtc… Christer Holmberg
- Re: [Gen-art] Gen-ART LC review of draft-ietf-rtc… Brian E Carpenter