Re: [Gen-art] Re: Gen-ART review of draft-ietf-sip-consent-framework-03
Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com> Thu, 31 January 2008 18:54 UTC
Return-path: <gen-art-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JKeYM-0007s5-FL; Thu, 31 Jan 2008 13:54:26 -0500
Received: from gen-art by megatron.ietf.org with local (Exim 4.43) id 1JKeYM-0007rq-2e for gen-art-confirm+ok@megatron.ietf.org; Thu, 31 Jan 2008 13:54:26 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JKeYL-0007rb-Lj for gen-art@ietf.org; Thu, 31 Jan 2008 13:54:25 -0500
Received: from mailgw4.ericsson.se ([193.180.251.62]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1JKeYK-0005St-4K for gen-art@ietf.org; Thu, 31 Jan 2008 13:54:25 -0500
Received: from mailgw4.ericsson.se (unknown [127.0.0.1]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id 810702142B; Thu, 31 Jan 2008 19:54:23 +0100 (CET)
X-AuditID: c1b4fb3e-abdeabb0000007e1-b1-47a2195f189a
Received: from esealmw129.eemea.ericsson.se (unknown [153.88.254.124]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id 5A3FA21409; Thu, 31 Jan 2008 19:54:23 +0100 (CET)
Received: from esealmw127.eemea.ericsson.se ([153.88.254.171]) by esealmw129.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Thu, 31 Jan 2008 19:54:23 +0100
Received: from [131.160.126.8] ([131.160.126.8]) by esealmw127.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Thu, 31 Jan 2008 19:54:22 +0100
Message-ID: <47A2195E.3080403@ericsson.com>
Date: Thu, 31 Jan 2008 20:54:22 +0200
From: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
User-Agent: Thunderbird 2.0.0.9 (Windows/20071031)
MIME-Version: 1.0
To: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
Subject: Re: [Gen-art] Re: Gen-ART review of draft-ietf-sip-consent-framework-03
References: <4769849E.1080509@alcatel-lucent.com> <4796302F.7080206@ericsson.com>
In-Reply-To: <4796302F.7080206@ericsson.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 31 Jan 2008 18:54:22.0635 (UTC) FILETIME=[B15927B0:01C8643A]
X-Brightmail-Tracker: AAAAAA==
X-Spam-Score: 0.0 (/)
X-Scan-Signature: be922d419820e291bde1362184dc32fd
Cc: Cullen Jennings <fluffy@cisco.com>, Jonathan Rosenberg <jdrosen@cisco.com>, Jon Peterson <jon.peterson@neustar.biz>, General Area Review Team <gen-art@ietf.org>, "Drage, Keith (Keith)" <drage@alcatel-lucent.com>, Dean Willis <dean.willis@softarmor.com>
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org
Hi Vijay, FYI: I have just submitted a new revision of the draft addressing your comments per my previous email (below). http://www.ietf.org/internet-drafts/draft-ietf-sip-consent-framework-04.txt Thanks, Gonzalo Gonzalo Camarillo wrote: > Hi Vijay, > > thanks for the comments. Answers inline: > > Vijay K. Gurbani wrote: >> I have been selected as the General Area Review Team (Gen-ART) >> reviewer for this draft (for background on Gen-ART, please see >> http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). >> >> Please wait for direction from your document shepherd >> or AD before posting a new version of the draft. >> >> Document: draft-ietf-sip-consent-framework-03 >> Reviewer: Vijay K. Gurbani >> Review Date: 19 Dec 2007 >> IESG Telechat date: 20 Dec 2007 >> >> Summary: This draft is basically ready for publication, but has nits >> that should be fixed before publication. >> >> Substantive comments are first, followed by nits. >> >> - Abstract and S1: The text says that SIP supports communications across >> many "media types, including real-time audio, video, text, instant >> messaging, and presence." However, real-time audio, video, text, >> IM&P are not "media types" as much as they are models of services >> (as defined in rfc4479.) Consider changing the text in the Abstract >> and S1 as follows: >> >> OLD: >> The Session Initiation Protocol (SIP) supports communications >> across many media types, including real-time audio, video, text, >> instant messaging, and presence. >> >> NEW: >> The Session Initiation Protocol (SIP) supports communications for >> several services, including, real-time audio, video, text, instant >> messaging, and presence. >> >> I am aware of all the gyrations we have had on the SIMPLE mailing >> list about how to discover services over multiple devices, etc. >> However, I believe that we all do agree that real-time audio, video, >> IM&P, et al. are services. > > Done. > >> >> - S3, last paragraph at the end of Page 5: For the sake of >> completeness, I would suggest the following modification: >> >> OLD: >> Translation operations that result in more than one recipient URI are >> a source of amplification. Servers that do not perform translations, >> such as outbound proxy servers, do not cause amplification. >> >> NEW: >> Translation operations that result in more than one recipient URI are >> a source of amplification. Servers that do not perform translations, >> such as outbound proxy servers, do not cause amplification. On >> the other hand, servers that perform translations (inbound proxies >> authoritatively responsible for a SIP domain, for instance) may >> cause amplification if the user can be reached at multiple endpoints >> (thereby resulting in multiple recipient URIs.) > > Done. > >> >> - S4.1, third paragraph, last sentence: I think you need to be >> careful here because of the normative SHOULD in the preceding >> sentence -- is the example simply drawing a parallel to how a >> registrar works, or are you saying that a relay functionality >> can logically reside at a registrar? When you defined a Relay >> in S2, you did not include a registrar. > > There is a whole section about registrations (S 5.10). Yes, registrars > can perform translations. > >> - S4.2, second paragraph: >> s/If the answer is positive/If a 2xx-class response is issued to >> the MESSAGE request/ > > the answer is not the response to the MESSAGE request. It is the user's > answer (the user clicks on a URI to grant permission or on another to > deny it). > >> - S4.3: The first couple of paragraphs are trying to justify the >> existence of store-and-forward servers. I think the intent may be >> a bit clearer if the first two paragraphs are re-written as follows: >> >> When a MESSAGE request with a permission document arrives to the >> recipient URI to which it was sent by the relay, the receiving user >> can grant or deny the permission needed to perform the translation. >> However, the receiving user may not be available when the >> MESSAGE request arrives, or it may have expressed preferences to >> block all incoming requests for a certain time period. In such >> cases, a store-and-forward server can act as a substitute for >> the user and buffer the incoming requests, which are subsequently >> delivered to the user when he or she is available again. > > Done. > >> - S4.3: Paragraph three states that "There are several mechanisms >> to implement store-and-forward message services..." Is there an >> IETF RFC or I-D that can be referenced here? > > I do not think so. > >> - Figure 4: Should message (3) be shown going from Relay to >> "B@example.com" instead of "B's Store & Fwd server"? The >> accompanying text in S5.3 seems to point this way, as does >> the discussion preceding Figure 4 (see S4.2, second paragraph.) >> >> If message (3) is indeed destined to "B@example.com", then this >> begs the next logical question: What if B is not online? Then >> the message has to bounce and be stored on B's S&F server. You >> discuss this aspect later on in S5.5, but I think it ought to >> be pointed out earlier. > > yes, we can point it out earlier. I have added text to S.5.3 explaining > that B is off-line and that his store-and-forward server takes care of > the MESSAGE request until he returns on-line. > >> - S5.4, first paragraph: >> s/A permission document is the representation (e.g., encoded in >> XML) of a permission./A permission document is an XML-encoded >> representation of a permission that the owner of a URI wants to >> convey to a relay. > > I would prefer to keep this description of a permission document > general. The fact that the only permission document format we have > defined is based on XML does not mean that there could be permission > document formats based on something else in the future. > >> - S5.4, last paragraph: I think this paragraph is confusing. With >> reference to Figure 4, who is the "Sender"? Is it A@example.com? >> But the text right above the paragraph says "Identity of the >> Sender: Any Sender". If so, who is to be authenticated? >> A@example.com or anyone that sends a message to the relay? > > If the permission does not identify a particular sender, there is no > further authentication requirements on the relay beyond what it normally > does. If the permission document identifies a particular sender (e.g., > A@example.com), then the relay needs to make sure that the user sending > the request to be relayed to the user is actually A@example.com. > >> - S5.6, first sentence: maybe it is better to say "A recipient >> gives a relay..." instead of "A client gives a relay..." The >> discussion in S5.4 centered around recipients granting permissions. >> To keep the flow of the document straight, I think it would be >> helpful to be consistent on terminology. > > Agreed. Done. > >> - S5.6: while reading the second paragraph of the section, it seems >> like the recipient echoes the same permission document back to >> the relay. Is this always the case? What if the recipient >> wanted to modify the document and add/remove URIs to grant/deny >> permissions? Or change the identity of the sender? Is that >> possible? If so, it may be worth mentioning there. > > No, the PUBLISH or the HTTP GET have an empty body, as stated in the > last sentence of the previous paragraph. > >> - S5.9: third paragraph begins with stating that "Relays implementing >> this framework and providing this type of ..." Here, what do the >> two instances of "this" refer to: the framework defined in the >> draft-ietf-sip-consent-framework-03 itself, or a different >> framework to handle URI-list services as described in the second >> paragraph, which I believe corresponds to the work in >> draft-ietf-sipping-uri-services-07? > > Changed to: "Relays implementing this consent framework and providing > request-contained URI-list services behave..." > >> >> - Figure 6 is best put at the end of S5.9.1 because that section >> and the preceding section describe the behavior depicted in >> Figure 6. > > I have moved it there. > >> - In Figure 6, it appears as if the INVITE request consists of >> multiple R-URIs (which would be illegal as per the ABNF.) I >> think the intent here is probably to carry the set of URIs >> through the recipient-list disposition type specified in >> draft-ietf-sipping-uri-services-07. If so, maybe making this >> a bit more obvious in the example may not be a bad idea. > > I have added clarifying text. > >> - S5.10, third paragraph: I think the mention of sip-outbound >> muddies up the waters here. Certainly rfc3261 in and of itself >> does not depend on outbound like functionality to be implemented >> between a proxy/registrar and a UA. Why tie outbound to how >> a REGISTER transaction is supposed to work in rfc3261? > > Because we received explicit comments about that. The thing is that, if > you use outbound, you do not need consent. That's why we call it out > explicitly. > >> - S5.10, third and fourth paragraphs: I think you need to make it >> more explicit that when using registrations as a mechanism to >> inject a recipient URI into a relay, the only way to do so is >> through 3rd-party registrations. Thus, we have to ensure that >> 3rd party registrations are valid through the return routability >> gyrations shown in Figure 7 (i.e., sending a MESSAGE to the >> URI in the Contact header of an incoming REGISTER, etc.) If you >> don't make explain the reason for this 3rd-party registration step >> in some detail, the nuances on why this is done is perhaps lost >> on the reader. > > Could you propose text to make it more explicit? I have read so many > times this draft that it looks perfectly explicit to me :o) > >> - S5.10, the paragraph above Figure 7: >> s/at the registrar (4)./at the registrar (5)./ >> > > Done. > >> NITS: >> >> - In Figure 1, I would put vertical ellipses between the two arrows >> labeled "recipient URI". This is to visually denote that there >> are arbitrary many recipient URIs that may result from a >> translation. > > I have added [...] between them. > >> - S4.3: s/from day one./from the outset. > > Done. > >> - S4.4: the opening sentence was a bit hard to parse on a quick >> read. I had to re-read it for the sentence to make sense. I >> would suggest that it be re-written as follows: >> >> Permission documents generated by a relay include URIs that can >> be used by the recipient of the document to grant or deny the >> relay the permission described in the document. > > Changed. > >> - S4.5, last paragraph: s/integrity- protected/integrity-protected/ > > Fixed. > >> - S5.3.1, the MESSAGE request shown as beginning on page 14 appears >> to be indented incorrectly. But this may have been intentional >> so as to pretty-display the permission document... > > yes, it was intentional. If the RFC editor does not like it, they will > change it. > >> - S5.9, third paragraph, second line: >> s/different ways as the relays/different ways from the relays/ > > I have done s/as/than/ > > Thanks a lot for all your comments. I have included them in my working > copy of the draft. I am currently discussing with the IESG how to > resolve the discusses this document got. As soon as I agree with them > how to address their comments, I will revise the draft. > > Cheers, > > Gonzalo > >> >> Thanks, >> >> - vijay > > > > _______________________________________________ > Gen-art mailing list > Gen-art@ietf.org > https://www1.ietf.org/mailman/listinfo/gen-art > _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART review of draft-ietf-sip-consen… Vijay K. Gurbani
- [Gen-art] Re: Gen-ART review of draft-ietf-sip-co… Gonzalo Camarillo
- Re: [Gen-art] Re: Gen-ART review of draft-ietf-si… Gonzalo Camarillo
- Re: [Gen-art] Re: Gen-ART review of draft-ietf-si… Vijay K. Gurbani
- Re: [Gen-art] Gen-ART review of draft-ietf-sip-co… Vijay K. Gurbani
- Re: [Gen-art] Gen-ART review of draft-ietf-sip-co… Gonzalo Camarillo
- Re: [Gen-art] Gen-ART review of draft-ietf-sip-co… Vijay K. Gurbani
- Re: [Gen-art] Gen-ART review of draft-ietf-sip-co… Gonzalo Camarillo