IETF Logo Mail Archive

[Gen-art] RE: Gen-ART review of Widex Requirements Draft

Black_David@emc.com Wed, 24 January 2007 02:03 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H9XU0-0002vw-Dj; Tue, 23 Jan 2007 21:03:28 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H9XTy-0002vg-BT for gen-art@ietf.org; Tue, 23 Jan 2007 21:03:26 -0500
Received: from mexforward.lss.emc.com ([128.222.32.20]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1H9XTv-0001VV-RS for gen-art@ietf.org; Tue, 23 Jan 2007 21:03:26 -0500
Received: from mailhub.lss.emc.com (nirah.lss.emc.com [10.254.144.13]) by mexforward.lss.emc.com (Switch-3.1.7/Switch-3.1.7) with ESMTP id l0O23Ixh005268; Tue, 23 Jan 2007 21:03:18 -0500 (EST)
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.64.53]) by mailhub.lss.emc.com (Switch-3.1.8/Switch-3.1.7) with ESMTP id l0O230XR010838; Tue, 23 Jan 2007 21:03:08 -0500 (EST)
From: Black_David@emc.com
Received: from CORPUSMX20A.corp.emc.com ([128.221.62.13]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 23 Jan 2007 21:02:19 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 23 Jan 2007 21:02:18 -0500
Message-ID: <F222151D3323874393F83102D614E055068B8BD7@CORPUSMX20A.corp.emc.com>
In-Reply-To: <F222151D3323874393F83102D614E055068B8A63@CORPUSMX20A.corp.emc.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Gen-ART review of Widex Requirements Draft
Thread-Index: AccjxLYxEqU5U+tcRhq7wlW7Mu+5swblqInw
References: <F222151D3323874393F83102D614E055068B8A63@CORPUSMX20A.corp.emc.com>
To: Black_David@emc.com, gen-art@ietf.org, vlad.stibu@nokia.com, dsr@w3.org
X-OriginalArrivalTime: 24 Jan 2007 02:02:19.0584 (UTC) FILETIME=[ADEBE400:01C73F5B]
X-PMX-Version: 4.7.1.128075, Antispam-Engine: 2.5.0.283055, Antispam-Data: 2007.1.23.173933
X-PerlMx-Spam: Gauge=, SPAM=0%, Reason='EMC_BODY_1+ -3, EMC_FROM_0+ -2, NO_REAL_NAME 0, __C230066_P5 0, __CP_NOT_1 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CTYPE_CHARSET_QUOTED 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __PHISH_PHRASE3 0, __SANE_MSGID 0'
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 37af5f8fbf6f013c5b771388e24b09e7
Cc: lisa@osafoundation.org, dean.willis@softarmor.com
Subject: [Gen-art] RE: Gen-ART review of Widex Requirements Draft
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org

The -04 version of the Widex Requirements draft has addressed
all of the comments in my Gen-ART review, and hence is ready for
publication as an Informational RFC.

Many thanks to the authors,
--David
p.s. My spell checker wants to render Widex as Windex - I
	suspect there's a horrible UI joke hiding in there ...
----------------------------------------------------
David L. Black, Senior Technologist
EMC Corporation, 176 South St., Hopkinton, MA  01748
+1 (508) 293-7953             FAX: +1 (508) 293-7786
black_david@emc.com        Mobile: +1 (978) 394-7754
----------------------------------------------------


> -----Original Message-----
> From: Black, David 
> Sent: Tuesday, December 19, 2006 6:24 PM
> To: gen-art@ietf.org; 'vlad.stibu@nokia.com'; 'dsr@w3.org'
> Cc: Black, David; 'Dean Willis'; 'Lisa Dusseault'
> Subject: Gen-ART review of Widex Requirements Draft
> 
> I have been selected as the General Area Review Team (Gen-ART)
> reviewer for this draft (for background on Gen-ART, please see
> http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).
> 
> Please resolve these comments along with any other Last Call comments
> you may receive.
> 
> Document: draft-ietf-widex-requirements-03
> Reviewer: David L. Black
> Review Date: December 19, 2006
> IETF LC End Date: December 25, 2006
> 
> Summary:
> This draft is basically ready for publication, but has nits
> that should be fixed before publication.
> 
> Comments:
> A short draft describing the requirements for the widex framework
> and protocol design.  It's generally in good shape - all of these
> comments are minor.
> 
> The opening sentence of section 3.4 mentions "the Widex 
> working group".
> This mention should be removed as the published RFC will significantly
> outlive the working group.
> 
> Section 3.4 switches between Widex objects and messages entirely too
> quickly, e.g.:
> 
>    There are two types of Widex Objects:
> 
>    WO Update (WO.Update):
>       WO.Update messages contain description ...
> 
> The word "messages" should be removed from Section 3.4 and replaced
> by "objects" throughout to avoid this confusion, especially as a Widex
> "message" may wind up containing multiple "objects".
> 
> Section 4.1: 
> 
>    o  The framework MUST be modular, e.g. multiple service 
> discovery and
>       session setup mechanisms may be used.
> 
> Nice examples, but a list of components that MUST be replaceable would
> be even better.
> 
>    o  The synchronisation MUST occur at a fairly loose level 
> that allows
>       for a simple approach to propagating changes.
> 
> Synchronization of what with what?
> 
>    o  The framework and the synchronisation protocol SHOULD be
>       stateless.
> 
> Huh?  As I understand what's going on, there's a large XML document
> on both sides that describes the user interface, and the exchanged
> objects describe changes to that document.  That does not sound like
> a stateless protocol.  What was this supposed to mean?
> 
> Section 4.3:
> 
>    o  The Widex Objects MUST support client initiated updates.
>    o  The Widex Objects MUST support server initiated updates.
> 
> Should that be client initiated events (cf. interfaces in
> diagram in Section 2)?
> 
> Section 6:
> 
>    As a means to support remote user interfaces, a number of security
>    considerations need to be addressed, including the potential for
>    unauthorized access to application services, monitoring of
>    interactions by unauthorized third parties, spoofing of application
>    services as a means to support phishing attacks, and denial of
>    service attacks.  Requirements defined in this document MUST allow
>    for the implementation according to best common practices.
> 
> The last sentence seems wrong, as it's pointing to this draft - it
> should be placing requirements on the to-be-designed widex protocol
> and framework to address these considerations.
> 
> Thanks,
> --David
> ----------------------------------------------------
> David L. Black, Senior Technologist
> EMC Corporation, 176 South St., Hopkinton, MA  01748
> +1 (508) 293-7953             FAX: +1 (508) 293-7786
> black_david@emc.com        Mobile: +1 (978) 394-7754
> ----------------------------------------------------
> 
> 

_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email