[Gen-art] RE: Gen-ART review of Widex Requirements Draft
Black_David@emc.com Wed, 24 January 2007 02:03 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1H9XU0-0002vw-Dj; Tue, 23 Jan 2007 21:03:28 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1H9XTy-0002vg-BT for gen-art@ietf.org; Tue, 23 Jan 2007 21:03:26 -0500
Received: from mexforward.lss.emc.com ([128.222.32.20]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1H9XTv-0001VV-RS for gen-art@ietf.org; Tue, 23 Jan 2007 21:03:26 -0500
Received: from mailhub.lss.emc.com (nirah.lss.emc.com [10.254.144.13]) by mexforward.lss.emc.com (Switch-3.1.7/Switch-3.1.7) with ESMTP id l0O23Ixh005268; Tue, 23 Jan 2007 21:03:18 -0500 (EST)
Received: from corpussmtp3.corp.emc.com (corpussmtp3.corp.emc.com [10.254.64.53]) by mailhub.lss.emc.com (Switch-3.1.8/Switch-3.1.7) with ESMTP id l0O230XR010838; Tue, 23 Jan 2007 21:03:08 -0500 (EST)
From: Black_David@emc.com
Received: from CORPUSMX20A.corp.emc.com ([128.221.62.13]) by corpussmtp3.corp.emc.com with Microsoft SMTPSVC(6.0.3790.1830); Tue, 23 Jan 2007 21:02:19 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 23 Jan 2007 21:02:18 -0500
Message-ID: <F222151D3323874393F83102D614E055068B8BD7@CORPUSMX20A.corp.emc.com>
In-Reply-To: <F222151D3323874393F83102D614E055068B8A63@CORPUSMX20A.corp.emc.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Gen-ART review of Widex Requirements Draft
Thread-Index: AccjxLYxEqU5U+tcRhq7wlW7Mu+5swblqInw
References: <F222151D3323874393F83102D614E055068B8A63@CORPUSMX20A.corp.emc.com>
To: Black_David@emc.com, gen-art@ietf.org, vlad.stibu@nokia.com, dsr@w3.org
X-OriginalArrivalTime: 24 Jan 2007 02:02:19.0584 (UTC) FILETIME=[ADEBE400:01C73F5B]
X-PMX-Version: 4.7.1.128075, Antispam-Engine: 2.5.0.283055, Antispam-Data: 2007.1.23.173933
X-PerlMx-Spam: Gauge=, SPAM=0%, Reason='EMC_BODY_1+ -3, EMC_FROM_0+ -2, NO_REAL_NAME 0, __C230066_P5 0, __CP_NOT_1 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CTYPE_CHARSET_QUOTED 0, __CT_TEXT_PLAIN 0, __HAS_MSGID 0, __IMS_MSGID 0, __MIME_TEXT_ONLY 0, __MIME_VERSION 0, __PHISH_PHRASE3 0, __SANE_MSGID 0'
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 37af5f8fbf6f013c5b771388e24b09e7
Cc: lisa@osafoundation.org, dean.willis@softarmor.com
Subject: [Gen-art] RE: Gen-ART review of Widex Requirements Draft
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org
The -04 version of the Widex Requirements draft has addressed all of the comments in my Gen-ART review, and hence is ready for publication as an Informational RFC. Many thanks to the authors, --David p.s. My spell checker wants to render Widex as Windex - I suspect there's a horrible UI joke hiding in there ... ---------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 black_david@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------- > -----Original Message----- > From: Black, David > Sent: Tuesday, December 19, 2006 6:24 PM > To: gen-art@ietf.org; 'vlad.stibu@nokia.com'; 'dsr@w3.org' > Cc: Black, David; 'Dean Willis'; 'Lisa Dusseault' > Subject: Gen-ART review of Widex Requirements Draft > > I have been selected as the General Area Review Team (Gen-ART) > reviewer for this draft (for background on Gen-ART, please see > http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). > > Please resolve these comments along with any other Last Call comments > you may receive. > > Document: draft-ietf-widex-requirements-03 > Reviewer: David L. Black > Review Date: December 19, 2006 > IETF LC End Date: December 25, 2006 > > Summary: > This draft is basically ready for publication, but has nits > that should be fixed before publication. > > Comments: > A short draft describing the requirements for the widex framework > and protocol design. It's generally in good shape - all of these > comments are minor. > > The opening sentence of section 3.4 mentions "the Widex > working group". > This mention should be removed as the published RFC will significantly > outlive the working group. > > Section 3.4 switches between Widex objects and messages entirely too > quickly, e.g.: > > There are two types of Widex Objects: > > WO Update (WO.Update): > WO.Update messages contain description ... > > The word "messages" should be removed from Section 3.4 and replaced > by "objects" throughout to avoid this confusion, especially as a Widex > "message" may wind up containing multiple "objects". > > Section 4.1: > > o The framework MUST be modular, e.g. multiple service > discovery and > session setup mechanisms may be used. > > Nice examples, but a list of components that MUST be replaceable would > be even better. > > o The synchronisation MUST occur at a fairly loose level > that allows > for a simple approach to propagating changes. > > Synchronization of what with what? > > o The framework and the synchronisation protocol SHOULD be > stateless. > > Huh? As I understand what's going on, there's a large XML document > on both sides that describes the user interface, and the exchanged > objects describe changes to that document. That does not sound like > a stateless protocol. What was this supposed to mean? > > Section 4.3: > > o The Widex Objects MUST support client initiated updates. > o The Widex Objects MUST support server initiated updates. > > Should that be client initiated events (cf. interfaces in > diagram in Section 2)? > > Section 6: > > As a means to support remote user interfaces, a number of security > considerations need to be addressed, including the potential for > unauthorized access to application services, monitoring of > interactions by unauthorized third parties, spoofing of application > services as a means to support phishing attacks, and denial of > service attacks. Requirements defined in this document MUST allow > for the implementation according to best common practices. > > The last sentence seems wrong, as it's pointing to this draft - it > should be placing requirements on the to-be-designed widex protocol > and framework to address these considerations. > > Thanks, > --David > ---------------------------------------------------- > David L. Black, Senior Technologist > EMC Corporation, 176 South St., Hopkinton, MA 01748 > +1 (508) 293-7953 FAX: +1 (508) 293-7786 > black_david@emc.com Mobile: +1 (978) 394-7754 > ---------------------------------------------------- > > _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art