[Gen-art] Gen-ART review of draft-gregorio-uritemplate-07
"Vijay K. Gurbani" <vkg@bell-labs.com> Mon, 02 January 2012 04:37 UTC
Return-Path: <vkg@bell-labs.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C04211E8098 for <gen-art@ietfa.amsl.com>; Sun, 1 Jan 2012 20:37:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vl0Q6u9CICKT for <gen-art@ietfa.amsl.com>; Sun, 1 Jan 2012 20:37:41 -0800 (PST)
Received: from ihemail4.lucent.com (ihemail4.lucent.com [135.245.0.39]) by ietfa.amsl.com (Postfix) with ESMTP id 4BD7E11E808A for <gen-art@ietf.org>; Sun, 1 Jan 2012 20:37:40 -0800 (PST)
Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail4.lucent.com (8.13.8/IER-o) with ESMTP id q024bYfg020574 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 1 Jan 2012 22:37:36 -0600 (CST)
Received: from umail.lucent.com (umail-ce2.ndc.lucent.com [135.3.40.63]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id q024bXwh004400 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 1 Jan 2012 22:37:33 -0600
Received: from shoonya.ih.lucent.com (vkg.lra.lucent.com [135.244.18.235]) by umail.lucent.com (8.13.8/TPES) with ESMTP id q024bVMU017095; Sun, 1 Jan 2012 22:37:32 -0600 (CST)
Message-ID: <4F013570.1060206@bell-labs.com>
Date: Sun, 01 Jan 2012 22:41:20 -0600
From: "Vijay K. Gurbani" <vkg@bell-labs.com>
Organization: Bell Laboratories, Alcatel-Lucent
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:8.0) Gecko/20111115 Thunderbird/8.0
MIME-Version: 1.0
To: draft-gregorio-uritemplate@tools.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.57 on 135.245.2.39
X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12
Cc: General Area Review Team <gen-art@ietf.org>, Peter Saint-Andre <stpeter@stpeter.im>
Subject: [Gen-art] Gen-ART review of draft-gregorio-uritemplate-07
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jan 2012 04:37:45 -0000
I am the assigned Gen-ART reviewer for this draft. For background on Gen-ART, please see the FAQ at <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. Please resolve these comments along with any other Last Call comments you may receive. Document: draft-gregorio-uritemplate-07 Reviewer: Vijay K. Gurbani Review Date: Jan-01-2012 IETF LC End Date: Not known IESG Telechat date: Jan-05-2012 Summary: This draft is ready as an Proposed Standard. Major issues: 0 Minor issues: 2 Nits/editorial comments: 0 Minor issue: - S3.2.1, first paragraph: "A variable defined as an associative array of (name, value) pairs is considered undefined if the array contains zero members or if all member names in the array have undefined values." Here, do you mean "if all member names in the array have no values."? That is, "undefined values" implies that values are present in the template, but are not understood. On the other hand, "no values" implies the absence of any values at all. In my reading of the text, it appears that "no values" conveys more context than "undefined values". - S4, general comment: I am not sure where the template expansion is done --- at the client (browser) or at the origin server (the draft does not enunciate this, and if it does, I may have missed it). If the expansion is done at the origin server, I suspect that one can keep it a bit more busy by asking it to perform unnecessary template expansion for a resource that may be accessed normally even without template expansion. Is it worth documenting this at all in the Security Considerations section? (Clearly, if the expansion is done at the client, then it is the client incurring the expense of expansion. Insofar as the client is malicious, it is best to let it expend as much effort as necessary.) Thanks, - vijay - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60566 (USA) Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani@alcatel-lucent.com Web: http://ect.bell-labs.com/who/vkg/
- [Gen-art] Gen-ART review of draft-gregorio-uritem… Vijay K. Gurbani