Re: [Gen-art] Gen-ART Last Call Review of draft-ietf-sieve-include-13
Aaron Stone <aaron@serendipity.cx> Mon, 19 December 2011 19:14 UTC
Return-Path: <aaron@serendipity.cx>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 15AC111E8097; Mon, 19 Dec 2011 11:14:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.189
X-Spam-Level:
X-Spam-Status: No, score=-101.189 tagged_above=-999 required=5 tests=[AWL=0.452, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5LUi8ADENp4P; Mon, 19 Dec 2011 11:14:02 -0800 (PST)
Received: from slice.serendipity.cx (slice.serendipity.cx [67.23.2.90]) by ietfa.amsl.com (Postfix) with ESMTP id 2BDC511E8081; Mon, 19 Dec 2011 11:14:02 -0800 (PST)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by slice.serendipity.cx (Postfix) with ESMTPSA id 3293F110068; Mon, 19 Dec 2011 11:11:54 -0800 (PST)
Received: by vcbfk13 with SMTP id fk13so4452058vcb.31 for <multiple recipients>; Mon, 19 Dec 2011 11:13:57 -0800 (PST)
Received: by 10.220.152.78 with SMTP id f14mr11601933vcw.30.1324322037235; Mon, 19 Dec 2011 11:13:57 -0800 (PST)
MIME-Version: 1.0
Received: by 10.52.29.72 with HTTP; Mon, 19 Dec 2011 11:13:35 -0800 (PST)
In-Reply-To: <E02C28C0-E664-4197-9594-FB12EDA53F1E@nostrum.com>
References: <E02C28C0-E664-4197-9594-FB12EDA53F1E@nostrum.com>
From: Aaron Stone <aaron@serendipity.cx>
Date: Mon, 19 Dec 2011 11:13:35 -0800
Message-ID: <CAEdAYKU7FrmRA0agwW0ux60VVhHGE9Dc_0hdj+TRPLW9DxFRLg@mail.gmail.com>
To: Ben Campbell <ben@nostrum.com>, Sieve mailing list <sieve@ietf.org>
Content-Type: multipart/alternative; boundary="f46d043c7b009900ac04b476c0b3"
Cc: "gen-art@ietf.org Review Team" <gen-art@ietf.org>
Subject: Re: [Gen-art] Gen-ART Last Call Review of draft-ietf-sieve-include-13
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2011 19:14:03 -0000
On Tue, Dec 13, 2011 at 2:13 PM, Ben Campbell <ben@nostrum.com> wrote: > I am the assigned Gen-ART reviewer for this draft. For background on > Gen-ART, please see the FAQ at < > http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>. > > Please resolve these comments along with any other Last Call comments you > may receive. > > Document: draft-ietf-sieve-include-13 > Reviewer: Ben Campbell > Review Date: 2011-12-13 > IETF LC End Date: 2011-12-15 > > Summary: This draft is almost ready for publication as a proposed standard > > Major issues: > > None > > Minor issues: > > -- section 3.1, paragraph 4: "Implementations MUST NOT generate errors for > recursive inclusions at upload time, as this would force an upload ordering > requirement upon script authors / generators. However, if an active script > is replaced with a faulty script and would remain the active script, an > error MUST be generated and the upload MUST fail." > > These two statements seem contradictory on a quick reading. In > particular, how can the latter assertion avoid an upload ordering > requirement? Or do you mean faulty in some way other than being recursive? > If you're replacing an active script, it has to be correct all the time, and uploads are atomic only on a per-script basis. There's a risk that if you're uploading a set of scripts that include one another, at some intermediate stage while some scripts are uploaded but not others, they are in an invalid state. The managesieve spec says that scripts must be validated at upload time. The language above is trying to say that you can upload all of the scripts that may include one another in any order without generating errors immediately, however, if you're replacing an active script or a script included by the active script, then you DO have to upload a correct script right from the get-go. > -- section 3.4.1, paragraph 5: "If a "global" command is given the name of > a variable that has previously been defined in the immediate script with > "set", an error MUST be generated either when the script is uploaded or at > execution time." > > Does this conflict with the previous statement that it is okay for a > global and a private variable to have the same name? > It doesn't conflict, because those variables live in separate namespaces. The effect of the global command is to bind the two names. An error is generated rather than specifying if the local overwrites the global value, or the global overwrites the local value. > -- section 3.4.2: > > Why do you need two ways to accomplish the same thing? > I might be making this up, but I think the original question was whether the variables spec would have namespaces. > Does the global namespace have the same "requires" requirement as the > global command? > Yes, but this isn't explicitly stated. > -- section 4.2, paragraph 2: > > Can you elaborate on what permissions are proper? Is it different for an > included script than for any other script? > > -- section 4.2, paragraph 3: > > Can you elaborate on what you mean by "safe for a storage system"? > > There are both somewhat vague warnings, basically, "Don't allow 'include "./../..//etc/passwd"' and don't allow 'include "foo$(`rm star`)"'. > Nits/editorial comments: > > -- section 3.1, paragraph 4: "authors / generators" > > s/ "authors / generators " / "authors and generators" > Ok. > -- section 3.2, paragraph 9 (Top of page 6): " > The included script MUST be a valid Sieve script. Each script MUST > have its own "require" statements for all optional capabilities used > by that script. " > > Who do these normative statements apply to? As worded, it sounds like they > apply to the user. It might be better to say that the implementation MUST > validate that… > Ok. > -- section 3.4.2, paragraph 3: "Variables declared global and variables > accessed via the global namespace MUST be one and the same." > > Plurality mismatch. I suggest something like "a variable declared as > global and a variable accesses with the global namespace, otherwise having > the same name…" > I might insert the word "each" after MUST to account for the plurality without rewriting the sentence. > -- section 5: > > Please explicitly mention the name or URL of the registry table to which > this should be added. > Good catch, thank you. Cheers, Aaron
- [Gen-art] Gen-ART Last Call Review of draft-ietf-… Ben Campbell
- Re: [Gen-art] Gen-ART Last Call Review of draft-i… Aaron Stone
- Re: [Gen-art] Gen-ART Last Call Review of draft-i… Aaron Stone
- Re: [Gen-art] [sieve] Gen-ART Last Call Review of… Alexey Melnikov
- Re: [Gen-art] Gen-ART Last Call Review of draft-i… Ben Campbell
- Re: [Gen-art] Gen-ART Last Call Review of draft-i… Aaron Stone
- Re: [Gen-art] [sieve] Gen-ART Last Call Review of… Barry Leiba
- Re: [Gen-art] [sieve] Gen-ART Last Call Review of… Ben Campbell
- Re: [Gen-art] Gen-ART Last Call Review of draft-i… Ben Campbell