Re: [Gen-art] Genart last call review of draft-wilde-sunset-header-07
Erik Wilde <erik.wilde@dret.net> Thu, 29 November 2018 22:37 UTC
Return-Path: <erik.wilde@dret.net>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A29D130EDF; Thu, 29 Nov 2018 14:37:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.109
X-Spam-Level:
X-Spam-Status: No, score=-0.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=dret.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9EQVtsIsL7tZ; Thu, 29 Nov 2018 14:37:33 -0800 (PST)
Received: from postoffice.gristmillmedia.com (dret.net [209.188.86.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DC47130EDA; Thu, 29 Nov 2018 14:37:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dret.net; s=default; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version :Date:Message-ID:From:References:Cc:To:Subject:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=L7WPtd8WoWq1ltbfYiOhjck/rwnBkw1Ocvp6d42iPbo=; b=XmnqW6x0oQDonbLKM04qqSI8wt 3Z9C/QEs+CsaHh/ZtFgTsIyM21n9e0s3LUMHg5yWXDDb2jvBGTLNdZ6ePI4nFc2bpzy8EOPb/YaF5 o3rElT0GG+ID2Nh+3QQiLKShykgLgQdzcs5eUPrhm1bhNCmF4tqrMO8QyfkKvYW23bFUf2BV59A5w /eoLsUO7ulvbOCdl9F8PaIr6Y/cSxkFilUrIlg1H/UKUj+sMJlifOXAo1z8mGAfT76kvnXylbwL6G tnuMQnVeergC+9TyUXVaDVrZbxMAYY6go6TE92Oz/JoB5NtWNSOVpqDrqYP9PKLXnHZ/xsAlPMP1m By76GLXQ==;
Received: from [65.196.52.196] (port=53613 helo=dretbook.local) by postoffice.gristmillmedia.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91) (envelope-from <erik.wilde@dret.net>) id 1gSUw2-0006MF-3g; Thu, 29 Nov 2018 17:37:26 -0500
To: Jari Arkko <jari.arkko@piuha.net>, gen-art@ietf.org
Cc: draft-wilde-sunset-header.all@ietf.org, ietf@ietf.org
References: <154062576395.5617.8725497285559940981@ietfa.amsl.com>
From: Erik Wilde <erik.wilde@dret.net>
Message-ID: <7b9dc702-1627-02a4-db8a-8fdbf56cce8a@dret.net>
Date: Thu, 29 Nov 2018 11:01:59 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.1
MIME-Version: 1.0
In-Reply-To: <154062576395.5617.8725497285559940981@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - postoffice.gristmillmedia.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - dret.net
X-Get-Message-Sender-Via: postoffice.gristmillmedia.com: authenticated_id: birdhouse@dret.net
X-Authenticated-Sender: postoffice.gristmillmedia.com: birdhouse@dret.net
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/htssDq70241eN0JHaVpuX9pbRD8>
Subject: Re: [Gen-art] Genart last call review of draft-wilde-sunset-header-07
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Nov 2018 22:37:39 -0000
hello jari. thanks a lot for the review! On 2018-10-27 01:36, Jari Arkko wrote: > Summary: > This is a well-written, understandable and useful piece of specification. > Thanks for writing it. > I had a couple of minor observations, but otherwise the draft is ready to be > published. that's great to hear. i will make changes according to your review, and publish a new version (-08) later this week. > The section on relation link type discusses who may be reading the linked > material: > > This specification places no > constraints on the scope or the type of the linked resource. The > scope can be for a resource or for a service. The type is determined > by the media type of the linked resource, and can be targeted at > humans, at machines, or a combination of both. > > That's fine, but at the same time my understanding is that there is no media > type today that would actually be machine readable and usable for your purpose? > Is this so? If I cannot write code today for a machine to do anything with the > linked resource, maybe that's something that you'd want to say. And you > probably don't want to blindly load and use the > load-this-executable-and-all-your-linking-problems-are-history media type, > either :-) the main idea was that the policy probably would be more often documented than described in a fully machine-understandable format. but i do understand you concerns. i have done two things. right underneath the sentence you quoted, i have added the following: "If the linked resource does provide machine-readable information, consumers should be careful before acting on this information. Such information may, for example, instruct consumers to use a migration rule so that sunset resources can be accessed at new URIs. However, this kind of information amounts to a possibly large-scale identity migration of resources, so it is crucial that the migration information is authentic and accurate." i have also added a paragraph about the same issue to the security considerations section: "In cases where a sunset policy is linked by using the sunset link relation type, clients should be careful about taking any actions based on this information. It should be verified that the information is authentic and accurate. Furthermore, it should be tested that this information is only applied to resources that are within the scope of the policy, making sure that sunset policies cannot "hijack" resources by for example providing migration information for them." > The security considerations section does not mention that there might be cases > where the lifetime information could be sensitive. Are there such cases? The > only example of that I can come with is that a fixed data retention rule would > obviously also reveal the time that the organisation in question has learned > about the data in question, which might be sensitive in some cases. that's a very good point, i have added that as the very first paragraph of the security considerations. "Generally speaking, information about upcoming sunsets can leak information that otherwise might not be available. For example, a resource representing a registration can leak information about the expiration date when it exposes sunset information. For this reason, any use of sunset information where the sunset represents an expiration or allows the calculation of another date (such as calculating a creation date because it is known that resource expire after one year) should be treated in the same way as if this information would be made available directly in the resource's representation." > Nits/editorial comments: > > The example section could perhaps demonstrate the use of the sunset relation in > addition to the header field. good point, i added an example after the header field example. 'Before the Sunset header even appears for the first time (it may not appear fro the very beginning), it is possible that the resource (or possibly just the "home" resource of the service context) communicates its sunset policy by using the sunset link relation. If communicated as an HTTP header field, it might look as following: Link: <http://example.net/sunset>;rel="sunset";type="text/html" In this case, the linked resource provides sunset policy information about the service context. It may be documentation aimed at developers, for example informing them that the lifetime of a certain class of resources is ten years after creation, and that Sunset headers will be served as soon as the sunset date is less than some given period of time. It may also inform developers whether the service will respond with 410 or 404 after the sunset time, as discussed above.' thanks again for the review. i'll post an updated version soon. cheers, dret. -- erik wilde | mailto:erik.wilde@dret.net | | http://dret.net/netdret | | http://twitter.com/dret |
- [Gen-art] Genart last call review of draft-wilde-… Jari Arkko
- Re: [Gen-art] Genart last call review of draft-wi… Erik Wilde
- Re: [Gen-art] Genart last call review of draft-wi… Jari Arkko
- Re: [Gen-art] Genart last call review of draft-wi… Alissa Cooper