[Gen-art] Gen-Art requested early review: draft-ietf-netconf-restconf-09
Robert Sparks <rjsparks@nostrum.com> Wed, 20 January 2016 19:41 UTC
Return-Path: <rjsparks@nostrum.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B2131ACDCC; Wed, 20 Jan 2016 11:41:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id onW7ZgiOD-mA; Wed, 20 Jan 2016 11:41:06 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19CED1ACDC7; Wed, 20 Jan 2016 11:41:03 -0800 (PST)
Received: from unnumerable.local (pool-173-57-158-165.dllstx.fios.verizon.net [173.57.158.165]) (authenticated bits=0) by nostrum.com (8.15.2/8.14.9) with ESMTPSA id u0KJf2xW097985 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=OK); Wed, 20 Jan 2016 13:41:02 -0600 (CST) (envelope-from rjsparks@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host pool-173-57-158-165.dllstx.fios.verizon.net [173.57.158.165] claimed to be unnumerable.local
To: General Area Review Team <gen-art@ietf.org>, netconf@ietf.org, draft-ietf-netconf-restconf.all@ietf.org
From: Robert Sparks <rjsparks@nostrum.com>
Message-ID: <569FE2CE.6080008@nostrum.com>
Date: Wed, 20 Jan 2016 13:41:02 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/lvAaDyle7L6Iju9WzyesQN-I_nM>
Subject: [Gen-art] Gen-Art requested early review: draft-ietf-netconf-restconf-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jan 2016 19:41:08 -0000
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. This is a requested early review.
Please treat these comments just like any other comments.
For more information, please see the FAQ at
<http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
Document: draft-ietf-netconf-restconf-09
Reviewer: Robert Sparks
Review Date: 20Jan2015
IETF LC End Date: (not yet in IETF last call)
IESG Telechat date: (not yet scheduled)
Summary: This document has a few issues that should be addressed before
requesting publication.
Please make sure the semantics you're giving to POST vs PUT sit well
with HTTP experts. Similarly, please make sure you have someone steeped
in character sets and encoding look closely at section 5.3. I'll leave
commenting on those things to people more qualified than me. Other
reviewers have asked for more information about the interaction of this
use of HTTP with things like pipelining.
Major issues:
The document should explicitly discuss how the restconf protocol will be
extended. It mentions that other documents might do that in several
places (specifically with "Additional functionality can be defined in
external documents, outside the scope of this document").
Section 3.4 claims a datastore resource can only be written directly
with the optional to implement PATCH method. That does not seem
consistent with the rest of the document.
Section 2.2 says "RESTCONF requires that the transport-layer protocol
provides both data integrity and confidentiality, such as are provided
by the TLS protocol [RFC5246]." and "RESTCONF implementations MUST
support the "https" URI scheme", but I don't see any text that prohibits
the use of RESTCONF over HTTP without TLS. If the intent was to prohibit
that, please make it more explicit. If the intent is to allow the use of
RESTCONF without requiring the use of TLS, the security considerations
section (at least) needs more discussion about when doing so is a bad idea.
Section 2.3 (Certificate Validation) seems to be restating things that
it could simply point to instead. Why not replace this section with
something like "the RESTCONF peer will follow the procedures and
recommendations in RFC6125."? If it's because you want this section to
talk only about validating the client certificate, that should be
clarified (and there is still probably something that already exists
that you can point to rather than restate things here). The current text
claims RFC5246 requires the peer to terminate the connection if the
certificate path validation fails - where in RFC5246 are you seeing that?
Should section 3.1 talk about what a client should do if more than one
restconf link relation is returned when querying host-meta?
Section 4.3 speaks to returning different content for the same resource
depending on what authentication is provided. Specifically "the
unauthorized content is omitted from the response message-body, and the
authorized content is returned to the client.". Some discussion of how
this interacts with caching (or even the ETag mechanisms) is warranted
here. What happens if the authorization policies for a given user
changes - will they be able to fetch the new things they have been given
permission to see, or will the cache, etag, or if-changed-since
mechanics interfere?
Minor issues:
There are some requirements stated with 2119 keywords buried in the
Introduction sections. Consider moving them to the protocol definition
sections.
Section 2.5 cuts off the possibility of using session-based
authentication. If that's something you want to be able to add later,
make sure you're leaving the right extension points. (I know the typical
restconf client won't be a browser, but for those use cases where using
a browser makes sense, remember that browsers make it very hard to
change identities when you are using HTTP Authentication).
In sections 4.2 and 4.3 consider explicitly saying what to return if
something issues a HEAD or GET request against an operation resource.
The first paragraph in section 5 (before 5.1.1) seems confused in its
use of message vs method. Please review the use of the terms and make
sure they align with the words used in the introduction to rfc7231, for
example.
I suggest deleting section 5.2. You already say RESTCONF uses HTTP, and
that this section is not comprehensive. As it is, it restates things
said in the HTTP documentation without adding anything - at best, it's
an opportunity to introduce errors while restating things. Just point to
HTTP instead. Similarly, the first table in section 7 could be replaced
with a pointer to the relevant place in the HTTP specs.
Nits/editorial comments:
The introduction says a user should not need any prior knowledge of
NETCONF to use RESTCONF. It would be good to also call out here that the
implementer _will_ need prior knowledge of NETCONF.
The first sentence of section 2.4 ("The RESTCONF client MUST carefully
examine the certificate presented by the RESTCONF server to determine if
it meets the client's expectations.") adds nothing. Please delete the
sentence or replace it with specific things the client needs to do..
The introduction says "Edits are usually applied". Why is this qualified
with "usually"?
In the examples at the end of 3.5.1 (before 3.5.1.1), consider saying
list1=key1,key2,key3/ instead of list1=key1val,key2val,key3val to be
consistent with the way you refer to the elements in other places.
It would be useful to explicitly discuss what to return if a resource
already exists in Section 4.4.1. Right now, that's specified primarily
by an example in section 7.1.
The "MUST use this exact path" after the last bullet in 5.1 is not a
good use of 2119. The sentence is observing a truth about the defined
system, not placing an interoperability requirement on the client. The
client uses the returned identifier to access the resource. If it uses
anything else, it is not accessing the resource. I suggest replacing the
prase with "uses this exact path".
In section 5.6, I suggest replacing "Instead of using HTTP caching" with
"Instead of relying on HTTP caching".
Consider adding an example that shows a 500 response corresponding to a
"partial-operation" error in NETCONF, demonstrating what information the
client gets to distinguish this 500 from an "operation-failed" error.
There is a phrase missing in the first sentence of section 7.1. Perhaps
"will be returned" just before the left-parenthesis?
- [Gen-art] Gen-Art requested early review: draft-i… Robert Sparks