Re: [Gen-art] Genart last call review of draft-ietf-httpbis-cdn-loop-01

Alissa Cooper <> Mon, 17 December 2018 20:23 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8F11D129BBF; Mon, 17 Dec 2018 12:23:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=1DzjmP/k; dkim=pass (2048-bit key) header.b=Das0ewFO
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QrrmpcO7s7Yt; Mon, 17 Dec 2018 12:23:46 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2E55C126F72; Mon, 17 Dec 2018 12:23:46 -0800 (PST)
Received: from compute7.internal (compute7.nyi.internal []) by mailout.west.internal (Postfix) with ESMTP id 05C7ED1B; Mon, 17 Dec 2018 15:23:44 -0500 (EST)
Received: from mailfrontend2 ([]) by compute7.internal (MEProxy); Mon, 17 Dec 2018 15:23:45 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h= content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; s=fm1; bh=a bnIeylAm5jav4u0g9ELQRAF6Xmp109oxjXPC1hdedg=; b=1DzjmP/kuIk8fdqvT 5RcSroYZkz3pbl934LXlkpL8VOfuG1LXqLthYOi2vV9MBTWiDUu+iAf2V+irULb9 E3EYIkPeqbDdWRTo0IB4hkI3mo4Gl+oTLL9Z0Yhx+KHWmFFlWU7U3tXYEBkHv8/3 yH5omvANSTjKx4Iead3f2f/h8jhONB6DoY2rq4zJumxV01VqZQKm2WHRKBtUqlkZ xEpdPCkf6iABad88xTsN5Inj9y+TFGvXjXXWO5byPpQ8lfulb7FStSK7eV5fn0oq A7UyGR+tUdH2+RmaNYLXyQ9+dd0NBBWeLJKBYyFqlInf2VOdugJ7J0O/3BUorhDX nqpOQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=abnIeylAm5jav4u0g9ELQRAF6Xmp109oxjXPC1hde dg=; b=Das0ewFORGEFUVjHygP797izykb/mYgrOPe3C5gIV+24iYb6tucjkVos7 tRL9fGgq7YXP/Abfnnam9tvzwMdzkX/KaZ+vyhp7s4cpeRrOw3UeUtiMxiGmmJ9U Nep+egQyO568GTAY7feLFL5bRdLY/r9aAmJX76i5Trvs3MMT7yKlsU+OK9phb+eH T/sa8Q1ZJTA9JXyH7ZShZCrPUc2v++Zdqxl1ca7VgVYDaS3iQNfgoYILTfmk+i0t GgP03AYYJ3/irxQJFVnlGady0WnQMERtZYOKbQE/Ole0B13ERI53eW8VgNNEu0+p fzyK2vMBAJSB+vBI5/xHvrMUp+emA==
X-ME-Sender: <xms:zwUYXE-1PfNVPCf28zd5rQKysUkr8Wv0H8LE7DEoULHdFOSqhUEKfg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtkedrudeifedggeejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecunecujfgurheptggguffhjgffgffkfhfvofesthhqmhdthhdtvdenucfhrhhomh eptehlihhsshgrucevohhophgvrhcuoegrlhhishhsrgestghoohhpvghrfidrihhnqeen ucffohhmrghinhepihgvthhfrdhorhhgnecukfhppedujeefrdefkedruddujedrleefne curfgrrhgrmhepmhgrihhlfhhrohhmpegrlhhishhsrgestghoohhpvghrfidrihhnnecu vehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:zwUYXCSMsly6rejRywffqSh5JkBDUpBgfJFomC0lX_gBcrizLVWm4w> <xmx:zwUYXDmLb1913XgBHGNogKm31VQ7x0rQ_37YUh2z2nQIkmnm1slQrg> <xmx:zwUYXFW7pX9Omyd13HqsSGYm3ciOX4Tvk1BtNZIrss38IYM2W6i82A> <xmx:0AUYXGFeO388D65AeFIC-NK4jEBmzSUBEoET0ShlYnBvQDrA8q9ftg>
Received: from (unknown []) by (Postfix) with ESMTPA id 238B910084; Mon, 17 Dec 2018 15:23:43 -0500 (EST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Alissa Cooper <>
In-Reply-To: <>
Date: Mon, 17 Dec 2018 15:23:41 -0500
Cc: General Area Review Team <>,,
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <>
To: Joel Halpern <>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <>
Subject: Re: [Gen-art] Genart last call review of draft-ietf-httpbis-cdn-loop-01
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 17 Dec 2018 20:23:49 -0000

Joel, thanks for your review. I have entered a No Objection ballot and flagged your review there since there has been no response.


> On Dec 3, 2018, at 1:46 PM, Joel Halpern <> wrote:
> Review result: Ready with Issues
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair.  Please treat these comments just
> like any other last call comments.
> For more information, please see the FAQ at
> <>.
> Document: draft-ietf-httpbis-cdn-loop-01
> Reviewer: Joel Halpern
> Review Date: 2018-12-03
> IETF LC End Date: 2018-12-11
> IESG Telechat date: Not scheduled for a telechat
> Summary: This document is ready for publication as a Proposed Standard RFC
>                   There are two issues that I think should be addressed
>                   before publication
> Major issues: N/A
> Minor issues:
>   This depends upon CDNs which have not been upgraded not stripping this
>   header.  While I can believe that is a reasonable assumption, it seems that
>   a paragraph explaining that it is the case, and if possible what experience
>   leads us to think it is the case, would be helpful.
>   This document says that it is to protect against attackers causing loops. 
>   If the attacker is an external customer, the advice in the security
>   considerations section makes sense.  The other apparent attack would be an
>   attacker in the network who strips the information each time it comes past.
>    I believe the reason this is only an apparent attack is that such an
>   attacker could almost as easily simply generate additional messages instead
>   of producing a loop.  If I have inferred this correctly, it seems useful to
>   state it.
> Nits/editorial comments:  N/A