Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-bis-03.txt
Ari Keranen <ari.keranen@nomadiclab.com> Mon, 24 February 2014 18:03 UTC
Return-Path: <ari.keranen@nomadiclab.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C39901A01A7 for <hipsec@ietfa.amsl.com>; Mon, 24 Feb 2014 10:03:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.253
X-Spam-Level:
X-Spam-Status: No, score=0.253 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hrxMyKMqzP6f for <hipsec@ietfa.amsl.com>; Mon, 24 Feb 2014 10:03:07 -0800 (PST)
Received: from gw.nomadiclab.com (gw.nomadiclab.com [193.234.218.122]) by ietfa.amsl.com (Postfix) with ESMTP id 04DF81A02B0 for <hipsec@ietf.org>; Mon, 24 Feb 2014 10:03:07 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by gw.nomadiclab.com (Postfix) with ESMTP id A9C1C4E722; Mon, 24 Feb 2014 20:03:05 +0200 (EET)
X-Virus-Scanned: amavisd-new at nomadiclab.com
Received: from gw.nomadiclab.com ([127.0.0.1]) by localhost (inside.nomadiclab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K9BPDQb_zl9e; Mon, 24 Feb 2014 20:03:04 +0200 (EET)
Received: from tri60.nomadiclab.com (localhost [IPv6:::1]) by gw.nomadiclab.com (Postfix) with ESMTPSA id 89DFE4E71C; Mon, 24 Feb 2014 20:03:04 +0200 (EET)
Message-ID: <530B8958.5050104@nomadiclab.com>
Date: Mon, 24 Feb 2014 20:03:04 +0200
From: Ari Keranen <ari.keranen@nomadiclab.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Julien Laganier <julien.ietf@gmail.com>
References: <20131211030009.544.78789.idtracker@ietfa.amsl.com> <52B44714.2010903@nomadiclab.com> <CAE_dhjsHQ9qJHvTr6rN3KBwd7G-Vu9xutT7G6-fuPjmP3gtB1A@mail.gmail.com> <52D806C5.1050606@nomadiclab.com> <CAE_dhjtyKAWKCXxpiYmk=AnrECV=bJrexH3M-McktLeT6i3wkw@mail.gmail.com> <52D94171.3010601@nomadiclab.com> <CAE_dhjsp0svo53TG8fQeF40sQRhykrzh21ikc6wSDBqfE7ihcQ@mail.gmail.com>
In-Reply-To: <CAE_dhjsp0svo53TG8fQeF40sQRhykrzh21ikc6wSDBqfE7ihcQ@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/hipsec/IHlsBv5XSuNWpBpXfqHi8GGsaKw
Cc: "hipsec@ietf.org" <hipsec@ietf.org>
Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-bis-03.txt
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2014 18:03:10 -0000
Hi Julien, Looks good, thanks. One small typo in section 6: "potetially unknown hosts". Cheers, Ari On 21/02/14 07:04, Julien Laganier wrote: > Hi Ari, > > Thanks for reviewing the draft and suggesting improvements. I have > incorporated them all in the version-to-be -05, unfortunately the > deadline has passed so I am attaching it below for your (and the rest > of the WG) review in case you spot some errors before submission > reopens. > > Cheers, > > --julien > > > > On Fri, Jan 17, 2014 at 6:42 AM, Ari Keranen <ari.keranen@nomadiclab.com> wrote: >> Hi Julien, >> >> >> On 1/17/14 5:50 AM, Julien Laganier wrote: >>> >>> Hi Ari, >>> >>> On Thu, Jan 16, 2014 at 8:20 AM, Ari Keranen <ari.keranen@nomadiclab.com> >>> wrote: >>>> >>>> Hi Julien, >>>> >>>> Thanks, that looks good to me. Although reading the draft again, I was >>>> wondering is it missing some text regarding the "Insufficient resources" >>>> error? >>> >>> >>> Hmm... a registration failing because of "insufficient resources" is >>> quite explicit; it conveys enough information for a requester to know >>> that there are no resources to create a registration at a given >>> registrar. Presumably a requester would try to register at a different >>> registrar if it knows one... >>> >>> What else would the requester need to know? >> >> >> I mean that it looks a bit strange that there's only an error code defined >> but no text at all when to use it (even if the name of the code kinda gives >> it away). I would recommend to add a sentence or two about when/how to use >> it. >> >> I spotted one (copy-paste) error in the draft, section 3.3: >> >> If the registrar knows the Host Identities (HIs) of all the hosts >> that are allowed to use the relaying service, it SHOULD reject >> registrations from unknown hosts. However, since it may be >> unfeasible to pre-configure the relay with all the HIs, the relay >> SHOULD also support HIP certificates [I-D.ietf-hip-rfc6253-bis] to >> allow for certificate based authentication. >> >> This should no longer be "relaying service" and "relay" (2 instances here) >> but in general the service for which one is registering for. >> >> In the figures, at the end of the section, I was wondering why S3 is not >> announced by the registrar? Also the text is a bit unclear; almost as if RQ >> would try to register for S1 and S2 even if the figure shows only S1. >> >> In section "4.5. REG_FAILED", it says "Failure types other than zero (0) and >> one (1) have not been defined." This is obviously not true anymore. Perhaps >> here would be a good place for some text on the insufficient resources error >> code. >> >> And by the way, I guess you can have more than one REG_FAILEDs if there was >> more than one failure type? The text seems to now imply only single >> REG_FAILED. >> >> Section 6 says: >> >> Registrars act on a voluntary basis and are willing to accept being a >> responder and then to create HIP associations with a number of >> previously unknown hosts. >> >> Now with the HI/cert authentication this has actually improved (you only >> potentially do things with previously unknown hosts). >> >> Otherwise I think the draft is in good shape and could move forward. >> >> >> Cheers, >> Ari >> >> _______________________________________________ >> Hipsec mailing list >> Hipsec@ietf.org >> https://www.ietf.org/mailman/listinfo/hipsec
- [Hipsec] I-D Action: draft-ietf-hip-rfc5203-bis-0… internet-drafts
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Eggert, Lars
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier