Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-bis-03.txt
Julien Laganier <julien.ietf@gmail.com> Mon, 10 March 2014 14:57 UTC
Return-Path: <julien.ietf@gmail.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FE001A0471 for <hipsec@ietfa.amsl.com>; Mon, 10 Mar 2014 07:57:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WptBnNyTyMgA for <hipsec@ietfa.amsl.com>; Mon, 10 Mar 2014 07:57:50 -0700 (PDT)
Received: from mail-ve0-x235.google.com (mail-ve0-x235.google.com [IPv6:2607:f8b0:400c:c01::235]) by ietfa.amsl.com (Postfix) with ESMTP id D193C1A048F for <hipsec@ietf.org>; Mon, 10 Mar 2014 07:57:49 -0700 (PDT)
Received: by mail-ve0-f181.google.com with SMTP id oy12so7075507veb.40 for <hipsec@ietf.org>; Mon, 10 Mar 2014 07:57:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=sefKWLNr8ougwIfAKrx/OS71amjYf48Pp5SKmQ7INm8=; b=RvKASqicMP9eO189hWQLGGu97BBBprCN3jpSGDd7QBVI1+G2NgQ6IaCZDqddmOA2Cd SyNibXZb0/VlFnd+qB2mVrN/p61c7psC8nnS3pTe4ixipbdzT5j1AVcBQpzmyRF+rp2j uEi7DLOlqhsuKqIZAfap6RybIiV2Hwd7bn2zjHkyngQgNzHlHOXA2yEBoK7i2rRXm1Hr gB7wFuRpbYd+/++Y5GTGYo0eWhqw7bbfMiVF+BpNlaTTF7HdUphFMZhaB22Jm67ZHTNU 2pUwlIF6/CUBhi7GB7iUTX5a0YSPC4WJyAtnSUtZ37v1QwyeZIH5r3WfQkOej9V9ibvs XHAg==
MIME-Version: 1.0
X-Received: by 10.52.81.66 with SMTP id y2mr22825097vdx.23.1394463464353; Mon, 10 Mar 2014 07:57:44 -0700 (PDT)
Received: by 10.52.173.204 with HTTP; Mon, 10 Mar 2014 07:57:44 -0700 (PDT)
In-Reply-To: <530B8958.5050104@nomadiclab.com>
References: <20131211030009.544.78789.idtracker@ietfa.amsl.com> <52B44714.2010903@nomadiclab.com> <CAE_dhjsHQ9qJHvTr6rN3KBwd7G-Vu9xutT7G6-fuPjmP3gtB1A@mail.gmail.com> <52D806C5.1050606@nomadiclab.com> <CAE_dhjtyKAWKCXxpiYmk=AnrECV=bJrexH3M-McktLeT6i3wkw@mail.gmail.com> <52D94171.3010601@nomadiclab.com> <CAE_dhjsp0svo53TG8fQeF40sQRhykrzh21ikc6wSDBqfE7ihcQ@mail.gmail.com> <530B8958.5050104@nomadiclab.com>
Date: Mon, 10 Mar 2014 07:57:44 -0700
Message-ID: <CAE_dhjsq_pU9sKE2W=VL4=HV7Rw9XMq7aArX6AXuxn6Nz6rJfg@mail.gmail.com>
From: Julien Laganier <julien.ietf@gmail.com>
To: Ari Keranen <ari.keranen@nomadiclab.com>
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/hipsec/TM7LjWx6Azazp4TPVKKktasMFwI
Cc: "hipsec@ietf.org" <hipsec@ietf.org>
Subject: Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-bis-03.txt
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Mar 2014 14:57:52 -0000
Hi Ari, Thanks for pointing out the typo! I have just submitted the draft. Best, --julien On Mon, Feb 24, 2014 at 10:03 AM, Ari Keranen <ari.keranen@nomadiclab.com> wrote: > Hi Julien, > > Looks good, thanks. One small typo in section 6: "potetially unknown hosts". > > > Cheers, > Ari > > > On 21/02/14 07:04, Julien Laganier wrote: >> >> Hi Ari, >> >> Thanks for reviewing the draft and suggesting improvements. I have >> incorporated them all in the version-to-be -05, unfortunately the >> deadline has passed so I am attaching it below for your (and the rest >> of the WG) review in case you spot some errors before submission >> reopens. >> >> Cheers, >> >> --julien >> >> >> >> On Fri, Jan 17, 2014 at 6:42 AM, Ari Keranen <ari.keranen@nomadiclab.com> >> wrote: >>> >>> Hi Julien, >>> >>> >>> On 1/17/14 5:50 AM, Julien Laganier wrote: >>>> >>>> >>>> Hi Ari, >>>> >>>> On Thu, Jan 16, 2014 at 8:20 AM, Ari Keranen >>>> <ari.keranen@nomadiclab.com> >>>> wrote: >>>>> >>>>> >>>>> Hi Julien, >>>>> >>>>> Thanks, that looks good to me. Although reading the draft again, I was >>>>> wondering is it missing some text regarding the "Insufficient >>>>> resources" >>>>> error? >>>> >>>> >>>> >>>> Hmm... a registration failing because of "insufficient resources" is >>>> quite explicit; it conveys enough information for a requester to know >>>> that there are no resources to create a registration at a given >>>> registrar. Presumably a requester would try to register at a different >>>> registrar if it knows one... >>>> >>>> What else would the requester need to know? >>> >>> >>> >>> I mean that it looks a bit strange that there's only an error code >>> defined >>> but no text at all when to use it (even if the name of the code kinda >>> gives >>> it away). I would recommend to add a sentence or two about when/how to >>> use >>> it. >>> >>> I spotted one (copy-paste) error in the draft, section 3.3: >>> >>> If the registrar knows the Host Identities (HIs) of all the hosts >>> that are allowed to use the relaying service, it SHOULD reject >>> registrations from unknown hosts. However, since it may be >>> unfeasible to pre-configure the relay with all the HIs, the relay >>> SHOULD also support HIP certificates [I-D.ietf-hip-rfc6253-bis] to >>> allow for certificate based authentication. >>> >>> This should no longer be "relaying service" and "relay" (2 instances >>> here) >>> but in general the service for which one is registering for. >>> >>> In the figures, at the end of the section, I was wondering why S3 is not >>> announced by the registrar? Also the text is a bit unclear; almost as if >>> RQ >>> would try to register for S1 and S2 even if the figure shows only S1. >>> >>> In section "4.5. REG_FAILED", it says "Failure types other than zero (0) >>> and >>> one (1) have not been defined." This is obviously not true anymore. >>> Perhaps >>> here would be a good place for some text on the insufficient resources >>> error >>> code. >>> >>> And by the way, I guess you can have more than one REG_FAILEDs if there >>> was >>> more than one failure type? The text seems to now imply only single >>> REG_FAILED. >>> >>> Section 6 says: >>> >>> Registrars act on a voluntary basis and are willing to accept being a >>> responder and then to create HIP associations with a number of >>> previously unknown hosts. >>> >>> Now with the HI/cert authentication this has actually improved (you only >>> potentially do things with previously unknown hosts). >>> >>> Otherwise I think the draft is in good shape and could move forward. >>> >>> >>> Cheers, >>> Ari >>> >>> _______________________________________________ >>> Hipsec mailing list >>> Hipsec@ietf.org >>> https://www.ietf.org/mailman/listinfo/hipsec > > > _______________________________________________ > Hipsec mailing list > Hipsec@ietf.org > https://www.ietf.org/mailman/listinfo/hipsec
- [Hipsec] I-D Action: draft-ietf-hip-rfc5203-bis-0… internet-drafts
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Eggert, Lars
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Ari Keranen
- Re: [Hipsec] I-D Action: draft-ietf-hip-rfc5203-b… Julien Laganier