Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
"Ben Campbell" <ben@nostrum.com> Mon, 16 May 2016 15:06 UTC
Return-Path: <ben@nostrum.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8F1312D0F2 for <i2rs@ietfa.amsl.com>; Mon, 16 May 2016 08:06:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.326
X-Spam-Level:
X-Spam-Status: No, score=-3.326 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FCc-GpwuGsAx for <i2rs@ietfa.amsl.com>; Mon, 16 May 2016 08:06:44 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C0F312D197 for <i2rs@ietf.org>; Mon, 16 May 2016 08:06:43 -0700 (PDT)
Received: from [172.20.10.3] (mobile-166-170-033-119.mycingular.net [166.170.33.119] (may be forged)) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id u4GF6crK039845 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 16 May 2016 10:06:39 -0500 (CDT) (envelope-from ben@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host mobile-166-170-033-119.mycingular.net [166.170.33.119] (may be forged) claimed to be [172.20.10.3]
From: Ben Campbell <ben@nostrum.com>
To: Eric Voit <evoit@cisco.com>
Date: Mon, 16 May 2016 11:06:31 -0400
Message-ID: <EE863476-41F4-4DFD-8157-186A802E11A3@nostrum.com>
In-Reply-To: <167d2323d3264287a30c36c1950984b5@XCH-RTP-013.cisco.com>
References: <nidiby0qci3n2ht5drnnsbdo.1462576153656@email.android.com> <9e9692bd22a041ba91e39a9f7dce8c9e@XCH-RTP-013.cisco.com> <00a901d1ad2e$f8a21e10$e9e65a30$@ndzh.com> <E6EC8518-6365-429F-B315-565FE15774F8@nostrum.com> <167d2323d3264287a30c36c1950984b5@XCH-RTP-013.cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Mailer: MailMate (1.9.4r5234)
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/vyEwpmsofJW9njfiGHxyH8WFJ98>
Cc: "i2rs@ietf.org" <i2rs@ietf.org>, "i2rs-chairs@ietf.org" <i2rs-chairs@ietf.org>, Alia Atlas <akatlas@gmail.com>, "draft-ietf-i2rs-pub-sub-requirements@ietf.org" <draft-ietf-i2rs-pub-sub-requirements@ietf.org>, The IESG <iesg@ietf.org>, Susan Hares <shares@ndzh.com>
Subject: Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT)
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 May 2016 15:06:47 -0000
That works for me. I will clear the DISCUSS. Thanks! Ben. On 16 May 2016, at 9:46, Eric Voit (evoit) wrote: > Hi Ben, > > > > There is no issue with rewording to a requirement rather than an > intro. The second sentence below has been changed to meet 2119. > > > > Some uses of this Subscription Service will push privacy-sensitive > updates and metadata. For privacy-sensitive deployments, subscription > information MUST be bound within secure, encrypted transport layer > mechanisms. For example if NETCONF is used as transport, then > [RFC5539] would be a valid option to secure the transported > information. The Subscription Service can also be used with emerging > privacy-sensitive deployment contexts as well. As an example, > deployments based on [i2rs-usecase] would apply these requirements in > conjunction with those documented within [i2rs-environment-security] > and [i2rs-protocol-security] to secure ephemeral state information > being pushed from a Network Element. > > > > Eric > > > >> From: Ben Campbell, May 15, 2016 3:18 PM > >> > >> Hi Eric and Sue, > >> > >> Thanks for the change, and I think it's on the right track. But I >> notice most of the > >> other requirements, in the security considerations section and in >> other sections, > >> use 2119 keywords. Is there a reason not to do so here? Would it be >> reasonable > >> to say that any embodiment of these requirements MUST support a >> transport > >> that provides encryption and integrity protection, and such a >> transport MUST be > >> used when carrying privacy-sensitive information? > >> > >> Thanks! > >> > >> Ben. > >> > >> > >> On 13 May 2016, at 10:49, Susan Hares wrote: > >> > >>> Eric: > >>> > >>> > >>> > >>> Thanks for jumping in and putting out text that resolves Ben’s > >>> comments. This text works for me with one addition. Add reference >>> to > >>> the security environment draft. > >>> > >>> > >>> > >>> Sue > >>> > >>> > >>> > >>> From: Eric Voit (evoit) [mailto:evoit@cisco.com] > >>> Sent: Friday, May 13, 2016 11:26 AM > >>> To: Susan Hares; Ben Campbell; Alia Atlas >>> (akatlas@gmail.com<mailto:akatlas@gmail.com>) > >>> Cc: The IESG; i2rs@ietf.org<mailto:i2rs@ietf.org>; > >>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; >>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org> > >>> Subject: RE: [i2rs] Ben Campbell's Discuss on > >>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT) > >>> > >>> > >>> > >>> Hi Ben, > >>> > >>> > >>> > >>> I have added the text below as the lead-in to section 4.2.5. I > >>> believe this meets the intents of your suggestions below. > >>> > >>> > >>> > >>> Hi Susan & Alia, > >>> > >>> > >>> > >>> I have uploaded v08 of > >>> > >>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-pub-sub-requirements/ > >>> > >>> If Ben concurs with the text below, I am not aware of any remaining > >>> discuss items. > >>> > >>> > >>> > >>> Thanks everyone for your reviews, > >>> > >>> Eric, Alex, & Alberto > >>> > >>> > >>> 4.2.5. Security Requirements > >>> > >>> Some uses of this Subscription Service will push >>> privacy-sensitive > >>> updates and metadata. Good deployment practices will bind this > >>> generated information within secure, encrypted transport layer > >>> mechanisms. For example if NETCONF is used as transport, then > >>> [RFC5539] would be a valid option to secure the transported > >>> information. The Subscription Service can also be used with > >>> emerging > >>> deployment contexts as well. As an example, deployments based on > >>> [i2rs-usecase] can apply these requirements in conjunction with > >>> those > >>> documented within [i2rs-protocol-security] to secure ephemeral > >>> state > >>> information being pushed from a Network Element. > >>> > >>> > >>> > >>> > >>> From: Susan Hares [mailto:shares@ndzh.com] > >>> Sent: Friday, May 06, 2016 7:09 PM > >>> To: Ben Campbell > >>> Cc: Eric Voit (evoit); The IESG; >>> i2rs@ietf.org<mailto:i2rs@ietf.org>; > >>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; >>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org> > >>> Subject: Re: [i2rs] Ben Campbell's Discuss on > >>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT) > >>> > >>> > >>> > >>> Ben: > >>> > >>> > >>> > >>> This is wise idea. I will suggest some text to Eric and you in the > >>> morning. > >>> > >>> > >>> > >>> Sue > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> Sent via the Samsung Galaxy Note5, an AT&T 4G LTE smartphone > >>> > >>> -------- Original message -------- > >>> > >>> From: Ben Campbell <ben@nostrum.com<mailto:ben@nostrum.com>> > >>> > >>> Date: 5/6/2016 2:38 PM (GMT-06:00) > >>> > >>> To: Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>> > >>> > >>> Cc: Eric Voit <evoit@cisco.com<mailto:evoit@cisco.com>>, The IESG >>> <iesg@ietf.org<mailto:iesg@ietf.org>>, > >>> i2rs@ietf.org<mailto:i2rs@ietf.org>, >>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>, > >>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org> > >>> > >>> Subject: Re: [i2rs] Ben Campbell's Discuss on > >>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT) > >>> > >>> > >>> > >>> Hi Susan, > >>> > >>> To be clear, I do not object to the wider context per se. My concern > >>> is > >>> that the security and privacy requirements are left as implicit, >>> based > >>> on the more narrow i2rs/netconf context. I only mentioned the > >>> potential > >>> of restricting the contextas one possible way forward; I am >>> certainly > >>> not wedded to it. > >>> > >>> My suggestion for a way forward would be to document the high level > >>> security and privacy requirements in this document. IIUC, the larger > >>> context includes potentially unknown contexts, so some of this may > >>> need > >>> to be conditional. For example, language like the following might be > >>> helpful (this is just an example--I don't mean to say that it is >>> true > >>> or > >>> applicable): > >>> > >>> "Some uses of this mechanism may carry privacy-sensitive > >>> information, > >>> or generate privacy-sensitive metadata through the subscription > >>> mechanism. In contexts where this is true, the following >>> requirements > >>> apply..." > >>> > >>> It might also be reasonable to say that, for the context of i2rs, > >>> these > >>> requirements are documented in [references] and are expected to be > >>> fulfilled by the [transport and or protocol] > >>> > >>> Eric's email also suggested that the actual transport of data from >>> the > >>> Yang datastore may be out of scope for these requirements. I don't > >>> object to that, either, as long as it is clear and explicit, >>> although > >>> it > >>> would be good to point to where it is _in_ scope. > >>> > >>> Thanks! > >>> > >>> Ben. > >>> > >>> On 6 May 2016, at 1:06, Susan Hares wrote: > >>> > >>>> Ben: > >>>> > >>>> This is the first of the "re-use" management protocols. The > >>>> requirements > >>>> are set-up so that we can suggest additions to the NETCONF and > >>>> RESTCONF for > >>>> this first of I2RS. > >>>> > >>>> The I2RS ephemeral work, pub/sub, traceability, and security are > >>>> target at > >>>> the I2RS protocol definition with the I2RS use case. However, >>>> since > >>>> these > >>>> are general additions to NETCONF/RESTCONF, this work can be used > >>>> elsewhere. > >>>> > >>>> I think the text you are highlighting has this larger context. >>>> Now, > >>>> one of > >>>> the really important things to chat with Alia and Benoit is how do >>>> we > >>>> handle > >>>> the wider use case. Do we mention the wider context? > >>>> > >>>> The WG thought mentioning it was important. > >>>> > >>>> Sue > >>>> > >>>> -----Original Message----- > >>>> From: Ben Campbell [mailto:ben@nostrum.com] > >>>> Sent: Thursday, May 05, 2016 5:31 PM > >>>> To: Susan Hares > >>>> Cc: Eric Voit; The IESG; i2rs@ietf.org<mailto:i2rs@ietf.org>; > >>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; >>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org> > >>>> Subject: Re: [i2rs] Ben Campbell's Discuss on > >>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and COMMENT) > >>>> > >>>> On 5 May 2016, at 5:15, Susan Hares wrote: > >>>> > >>>>> Eric, Ben and IESG members: > >>>>> > >>>>> > >>>>> > >>>>> The pub/sub requirements are part of a 5 part requirements. May >>>>> I > >>>>> quote > >>>>> from the shepherd's report: > >>>>> > >>>>> --------------------- > >>>>> > >>>>> The requirements for the first version of I2RS are: > >>>>> > >>>>> 1) model driven ephemeral state - that is data models that do not > >>>>> survive > >>>>> > >>>>> a software or hardware reboot. > >>>>> > >>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-ephemeral-state/ > >>>>> > >>>>> > >>>>> > >>>>> 2) a secure protocol - > >>>>> > >>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-protocol-security-req > >>>>> uireme > >>>>> nts/ > >>>>> > >>>>> > >>>>> > >>>>> 3) traceability - ability to record interactions between I2RS > >>>>> elements > >>>>> > >>>>> (Client, Agent, Routing system) > >>>>> > >>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-traceability/ > >>>>> > >>>>> > >>>>> > >>>>> 4) notification publication via subscription > >>>>> > >>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-pub-sub-requirements/ > >>>>> > >>>>> > >>>>> > >>>>> 5) Protocol to pass Data for Analytics > >>>>> > >>>>> The first version of these requirements does not include a > >>>>> > >>>>> separate analytical protocol requirements as the simple use cases > >>>>> may > >>>>> > >>>>> pass information via query/poll or the notifications. > >>>>> > >>>>> > >>>>> > >>>>> The I2RS protocol exists in an secure environment described by: > >>>>> > >>>>> https://datatracker.ietf.org/doc/draft-ietf-i2rs-security-environment- > >>>>> reqs/ > >>>>> > >>>>> > >>>>> > >>>>> ------------------------- > >>>>> > >>>>> > >>>>> > >>>>> Eric - Perhaps it would be good to point to: > >>>>> > >>>>> . draft-ietf-i2rs-protocol-security-requirements and > >>>>> > >>>>> . draft-ietf-i2rs-security-environment-reqs/ > >>>>> > >>>>> > >>>>> > >>>>> Ben - Can you tell me how the shepherd report could have been > >>>>> clearer? > >>>>> The > >>>>> I2rs protocol security requirements require: confidentiality, > >>>>> encryption, secure transport, protection against replay attack, > >>>>> protection against DDoS attack (if possible). > >>>> > >>>> I think my confusion lies in the fact that, while the shepherd's > >>>> writeup > >>>> styles this draft as part of the I2RS protocol requirements, the > >>>> draft > >>>> itself claims to describe requirements for a generally useful >>>> pub-sub > >>>> interface to a yang datastore. It's not clear to me how and when >>>> the > >>>> I2RS > >>>> protocol security requirements apply to it. If the described > >>>> interface > >>>> is > >>>> intended to be useful in contexts other than I2RS (and the draft > >>>> explicitly > >>>> sets that expectation in 2.2), it needs to talk more generally >>>> about > >>>> security and privacy. > >>>> > >>>> For example, it might make sense to say that certain security > >>>> requirements > >>>> apply in environments where the mechanism might carry privacy > >>>> sensitive > >>>> data, and then point to the i2rs requirements for when the >>>> mechanism > >>>> is used > >>>> in an I2RS context. > >>>> > >>>> A different approach might be to more tightly constrain this to >>>> i2rs > >>>> > >>>>> > >>>>> > >>>>> > >>>>> Ben - On opting in, once the receive accepts a transport >>>>> connection > >>>>> from the I2RS server - how is this not an opt-in to receive data? > >>>>> What > >>>>> are you looking for? > >>>> > >>>> I guess that depends on the transport. The transport requirements >>>> say > >>>> the > >>>> mechanism has to work over multiple transports. The last paragraph >>>> in > >>>> 4.2.4 > >>>> says "In the case of connection-oriented transports..." which > >>>> suggests > >>>> that > >>>> non-connection-oriented transports are possible. > >>>> > >>>> Even with a connection-oriented transport, this may depend on how > >>>> connection-management is handled, and whether the receiver might be > >>>> receiving things it _wants_ to receive on the same transport. > >>>> > >>>>> > >>>>> > >>>>> > >>>>> Sue Hares > >>>>> > >>>>> (shepherd) > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: i2rs [mailto:i2rs-bounces@ietf.org] On Behalf Of Eric Voit > >>>>> (evoit) > >>>>> Sent: Wednesday, May 04, 2016 7:25 PM > >>>>> To: Ben Campbell; The IESG > >>>>> Cc: i2rs@ietf.org<mailto:i2rs@ietf.org>; >>>>> draft-ietf-i2rs-pub-sub-requirements@ietf.org<mailto:draft-ietf-i2rs-pub-sub-requirements@ietf.org>; > >>>>> i2rs-chairs@ietf.org<mailto:i2rs-chairs@ietf.org>; >>>>> shares@ndzh.com<mailto:shares@ndzh.com> > >>>>> Subject: Re: [i2rs] Ben Campbell's Discuss on > >>>>> draft-ietf-i2rs-pub-sub-requirements-06: (with DISCUSS and >>>>> COMMENT) > >>>>> > >>>>> > >>>>> > >>>>> Hi Ben, > >>>>> > >>>>> > >>>>> > >>>>> Thanks for the comment. In-line.... > >>>>> > >>>>> > >>>>> > >>>>>> From: Ben Campbell, May 04, 2016 2:49 PM > >>>>> > >>>>>> ---------------------------------------------------------------------- > >>>>> > >>>>>> DISCUSS: > >>>>> > >>>>>> ---------------------------------------------------------------------- > >>>>> > >>>>>> > >>>>> > >>>>>> I have a couple of points I would like to discuss. Hopefully they > >>>>>> can > >>>>> > >>>>>> be resolved > >>>>> > >>>>>> easily: > >>>>> > >>>>>> > >>>>> > >>>>>> Are there really no requirements for privacy or integrity > >>>>>> protection? > >>>>> > >>>>>> Is there an expectation that this mechanism would ever carry > >>>>>> privacy > >>>>> > >>>>>> sensitive or otherwise sensitive information? > >>>>> > >>>>> > >>>>> > >>>>> [eric's comment: > >>>>> > >>>>> When the subscription is established dynamically via an existing > >>>>> transport > >>>>> session (which is expected to be the dominant case) we have the >>>>> same > >>>>> expectations for Privacy and integrity as would be provided via a > >>>>> "GET" > >>>>> instead of a "PUSH" over the same transport. We could have > >>>>> replicated all > >>>>> these requirements, but that was seen as unnecessary and likely >>>>> less > >>>>> secure > >>>>> than adopting existing mechanisms. > >>>>> > >>>>> > >>>>> > >>>>> When the Subscriber and Receiver are different, then the transport > >>>>> connection will have credentials passed as part of the > >>>>> establishment. > >>>>> These > >>>>> credentials will be used as a Security Grooming Filter just like >>>>> the > >>>>> above > >>>>> case so that pushed objects will be excluded from an Update > >>>>> Notification as > >>>>> per the permissions of the Receiver. (I.e., this is identical > >>>>> behavior to > >>>>> the above.) As several people have had questions about this, >>>>> the > >>>>> new v07 > >>>>> will make this explicit in the Security section. > >>>>> > >>>>> End of eric's comment] > >>>>> > >>>>> > >>>>> > >>>>> Sue: The transport provides for privacy, integrity protection. > >>>>> Most > >>>>> configuration in network boxes would need privacy. > >>>>> > >>>>> > >>>>> > >>>>>> - 4.2.5, 2nd to last paragraph: > >>>>> > >>>>>> I am surprised to find that, when the receiver is not the > >>>>>> subscriber, > >>>>> > >>>>>> that the receiver is expected to opt-out. It seems like some form > >>>>>> of > >>>>> > >>>>>> opt-in or affirmative consent would be needed here. > >>>>> > >>>>> > >>>>> > >>>>> The question really was how heavy-weight should the mechanism be. > >>>>> Transports been considering are all encrypted. So there is >>>>> already > >>>>> a > >>>>> level > >>>>> of trust between the peers. And a target can always pull down the > >>>>> connection if there are issues. > >>>>> > >>>>> > >>>>> > >>>>> In addition, multicast transports are viable for some future >>>>> cases. > >>>>> We > >>>>> didn't want mechanisms which complicated this type of interaction, > >>>>> especially in a world where dumb IoT devices may be involved. > >>>>> > >>>>> > >>>>> > >>>>> Sue: If the receiver accepts a secure transport set-up from the > >>>>> server, can > >>>>> you provide the reason why this is not an "opt-in" once it >>>>> receives > >>>>> the > >>>>> connection from the I2RS agent? > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>>> ---------------------------------------------------------------------- > >>>>> > >>>>>> COMMENT: > >>>>> > >>>>>> ---------------------------------------------------------------------- > >>>>> > >>>>>> > >>>>> > >>>>>> - General: I support Stephen's DISCUSS > >>>>> > >>>>>> > >>>>> > >>>>>> -2.2: What is the real scope of this work? Is it expected to > >>>>>> supplant > >>>>> > >>>>>> the mentioned mechanisms? > >>>>> > >>>>> > >>>>> > >>>>> No. It is just showing that many specialized Push mechanism >>>>> exist. > >>>>> This > >>>>> is not intended to supplant existing mechanisms, although perhaps >>>>> it > >>>>> can > >>>>> help avoid future dedicated solutions. > >>>>> > >>>>>> - 2.3: "We need a new pub-sub > >>>>> > >>>>>> technology" > >>>>> > >>>>>> The shepherd write up mentioned a goal to use existing > >>>>>> technologies. > >>>>> > >>>>>> Is the point of this sentence to suggest that is not feasible? > >>>>> > >>>>> > >>>>> > >>>>> Existing technologies cannot meet all the requirements specified. > >>>>> There are > >>>>> technology drafts progressing in NETCONF which can. > >>>>> > >>>>> > >>>>> > >>>>>> - 4.1, 4th paragraph: > >>>>> > >>>>>> The MAY doesn't seem right--is this a statement of fact that the > >>>>> > >>>>>> subscriber may have to resubscribe, or a requirement of the form > >>>>>> that > >>>>> > >>>>>> the service MAY force the subscriber to resubscribe? (Be careful > >>>>>> with > >>>>> > >>>>>> MAYs in requirements language--they imply unexpected things. For > >>>>> > >>>>>> example, several requirements say a SUBSCRIBE MAY do >>>>>> something--do > >>>>> > >>>>>> those imply that the service MUST allow the subscriber to do it >>>>>> ?) > >>>>> > >>>>> > >>>>> > >>>>> Good point. Reworded in v07. > >>>>> > >>>>> > >>>>> > >>>>>> -- 4.2.2, third bullet: The previous section said dampening >>>>>> periods > >>>>> > >>>>>> MUST be supported. > >>>>> > >>>>> > >>>>> > >>>>> Yes, but dampening is never for periodic subscriptions. > >>>>> > >>>>>> - 4.2.1, third paragraph: This is a bit ambiguous. I think it >>>>>> means > >>>>>> to > >>>>> > >>>>>> change the what subtrees the subscription applies to, but could >>>>>> be > >>>>> > >>>>>> interpreted to change the subtrees themselves. > >>>>> > >>>>> > >>>>> > >>>>> Fixed > >>>>> > >>>>>> - 4.2.6.4: Would a mechanism that allowed out-of-order delivery >>>>>> but > >>>>> > >>>>>> gave the subscriber a way to reconstruct the order fulfill this > >>>>> requirement? > >>>>> > >>>>> > >>>>> > >>>>> Yes, the timestamp within an update. But this requirement targets >>>>> a > >>>>> specific object in a specific subscription. So there should be no > >>>>> issues. > >>>>> > >>>>>> Nits: > >>>>> > >>>>>> - The shepherd write up suggests this is standards track. The >>>>>> draft > >>>>> > >>>>>> and tracker both say informational. Please update the shepherd >>>>>> writ > >>>>>> up. > >>>>> > >>>>> > >>>>> > >>>>> Fixed > >>>>> > >>>>>> -3, last paragraph: What's the difference between a "Push" and an > >>>>> "Update"? > >>>>> > >>>>> > >>>>> > >>>>> Reworded > >>>>> > >>>>>> -4.1: A forward reference to the subscription QoS section would >>>>>> be > >>>>> helpful. > >>>>> > >>>>> > >>>>> > >>>>> Moved the requirement in question to 4.2.6. > >>>>> > >>>>>> -- Last paragraph, last sentence: Sentence doesn't parse. > >>>>> > >>>>> > >>>>> > >>>>> Fixed > >>>>> > >>>>>> > >>>>> > >>>>>> - 4.2.8, third paragraph: I don't think that should be a 2119 MAY > >>>>> > >>>>> > >>>>> > >>>>> Fixed > >>>>> > >>>>> Thanks again for the review! > >>>>> > >>>>> Eric > >>>>> > >>>>> _______________________________________________ > >>>>> > >>>>> i2rs mailing list > >>>>> > >>>>> <mailto:i2rs@ietf.org> i2rs@ietf.org<mailto:i2rs@ietf.org> > >>>>> > >>>>> <https://www.ietf.org/mailman/listinfo/i2rs> > >>>>> https://www.ietf.org/mailman/listinfo/i2rs
- [i2rs] Ben Campbell's Discuss on draft-ietf-i2rs-… Ben Campbell
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Eric Voit (evoit)
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Ben Campbell
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Susan Hares
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Eric Voit (evoit)
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Ben Campbell
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Ben Campbell
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Eric Voit (evoit)
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Susan Hares
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Ben Campbell
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Susan Hares
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Eric Voit (evoit)
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Susan Hares
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Eric Voit (evoit)
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Susan Hares
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Ben Campbell
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Eric Voit (evoit)
- Re: [i2rs] Ben Campbell's Discuss on draft-ietf-i… Ben Campbell