[i2rs] quick comment on draft-hares-i2rs-auth-trans-00
Alia Atlas <akatlas@gmail.com> Thu, 11 June 2015 20:11 UTC
Return-Path: <akatlas@gmail.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 516641B313E for <i2rs@ietfa.amsl.com>; Thu, 11 Jun 2015 13:11:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.999
X-Spam-Level:
X-Spam-Status: No, score=-101.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8sPNKmeYZ3iH for <i2rs@ietfa.amsl.com>; Thu, 11 Jun 2015 13:11:38 -0700 (PDT)
Received: from mail-ob0-x22d.google.com (mail-ob0-x22d.google.com [IPv6:2607:f8b0:4003:c01::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C47161A1B4A for <i2rs@ietf.org>; Thu, 11 Jun 2015 13:11:38 -0700 (PDT)
Received: by obbqz1 with SMTP id qz1so10455084obb.3 for <i2rs@ietf.org>; Thu, 11 Jun 2015 13:11:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=gk43EUXIyHs5nxq+XjVtithW0k3CLG0QvQ/pH4cipoA=; b=S4qEE3SJ1iWdOguUO4xLrVPGlD9kKRjGZDC4hCfLZJYjgNL5DYJuxOIBL7IFs2b+pf BunGb+HdFQYFsmnRJXwM2kY0V5dsWTRXQiOLa0+UeOnI2r9fsUBeDijfaNi0dEBdQ/ED CFhth+3iOw7H0ERubaepKulkTBF55PUbJ9L2XtdVzitPvP261SkA0RmQVGUiSVEbuRXb cTH6Auc+qJMGx0cZxvGTOkT5IseeraTZY5S/4pcVFuCA7CnGL9s/kRKC10D0LJ9RN2nJ aw74ffm7wtMP4ytglZnWrvP6O1b3FHwrxcijGFrdPKHfKiKaIB4Jsp0Nix+ckpMMBr+P /5Fw==
MIME-Version: 1.0
X-Received: by 10.182.29.68 with SMTP id i4mr9154742obh.57.1434053498151; Thu, 11 Jun 2015 13:11:38 -0700 (PDT)
Received: by 10.60.33.167 with HTTP; Thu, 11 Jun 2015 13:11:38 -0700 (PDT)
Date: Thu, 11 Jun 2015 16:11:38 -0400
Message-ID: <CAG4d1retauAwC3MrDUvgJFoWxMrQiFtXAQq1kt=D0gxdrkQdOg@mail.gmail.com>
From: Alia Atlas <akatlas@gmail.com>
To: "i2rs@ietf.org" <i2rs@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c2993a58a9ee05184399f1"
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/x7LTuStsyjLWty2XbslvK5R4gV0>
Subject: [i2rs] quick comment on draft-hares-i2rs-auth-trans-00
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2015 20:11:40 -0000
<no-hat> Sue, Thanks for writing this draft. I think it is useful to clearly articulate the outside-of-I2RS behavior and protocols that are needed for the mutual authentication. I do have a couple comments on the draft. In Sec 3.1, it says "Each Identity will be linked to one secondary identity for the period of a connection." I would have assumed that the client could arbitrarily change its' secondary identity. This is to support the broker case where a client may be passing along requests from multiple applications. Since the secondary identity is just passed along and stored for traceability, I don't think that allowing it to change would cause significant complications. What do others think? In the I2RS architecture, there are 3 different types of transaction behavior desired for processing a message. In Sec 4, there's an assumption that "fail-on-error" with the associated roll-back is the only mode. Thus, I think that Section 4 needs a bit of massaging. Thanks, Alia
- [i2rs] quick comment on draft-hares-i2rs-auth-tra… Alia Atlas
- Re: [i2rs] quick comment on draft-hares-i2rs-auth… DIEGO LOPEZ GARCIA
- Re: [i2rs] quick comment on draft-hares-i2rs-auth… Alia Atlas
- Re: [i2rs] quick comment on draft-hares-i2rs-auth… DIEGO LOPEZ GARCIA
- Re: [i2rs] quick comment on draft-hares-i2rs-auth… Alia Atlas
- Re: [i2rs] quick comment on draft-hares-i2rs-auth… Joel M. Halpern