Re: [icnrg] [irsg] IRSG review request draft-irtf-icnrg-nrs-requirements-04

Cedric Westphal <cedric.westphal@futurewei.com> Wed, 21 April 2021 16:36 UTC

Return-Path: <cedric.westphal@futurewei.com>
X-Original-To: icnrg@ietfa.amsl.com
Delivered-To: icnrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C7953A2F4C; Wed, 21 Apr 2021 09:36:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9qJ2Z2jgx_hH; Wed, 21 Apr 2021 09:36:46 -0700 (PDT)
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam08on2101.outbound.protection.outlook.com [40.107.100.101]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F52C3A2F02; Wed, 21 Apr 2021 09:36:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JVLWCbLcu15eHFdpOMwFcFdQ5k1RzsRwN453ArbjwArXgJ7noXESdlfU+EiOVNIhKXP4kJebDKR+3kIC9kD935E1FGWrO5Bo9FDxwdafFfSdtSum9uLLIXQpBc6wyztX3/6/qXbCCPSQDuhFbtTXjpW9p3cjJHUtpDaxSY3VdNE33rNdQH+BoarJknFjErxlhVdeNlXFi3US9nJgFSKCBolDloIOTbilEl/aFx0fAcg+FpFL46PJ0UjlTxy/GmO0iwu5Z1zj5Hztg8DOCmPxb1AJgosTclzBeiq9o5EP7p/bSlUQYlX/R+0Z2P/jzB9+JYm8bhPSpnOYmdnHPk8aiQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tHFgzERjhPDKiFSrgThKhXdMype+UMb+XA76CpqGj1Y=; b=n2/iBW2fCR3CPVy8en3gieiDeg5xiasl7FZh9h1ziDTPsKgZg2eYv4o+Hpg8GWfhmtQxkvkyBqqd8UdSQla+VJ4ey+v89JatM1SfCo4v8oLq3A+yWIZDRp3BkxHO6tv0Cn+quy9VLZ+9P47GhrPyUit6T3Oq7K7r7KsUUQTtNTNp0axANM8QdLFACqVP4c5JOfekcZG1yVlmjkNN4hogI01SMuzXrwdeno0pBYtqrnCWA5luinn3ow+oT1UPFYT/UN/kzvtv0j2/HzYidyMu8oPKlFwpvxWL2gYanc5Cfrnf+I4Gpf2vpy6LfFCL/sr/am3wFObhaMUHceeNcS0Rcg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tHFgzERjhPDKiFSrgThKhXdMype+UMb+XA76CpqGj1Y=; b=NljLNf1wP1fAr4W4HZDKV4jXhSWZBoIDblcRhTnwTF2NfQE3rj5Rc9vCvQMzMOPsSrpeWhiU3mPvwNQNV0S3Y5q4ZcoluFUz2s+oC6a+9Wopdb7ZtBm1tqxMPwCY505hXvPropUc4gRcUuH4AnfWszMgJmNewbLCS0cfJeaKNP8=
Received: from BYAPR13MB2805.namprd13.prod.outlook.com (2603:10b6:a03:b2::26) by BY5PR13MB3745.namprd13.prod.outlook.com (2603:10b6:a03:22e::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.6; Wed, 21 Apr 2021 16:36:31 +0000
Received: from BYAPR13MB2805.namprd13.prod.outlook.com ([fe80::a17b:966f:aa4a:2cca]) by BYAPR13MB2805.namprd13.prod.outlook.com ([fe80::a17b:966f:aa4a:2cca%4]) with mapi id 15.20.4065.019; Wed, 21 Apr 2021 16:36:31 +0000
From: Cedric Westphal <cedric.westphal@futurewei.com>
To: Vincent Roca <vincent.roca@inria.fr>, Jungha Hong <jhong@etri.re.kr>
CC: "icnrg-chairs@ietf.org" <icnrg-chairs@ietf.org>, "icnrg@irtf.org" <icnrg@irtf.org>, Colin Perkins <csp@csperkins.org>, The IRSG <irsg@irtf.org>
Thread-Topic: [icnrg] [irsg] IRSG review request draft-irtf-icnrg-nrs-requirements-04
Thread-Index: AQHXL3PGYlx5RI5lH0yVYTo8zwJwPaq+p+mAgACRO/A=
Date: Wed, 21 Apr 2021 16:36:31 +0000
Message-ID: <BYAPR13MB2805420BA6C7486911AD7DCEFF479@BYAPR13MB2805.namprd13.prod.outlook.com>
References: <mol6npjb1drw.mol6npjbf7od.g1@dooray.com> <45CE934E-4C9D-417E-A97B-0B69FC8DAB1D@inria.fr>
In-Reply-To: <45CE934E-4C9D-417E-A97B-0B69FC8DAB1D@inria.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: inria.fr; dkim=none (message not signed) header.d=none;inria.fr; dmarc=none action=none header.from=futurewei.com;
x-originating-ip: [73.202.226.195]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 83426256-30e1-4ea0-66b1-08d904e39e9f
x-ms-traffictypediagnostic: BY5PR13MB3745:
x-microsoft-antispam-prvs: <BY5PR13MB37456A144E63C583A0E8D80AFF479@BY5PR13MB3745.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cDzelCdmCMm7AEgvO9nJvGcbKDVrdBcVWdnmdJPLLgY3ylm8fwBbmrn4baiXSXZjJIi/H5ou8ToOTGJKoouXaO/2Qd7yP1zeXI2hw+AN6Pd7pK2Qt2Z66dSehTN0bJ4QFOiso3x7zc/Z4bMPWygx/LAPihmNBe6Cah5imprxTS/oKgdrkmwEZrmiVH56EIxV5eaqZgtSw5cZr9TRbvRxDQlfxcRfyhmlDwk45hMswLl/n0pQfpSj+SlE3eGzj9UdLVmrArlWYTFtnSqb6yIRK81ZUowiD46Xbk2DL7qC6zO+hqZYOhx1Ej0PzCwkV7q2nqheBAKLKSkXZ8oxFTQvcLoYQdvSB99v9mmwAiDdAPRe74VoOcfxLKSPWA5CtSz/EoCoxetrF5F6JH1K1gjpe/a5B3vzSXoLH4H3vzyjnwz5D4rYpXjUk5SlqUJVTRZNZtFMLgQMQKJWoG4/0xTm2aV7fymjo/NtzD5UQFyuq4VgNFBU94y4elP9BKYeoAk9m52ucm+DyzGKA6FhDWJMUHEdBzC5BlYMhu10Ek6FWZJxXC2Xs8jEOVSgZ4EWNjr///FBhZg5j3Rzkrb6DrlwCx+F4Yxru0rEggyFF3KJFshVP6Zexi647ECrHDOms0XKeZIkBLJK1VS+yj5QzJ8xeXchBdXQxdtQ1waTCg4+6W5fe10FQlDodrD3J4E5/yL2
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BYAPR13MB2805.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(366004)(136003)(39830400003)(66946007)(7696005)(33656002)(6506007)(5660300002)(53546011)(966005)(71200400001)(66446008)(52536014)(76116006)(4001150100001)(86362001)(38100700002)(64756008)(2906002)(166002)(110136005)(122000001)(478600001)(316002)(55016002)(9686003)(44832011)(26005)(186003)(8936002)(4326008)(66476007)(54906003)(76236003)(9326002)(66574015)(83380400001)(8676002)(66556008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?VlZFL2FEeUdxend2M2tEb25zeTdPczJVdEhSd2RzaXkzL1hGajQwclZvbVg5?= =?utf-8?B?Zit1RzJYR1M3bHE2TmYxaEpOdjJCZmdFTTRyd1ZaZGt6Y29RdlY1Q1BqUTlL?= =?utf-8?B?ZS85OGN1S09OWDFhclhMVFdyYm1LVFdySEV6NVpJTlhaT2hlUDZaRmhDUUxa?= =?utf-8?B?OWlabW9zeUVUOGo2aGJuUnNJSUYxR3VKelNBMGlCTERVWFRndHVqUzRVbndX?= =?utf-8?B?cTI5NTNaSnZtcnlrQ1NHVkU5eUhYQW5heWl1dWxFS0RITjhDODVreVFia2dR?= =?utf-8?B?Z21uV0Nmbyt5SzZ2bmxNSE9jSlpWNkpSbm0zUWpzdkRYSFNDekhZUmI1d2Rs?= =?utf-8?B?TUN6YW5BVDZFNkFKaDhaZ1V4Q3JJU3lPRzBvM2VVeHhUZlJCd25na0J4THVN?= =?utf-8?B?ME5JV2c5Q0gvcWs1SUp1RnpaWlpFRmFjMFdTTkVzUlJlc2hGUFljaUVNNDJO?= =?utf-8?B?YjFaUExxd2tiVkVZWWpEaVpZcTZzQjFOZEJON2wvVlZkYVAxazY4N3QzRW5z?= =?utf-8?B?amY1OEowMFQyazI3enVSb0Q0Z0VaZ3pib3U4amNROGU5TUw1Y3ZQcmhRQm5Q?= =?utf-8?B?R3M1OFJmZ2tGc0VQUGJzU3lMUW8vdEdmeE5kKzNmNnEvS3VXRVdJU2J1UTNt?= =?utf-8?B?WktBQ1ZySHFSNnRRaDhhTnFESXZuLzlxekIxcmlmdGd4c3NhRTlyeVZvWVFN?= =?utf-8?B?UzR4L2hxaFVlYlNobG9EL1NPK1NPb2ZXU0srNlhtTkFmY0s0aFhDdG9hWmZx?= =?utf-8?B?VzRjM2VEaWdPekVRMWNrTlg1VWpOTFZaQTZ1Vk9wUlYwRHlOd09pMmg1Z2I4?= =?utf-8?B?QTBrT3JsaU12ZVlybFV2cnN5c2dYS3VMeEJQNmUyeDhKQytnK3U3NnhiZDVs?= =?utf-8?B?OUpaZFBocUVwNzFobk5SNkVJbnRwUnZmV2grU1NvNXR4RGpsYWNCNjlaaEFI?= =?utf-8?B?a1NuVmU3cjJJeUpZRkc4OWtnRjJNWU8vaGVPS3RqZGhpOUlqa2NiYUxwL3Bi?= =?utf-8?B?RzRvTkFDNWlYV0pZUmtZYVpmK0o4Q0JLM0dzM3JzSWxKMmh2dzRRemQ5clgw?= =?utf-8?B?N09mYklIeG9naEVYQ0dwMUs0bXVRcVJ3Mmg5K1JKYTlYeXZGTDczeTlzRGh0?= =?utf-8?B?SzZEYXVUaVY1TU9wRTY0NklWSjZHOUh1aG1VNGZ3OXdXb1hZelFNc1c0LzBh?= =?utf-8?B?cGVDa2xsOFdlQ2E0RXlPb2dIbGp2WmU4ZzhrY2d2S3czS2dwQzZYd08xODFY?= =?utf-8?B?Q2VGK1FLaHA2Z1lkWnFQS0xKcTBaNVdVaGJsVkZkdjNYRHdIQnltTENRYVI5?= =?utf-8?B?enNLUWtVQTFOWUV2L2I1VVFCdE9IU3Y2OWdaQUpuRGZLeHhFdkVwcTg1OWVx?= =?utf-8?B?RUo5T0NKN3V6VzhVeXdnRWRkYzFxTW1xaXRnU0Y2UmJpSmZCclkxMW1kb250?= =?utf-8?B?aXVvQUNWSzMraXlCUnBWZHQxVE5XaVArMEVWSm5Jay80MTMza2tsWXkwdjc2?= =?utf-8?B?WEg3UmlJbS9GWFEyWFcyVmFyY3hrWGFZYVZ0OVdWWW1UM2ZQbjFMVWZjS2py?= =?utf-8?B?L2EvOVkrSXBweU5HamdsWHhDWjNrYWJJbmJkbDRvT1Zab2Y3TVpadnZFVTFM?= =?utf-8?B?UGE0SDVIbjg3SU9XbU03aVdJMTQ4c1F3d0d1cTRkRlQ1c014Tm5ZaTVRZjN4?= =?utf-8?B?WEh3OENUaWwvU25JTXdaR2NoMmh3ekxWK2R0cENGVDBFUTJ2NFh4T29nY1pU?= =?utf-8?Q?cw4wHphEMnM1WZAvICEZoMt3CDUs3n4kAE0/tAk?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BYAPR13MB2805420BA6C7486911AD7DCEFF479BYAPR13MB2805namp_"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BYAPR13MB2805.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 83426256-30e1-4ea0-66b1-08d904e39e9f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Apr 2021 16:36:31.3330 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nHy+iwoh+pLEx4S1vnDrc00vP25AjH+Ai9xJauY/DD+MiqwL2EmtIfut2ZWPHgnlqMZYy+abWI7G4sbW315l5w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR13MB3745
Archived-At: <https://mailarchive.ietf.org/arch/msg/icnrg/XM4zbsrLmAJKWC5-ZPqlPaM4t7I>
Subject: Re: [icnrg] [irsg] IRSG review request draft-irtf-icnrg-nrs-requirements-04
X-BeenThere: icnrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Information-Centric Networking research group discussion list <icnrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/icnrg>, <mailto:icnrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/icnrg/>
List-Post: <mailto:icnrg@irtf.org>
List-Help: <mailto:icnrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/icnrg>, <mailto:icnrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2021 16:36:59 -0000

Hi Vincent,

First, merci beaucoup for the super quick and kind response. It’s greatly appreciated.

Regarding your comment, here’s what the 5 sigmas refer to:
https://en.wikipedia.org/wiki/68%E2%80%9395%E2%80%9399.7_rule#:~:text=In%20the%20social%20sciences%2C%20a,to%20qualify%20as%20a%20discovery.
However, since it is not clear, and since 5 9s is usually what network operators use, we can just remove that mention.
“The NRS system may provide a probability (say, five 9s) that a resolution will be satisfied.”

Best regards,

C.

From: icnrg <icnrg-bounces@irtf.org> On Behalf Of Vincent Roca
Sent: Wednesday, April 21, 2021 12:53 AM
To: Jungha Hong <jhong@etri.re.kr>
Cc: Vincent Roca <vincent.roca@inria.fr>fr>; icnrg-chairs@ietf.org; icnrg@irtf.org; Colin Perkins <csp@csperkins.org>rg>; The IRSG <irsg@irtf.org>
Subject: Re: [icnrg] [irsg] IRSG review request draft-irtf-icnrg-nrs-requirements-04

Dear authors, everybody,

Thank you for your response, Jungha.

I’m okay with the updated I-D.
I’m just wondering what is meant by « five 9s, or five sigmas » in the following sentence of section 4.3.

              The NRS system may provide a probability (say, five 9s,
              or five sigmas for instance) that a resolution will be satisfied.

I guess « 99.999% » for the « five 9s », but I don’t understand the notion of sigmas. Sorry.
This is nota blocking point anyway.

Cheers,

  Vincent


Le 12 avr. 2021 à 10:13, Jungha Hong <jhong@etri.re.kr<mailto:jhong@etri.re.kr>> a écrit :

Dear Vincent,

Thanks a lot for taking the time to review this document.
First of all, I am sorry that it has been quite a long time to address your comments.

The revised document, draft-irtf-icnrg-nrs-requirements-05 has been submitted.
We tried to address your comments as much as possible.
(https://www.ietf.org/rfcdiff?url2=draft-irtf-icnrg-nrs-requirements-05<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Frfcdiff%3Furl2%3Ddraft-irtf-icnrg-nrs-requirements-05&data=04%7C01%7Ccedric.westphal%40futurewei.com%7C80b6ef4ae598482fa8c708d9049a967a%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C1%7C637545884289674074%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=vzx7gX6ZKEBVX6ofKXexAVGIOEQy7UEU1a5lfVCBnsw%3D&reserved=0>)

Please find our responses explained in-line below and let us know if anything is unclear.

Thanks,
Jungha Hong


-----Original Message-----
From: "Vincent Roca" <vincent.roca@inria.fr<mailto:vincent.roca@inria.fr>>
To: "Colin Perkins" <csp@csperkins.org<mailto:csp@csperkins.org>>; "The IRSG" <irsg@irtf.org<mailto:irsg@irtf.org>>; "icnrg-chairs@ietf.org<mailto:icnrg-chairs@ietf.org>" <icnrg-chairs@ietf.org<mailto:icnrg-chairs@ietf.org>>; <draft-irtf-icnrg-nrs-requirements.authors@ietf.org<mailto:draft-irtf-icnrg-nrs-requirements.authors@ietf.org>>;
Cc: "Vincent Roca" <vincent.roca@inria.fr<mailto:vincent.roca@inria.fr>>;
Sent: 2020-10-23 (금) 19:41:05 (UTC+09:00)
Subject: Re: [irsg] IRSG review request draft-irtf-icnrg-nrs-requirements-04

Hello Colin, IRSG members and authors,

Below is my review of draft-irtf-icnrg-nrs-requirements-04.
It’s globally clear/well written. I have a few comments though.
Hope it will be useful.

Regards,   Vincent

——
This document is globally well written and well documented (many references to research documents and architectural proposals).
Parts of it are perhaps a bit hard to understand for a newcomer like me, but I guess it provides valuable content for a more informed reader.


Main points:

** Which guarantee? (section 4.3 "Resolution guarantee")
        The current text of section 4.3 is pretty strong and uses a "must" (in lowercase letters however):
        "An NRS must ensure that the name resolution would be successful if the name matching content exists in the network."
        There's a contradiction with section 4.1 about resolution response time, especially if we consider the delay-sensitive scenarios mentioned in 4.1.
        At a minimum the sentence should be nuanced.
        But it also raises key questions that are mostly ignored in the current document: is a strong guarantee feasible and is it desirable?

[Editor’s response and revision]
We updated the text there to make it more nuanced. We also added the idea of a probabilistic guarantee (as opposed to a MUST guarantee).

** Security and privacy considerations
        The current "Security considerations" section is not satisfying IMHO.
        Security/privacy is key to any name resolution service: it's the case of DNS, it's the case here also.
        Although it's common to have a separate section in I-D/RFCs, it also suggests that it's a side consideration. It shouldn't.
        Since this is a design I-D, security/privacy should be part of the Design considerations section, and the new « 7. Security Considerations » section could refer to it and just provide additional content (e.g., (D)DoS protection).

[Editor’s response and revision]
We moved the Security consideration into Section 4.9 Security and privacy and put a pointer to Section 4.9 in Section 7. We changed the headings to comply with the Confidentiality/Integrity/Availability framework (CIA triad).

        Otherwise, a few comments for current section 7:
        - It's common to use the CIA triad to structure such security discussions (https://en.wikipedia.org/wiki/Information_security#Key_concepts<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FInformation_security%23Key_concepts&data=04%7C01%7Ccedric.westphal%40futurewei.com%7C80b6ef4ae598482fa8c708d9049a967a%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C1%7C637545884289684062%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GYv80lijq3JjcWOiAoIggFQPifgbr8X9htIXFm9iijw%3D&reserved=0>)mp;reserved=0>).
        - The term "accessibility" is awkward, it's about access control and strongly related to 7.2 authentication and 7.3 confidentiality.
          This is why gathering this under "C(onfidentiality)" could help reduce redundancy.
        - Integrity (of the NRS system, the databases used, the names, etc.) is omitted.
        - Resiliency is part of availability.

        I guess privacy should also be part of the Design Considerations. There are overlaps with CIA, but it's broader.

[Editor’s response and revision]
We added the word Privacy in the confidentiality section.

I’m not sure how far it should go (I don’t ask for a complete rewrite), it should at least mentioned, and perhaps a review published somewhere could be referenced?

[Editor’s response and revision]
Hopefully, it will be OK since you are not asking for a  complete rewrite.

Other points:

** About use of RFC2119 keywords.
        [RFC2119] is listed, but there is no reference to it (no section about the compliance to RFC2119 in particular).
        Is it intended or just an oversight?

[Editor’s response and revision]
We added a sentence pointing to RFC2119 at the beginning of section 4. (but with some weasel words as we’re doing considerations, not requirements).

** Section 2 (intro):
        In sentence: "The consumer provides an NRS with a persistent name and the NRS returns a name or locator that can reach a current instance of the requested object."
        I understand the NRS chooses which route to take for the consumer’s request.
        I'm not sure it is the intention since 1st sentence of section 2.1 mentions "to return the locators" (plural), and suggests there’s a choice that is to be taken by the consumer between alternative locations.

[Editor’s response and revision]
We added some plural in Section 2 intro to be consistent with Section 2.1.

** Section 2.4:
        I find the item "o  Update message overhead:" a bit obscur. I understand the need for an update, but not the impacts on the two NRS.
        For instance, this is the first place where "name resolution overlay" is mentioned.
        More generally, although the previous parts was relatively easy to follow, section 2.4 is more obscur for a newcommer.

[Editor’s response and revision]
We replaced “name resolution overlay” with “system” and mentioned that it could be an overlay.


Typos, minor comments:

[Editor’s response and revision]
All done.

** Section 2 (intro):
        "to help a consumer to reach a specific piece of information (or named data objects)"
        I suggest to use singular for coherency: "(or name data object)"


** Section 3.1, 1st paragraph.
        I suggest adding "or" instead of "," since they are opposed, as is already done for the last part of the sentence:
        "...which can be flat or hierarchical, and human readable or non-readable."