Re: [Id-event] Poll document - shepherd review comments

Mike Jones <Michael.Jones@microsoft.com> Mon, 18 November 2019 04:06 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0840F12001E for <id-event@ietfa.amsl.com>; Sun, 17 Nov 2019 20:06:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IfqLzkqFetCy for <id-event@ietfa.amsl.com>; Sun, 17 Nov 2019 20:06:49 -0800 (PST)
Received: from NAM06-BL2-obe.outbound.protection.outlook.com (mail-bl2nam06on0709.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe55::709]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEDF7120096 for <id-event@ietf.org>; Sun, 17 Nov 2019 20:06:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fP37qw/N7G4KREQ7vZuCrZT4gDfASGDTdJpKtDxh7FzyL9foYtbPvMPnxob3v6sns/kkOcCWjd8MV4ywsVuy2dxwrUa8Vt5f1daqssqjll1ROfEMBHsXGzGIgKG6WyBZQ3GiTVAgCHcP9uYgkn7T9zcvFQBfu30rX+PyC/5s+Ku4NbcVMp1WYKTzPfHNVrZpu8ywNCxRmEeafTcJqIZnGzcBiT6KkkREZ0vaIIoiXacFEeKhTNlEKS7oAH7cbR52yKkpngwd+qp6cEqic5AWuiqSyUJqmNXU4pVNxBgFcGiIyjS4GchoeP4TnRpDnT2wOq6wYOBnxRvKYVNYAi4jLw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tF64JApMLuyn+W9rwtitWllPSJsAE1rFL8O27Q5lnmY=; b=kO1Un3FFD2urBeizSKEydx0yvRHri0R1CiC9TAPULtGNLNb3fDN8/s+gvKsuE8R4rC57J5bfcW8F2zmh0Bd0Cc4+Zf1+iTd+TZMalEnlPpOU1q1mhLj198bXfhDsqiU7miBRYL+B50/q+LuxfbkoqlzQQXOXbUwNUMPiOKH10tesZ37l3Yy+ZCkN/p4rL3kGxRZCuoX7KPGK0j/ezs5j9fQ16jMwlXSbkF6zCKjU6myNs36wjM0p9s3v2pvx0qysDcJbxL6EOdUw0YX0KGlBpsFiUvXl+qdVYtGNqIYqgavQQK0yN+8NQeFuIEYp9V4ojgycQjjH2HQ5gsTcN4M3ow==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.onmicrosoft.com; s=selector2-microsoft-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tF64JApMLuyn+W9rwtitWllPSJsAE1rFL8O27Q5lnmY=; b=ge+I6qCNIKvs2dxqpe2GrCaq4bj29oiQklpq/1a9Qq2DjkmjjS9PXVtjvPF8OkOtkvN2lx7f4BCxLc+A047ThdvB4lhzME7OYU9RH2XaInzyqF4/cH4vbKD0FKkeBTvBSXb2K8zKuykP2KGvjPt4cS28DQep/ocIt4AYWPmAoyI=
Received: from DM6PR00MB0572.namprd00.prod.outlook.com (20.179.51.15) by DM6PR00MB0507.namprd00.prod.outlook.com (20.178.30.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2505.0; Mon, 18 Nov 2019 04:06:35 +0000
Received: from DM6PR00MB0572.namprd00.prod.outlook.com ([fe80::b4e1:8a58:2eb1:47bd]) by DM6PR00MB0572.namprd00.prod.outlook.com ([fe80::b4e1:8a58:2eb1:47bd%9]) with mapi id 15.20.2506.000; Mon, 18 Nov 2019 04:06:35 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>, "id-event@ietf.org" <id-event@ietf.org>
CC: Benjamin Kaduk <kaduk@mit.edu>
Thread-Topic: Poll document - shepherd review comments
Thread-Index: AQHVlVMSkyBmxRrNqEKi71w7IjPBJaeQWJ+w
Date: Mon, 18 Nov 2019 04:06:35 +0000
Message-ID: <DM6PR00MB057280C4E2D32F554A86576EF54D0@DM6PR00MB0572.namprd00.prod.outlook.com>
References: <324BECA0-9425-4493-93F1-FE295A772253@gmail.com>
In-Reply-To: <324BECA0-9425-4493-93F1-FE295A772253@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=cf65c87d-1e69-4450-92ae-0000799025fd; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2019-11-18T03:38:26Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [2001:67c:1232:144:f182:71dd:4e60:828a]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: a8431bca-956a-40e2-aa3a-08d76bdcb417
x-ms-traffictypediagnostic: DM6PR00MB0507:
x-microsoft-antispam-prvs: <DM6PR00MB0507D9AF0331F0B1EC982149F54D0@DM6PR00MB0507.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0225B0D5BC
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(396003)(366004)(136003)(376002)(39860400002)(199004)(13464003)(189003)(46003)(11346002)(10290500003)(446003)(476003)(8990500004)(64756008)(66556008)(66946007)(76116006)(66446008)(66476007)(25786009)(186003)(6116002)(5660300002)(966005)(478600001)(486006)(71190400001)(71200400001)(52536014)(14454004)(6436002)(2906002)(33656002)(2501003)(4326008)(6246003)(55016002)(9686003)(6306002)(99286004)(14444005)(256004)(22452003)(6506007)(8936002)(76176011)(316002)(86362001)(81166006)(10090500001)(8676002)(53546011)(81156014)(102836004)(7736002)(305945005)(74316002)(229853002)(7696005)(110136005); DIR:OUT; SFP:1102; SCL:1; SRVR:DM6PR00MB0507; H:DM6PR00MB0572.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1ukQShDvsAPv/d8C5tzcdC8jmptwv6HDK15EgE/TJYf834Cg+z8ItxGUxqfBnfz5OSCvhu1jbYXizG2gjU74Au6YkDWguTz6UMODJpl1M+1UKat/sSggjfpP2Nf3bwjjcpx+XzsNMZipL7Cxjyh4zYmDJWriNzlm1M4p2/o2veutcE/p2y14GdxSH9ubl1wcrgcxQ9Uw2IgzQgPcXj/2qyHeOa9LFCC9d8E6U5XCJDWbEf1k4jDJao4RYz8/c5dGdMIR5qwBV4B2swoe7QA6ECyI37YFxzdOXTv5dgw/3JtV7IT51mO5xQh6WBCfQN6rwx8lsbl1YnVy5ERgRZRfumKkbLBGI4n9mQa5qvQ9RkRm0oKkviWgubFG6rGnqbq2vSmiYatUQH1Obt6i8ZcFS0gIYVWwCoOyWJHqPivdhv05EYN/9ueEW7h3edVrOUV47Y4mkrvbElNtTyRLCug+wvpJ5DrrMZBqA6m8GLs/YpI=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a8431bca-956a-40e2-aa3a-08d76bdcb417
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Nov 2019 04:06:35.3692 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: aQMtGtLBV1+TtRsRrWcK4ZquGBKD14MAk5mm8Yv1LHff6aSd/BfsxZMuTrakqeUTO+cuWLlSt5EZunUaXV2v8A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR00MB0507
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/7AawIrexvbzJsLqfljJ1G-vadUg>
Subject: Re: [Id-event] Poll document - shepherd review comments
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Nov 2019 04:06:52 -0000

Thanks for your useful review comments, Yaron.  I've published https://tools.ietf.org/html/draft-ietf-secevent-http-poll-05 to address them.  This should also enable Ben to review draft-ietf-secevent-http-push and draft-ietf-secevent-http-poll at the same time, as he'd requested.  Replies to your individual comments are inline.

				Thanks again,
				-- Mike

-----Original Message-----
From: Id-event <id-event-bounces@ietf.org> On Behalf Of Yaron Sheffer
Sent: Thursday, November 7, 2019 6:07 PM
To: id-event@ietf.org
Subject: [Id-event] Poll document - shepherd review comments

Hi,

I’m jumping the gun a little bit, but since the authors seem to have implemented the WGLC comments, we should move forward to publish the document.

Please address my comments below and republish the document, hopefully on the week of IETF or shortly thereafter. Then we will send it to Ben.

Thanks,
	Yaron

(Note: I used the latest version of the document, from GitHub.)

• 1. Introduction: Please add, "This is an alternative SET delivery method to the one defined in [push]".

Done

• "How SETs are defined and the process by which events are identified for SET Recipients" - are both defined in RFC 8417.

Done

• The sentence "Transmitted SETs SHOULD be self-validating..." Is very awkward, please reword as two or more sentences.

I took the lead of the Push draft and deleted this awkward and problematic sentence.

• 2.2: the description for setErrs is unclear. Specifically, please mention that the jti values are JSON object keys for the inner objects. (And a JSON schema definition would have been nice).

I reworded both the "ack" and "setErrs" definitions to be clearer.

• 2.4: "the ack and errs request parameters" - there is no "errs" parameter, and the "setErrs" parameter as defined requires one or more members (and the definition doesn't mention that it is optional).

Good catch - thanks.  Corrected.

• "If after a period of time, negotiated between the SET Transmitter and Recipient, a SET Transmitter MAY redeliver SETs it has previously delivered." - The "if" is redundant, also, the period is not "negotiated", it is preconfigured.

Done

• The "err" flag is mentioned several times, where it should be "setErrs".

Corrected - thanks again for the detailed read!

• 2.4.1: "without acknowledgement parameters (sets and setErrs)" - "sets" is a response member.

Corrected

• "and notifies the SET Transmitter" - you might want to add "of successful receipt and of errors".

Done

• "This specification considers authentication as a feature to prevent denial-of-service attacks." It sounds like this is the *only* justification for authentication, which is clearly not the case.

Corrected

• Sec. 3.1 is completely out of context. There is also a dangling "including:" in the middle of the section. And a dangling reference at the end.

I tool the lead of the Push specification and deleted this out of context and not useful section.


_______________________________________________
Id-event mailing list
Id-event@ietf.org
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fid-event&amp;data=02%7C01%7CMichael.Jones%40microsoft.com%7C7aee28fe1232464d90fe08d7636a313e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637087180089622975&amp;sdata=hcDS%2B6pe2jCzTJwa8Fsij5Z0A67l8FrbnGjQy%2FgX2Tc%3D&amp;reserved=0