Re: [Id-event] Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT)
"Richard Backman, Annabelle" <richanna@amazon.com> Mon, 29 June 2020 19:42 UTC
Return-Path: <prvs=4423509e1=richanna@amazon.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DF4F3A0CBC; Mon, 29 Jun 2020 12:42:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.6
X-Spam-Level:
X-Spam-Status: No, score=-9.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2_JkE2-sli6R; Mon, 29 Jun 2020 12:42:42 -0700 (PDT)
Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com [207.171.184.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1305E3A0CA3; Mon, 29 Jun 2020 12:42:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1593459763; x=1624995763; h=from:to:cc:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=k2CtyFTBcowihXEZxvWEzoo70dv3B7K9ivX7ALaZyI4=; b=OXleEe7279oQomb5hldcuwrPF4NsN+DTSvkZYQIq69zVZC+MJZZ6qxwB vP/Fp7eGxz1/nBM+quCAhKMDJNzK+ZdM9oy/u6gK28JWOkfw+bRvy0FsQ CJ8xkjF/IyP8CCiUROfWQk7HRvXYYncPpYMiiivxollxkLtp9DAvIQScy A=;
IronPort-SDR: Q1xEPjuALP5xYKvoqqqsKE5qfaMt2oc/mUwWVQMpkBS3/TLToeDx5RQqeDNmHDPEgULrhIBRsk awUUXNx/2Gfg==
X-IronPort-AV: E=Sophos;i="5.75,295,1589241600"; d="scan'208";a="56074507"
Thread-Topic: [Id-event] Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT)
Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-2c-87a10be6.us-west-2.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP; 29 Jun 2020 19:42:12 +0000
Received: from EX13MTAUWC001.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2c-87a10be6.us-west-2.amazon.com (Postfix) with ESMTPS id 62927A0680; Mon, 29 Jun 2020 19:42:11 +0000 (UTC)
Received: from EX13D11UWC001.ant.amazon.com (10.43.162.151) by EX13MTAUWC001.ant.amazon.com (10.43.162.135) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 29 Jun 2020 19:42:11 +0000
Received: from EX13D11UWC003.ant.amazon.com (10.43.162.162) by EX13D11UWC001.ant.amazon.com (10.43.162.151) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 29 Jun 2020 19:42:10 +0000
Received: from EX13D11UWC003.ant.amazon.com ([10.43.162.162]) by EX13D11UWC003.ant.amazon.com ([10.43.162.162]) with mapi id 15.00.1497.006; Mon, 29 Jun 2020 19:42:10 +0000
From: "Richard Backman, Annabelle" <richanna@amazon.com>
To: Mike Jones <Michael.Jones=40microsoft.com@dmarc.ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, Murray Kucherawy <superuser@gmail.com>
CC: "secevent-chairs@ietf.org" <secevent-chairs@ietf.org>, Yaron Sheffer <yaronf.ietf@gmail.com>, "draft-ietf-secevent-http-push@ietf.org" <draft-ietf-secevent-http-push@ietf.org>, The IESG <iesg@ietf.org>, "id-event@ietf.org" <id-event@ietf.org>
Thread-Index: AdZKqvui+dxQVPZRQ7CxvnY5RTcREQDZ7jwA
Date: Mon, 29 Jun 2020 19:42:10 +0000
Message-ID: <0EAEF84F-A109-4F86-B5CC-45270B8450E3@amazon.com>
References: <CH2PR00MB06789AD8D954AE56AF9304E5F5920@CH2PR00MB0678.namprd00.prod.outlook.com>
In-Reply-To: <CH2PR00MB06789AD8D954AE56AF9304E5F5920@CH2PR00MB0678.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.36.20041300
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.43.162.85]
Content-Type: text/plain; charset="utf-8"
Content-ID: <7E3A2C502A34C8499A76608C00C951ED@amazon.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Precedence: Bulk
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/8s2Wq5lrK8fslQo8AHdBIjywWDI>
Subject: Re: [Id-event] Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT)
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Jun 2020 19:42:51 -0000
We've published draft-ietf-secevent-http-push-14 addressing this comment: > Section 2: > * "SET parsing and issuer and ..." -- s/parsing and/parsing,/ > * I'm struggling a bit with the SHOULD and SHOULD NOT in the final paragraph. > When would you legitimately re-transmit a delivered SET, or not delay > re-transmission after a failure? The SET Transmitter may not know whether or not a SET was delivered successfully (e.g., if a network outage prevented the SET Transmitter from receiving the HTTP response). We've revised the last three paragraphs of §2 to clarify this and that SET Recipients are required to tolerate re-transmission of successfully delivered SETs. We also added text to §4 explaining these circumstances. – Annabelle Backman (she/her) AWS Identity https://aws.amazon.com/identity/ On 6/24/20, 9:42 PM, "Id-event on behalf of Mike Jones" <id-event-bounces@ietf.org on behalf of Michael.Jones=40microsoft.com@dmarc.ietf.org> wrote: CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe. I responded to most of Murray's comments directly but I forgot to add that I changed "IETF SecEvent Working Group" to simply "IETF". Several other reviewers also called this out. -- Mike -----Original Message----- From: Benjamin Kaduk <kaduk@mit.edu> Sent: Saturday, June 20, 2020 10:07 PM To: Murray Kucherawy <superuser@gmail.com> Cc: The IESG <iesg@ietf.org>; secevent-chairs@ietf.org; Yaron Sheffer <yaronf.ietf@gmail.com>; draft-ietf-secevent-http-push@ietf.org; id-event@ietf.org Subject: Re: Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT) Hi Murray, Just my thoughts on a subset of the topics; the authors will need to respond for most of them. On Sat, Jun 20, 2020 at 12:05:36PM -0700, Murray Kucherawy via Datatracker wrote: > Murray Kucherawy has entered the following ballot position for > draft-ietf-secevent-http-push-12: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut > this introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-secevent-http-push/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Section 2: > * "SET parsing and issuer and ..." -- s/parsing and/parsing,/ > * I'm struggling a bit with the SHOULD and SHOULD NOT in the final paragraph. > When would you legitimately re-transmit a delivered SET, or not delay > re-transmission after a failure? > > Section 2.1: > OLD: > ... request to an HTTP endpoint using TLS provided by the SET Recipient. > NEW: > ... request to a TLS-enabled HTTP endpoint provided by the SET Recipient. > > * This section makes several references to "header" that I think > should be "header field". I see that Adam Roach's legacy lives on :) > Section 2.3: > * Same issue with the SHOULD in the first paragraph: When would you > not use an appropriate HTTP response code? * I think the "MAY" in the > "description" bullet I think this is "you SHOULD respond", not "you SHOULD use an appropriate error code". I agree about the "MAY". > is superfluous, since you're describing interoperability with a human > at this point. * Same issue with "header" here, with three instances > in this section. * I suggest that the example figures in this section > should be indented. One of them is actually outdented. * "example > non-normative" should be "non-normative example", with three instances in this section. > > Section 2.4: > * The table here is effectively a copy of the table in Section 7.1.2. > Could we just replace this section with a forward reference? > > Section 4: > * "... always retry failed transmissions, however, it should ..." -- "however" > should start a new sentence, or at least the first comma should be a > semi-colon > * More generally, I wonder if leaving the "retryability" (I wish that > was a > word) to the discretion of an implementation, which feels mushy, could > be improved. In SMTP and various other protocols there's an > indication, as part of the reply, that tells the client whether a > failure might succeed later on a retry (say, a local resource > limitation that might clear) versus one that will presumably never > succeed (no such user here). The DNS makes the same distinction. For > example, including in the registry a column indicating whether a > response is indicating a temporary or permanent condition might be useful, or it could be a formalized part of the JSON reply. > > Section 5.5: > * "... systems that the SET Recipient forwards the SET onto ..." -- > suggest "... systems to which the SET Recipient forwards the SET ..." > > Section 6: > * The variable use of "should" and "SHOULD" here made me look a bit > sideways at this section. They all "feel" the same, so the variance seems odd. I think "SHOULD consider" is not terribly enforcable -- what does it mean to "consider". OTOH, "attempt to deliver" seems more concrete, so "SHOULD attempt to deliver" seems to be at least somewhat enforcable. > Section 7.1.1: > * For "Error Code", this set of restrictions allows me to register a > code called "_". Do you want more restrictions here? * "For error > codes registered I think the DEs would look at you pretty funny about "_"... > by the IETF or its working groups, list "IETF SecEvent Working > Group"." -- What if it was some other working group? Good point. Thanks for the review! -Ben _______________________________________________ Id-event mailing list Id-event@ietf.org https://www.ietf.org/mailman/listinfo/id-event
- [Id-event] Murray Kucherawy's No Objection on dra… Murray Kucherawy via Datatracker
- Re: [Id-event] Murray Kucherawy's No Objection on… Benjamin Kaduk
- Re: [Id-event] Murray Kucherawy's No Objection on… Murray S. Kucherawy
- Re: [Id-event] Murray Kucherawy's No Objection on… Mike Jones
- Re: [Id-event] Murray Kucherawy's No Objection on… Mike Jones
- Re: [Id-event] Murray Kucherawy's No Objection on… Richard Backman, Annabelle