Re: [Id-event] Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT)
Mike Jones <Michael.Jones@microsoft.com> Thu, 25 June 2020 04:42 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D8B63A1296; Wed, 24 Jun 2020 21:42:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W7JMS5M0lthn; Wed, 24 Jun 2020 21:42:13 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-eopbgr640113.outbound.protection.outlook.com [40.107.64.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 466873A1294; Wed, 24 Jun 2020 21:42:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fd8/qIn/10a8+Ie/vx8fcmRPRpoRhcuEUDUTqyRCUUsMaJQHcAVLIno0uYo968TDikS1Ccwru9OUsb1A2wpT67YYdeWtFDdngqX19zxpusVlnzrf0/5/eH8oBBk+TbXaMxDgxA2VAJpq2bRkApIVFSO/9qIW0bWid/2q4RHPeg39vlnxV9AHzeBi3mEToHOA0t7MvjVQH/Fxs3DcHouFq+Aw988RDT1H25ouIdgcdELqNVJ/HWcr5rFUxQlneTwjKJTk7k15z8+4VScFPPLV8sVg7W2nUh0CB00xG4f6nkBNsLO/WkZMxcHS5oV1OoP9WA/MuqAY1WDXhdno/mq2eQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3qnEfbyPd8zEp98evtzj9r8lgwPjG1IqxCcbiRIyOGM=; b=QdEZSVVgkdRsj8dkhgecK9XkfPuZV4x8ELekym8i+VV8LFuJ7Xnrm2hCes3N7TmMqArN3nJJdqLobt+CafkZROUtDkYnzWIun7uIAjsdGNqR+jN/1uGWlyg0Tjr3N7qhi8QqyngYRmyaLf57q5PO2YgEzl9rp0bVjRE4fV628TBO8nL6wBFrxw0S6UI1NleF/DXTxcvMqbQCdx+5yX9G+ASpjg4AtMjZKikUeCPuGmy6+Gz9VwVIu98TE09E0745KoTAK48tOO9BBPIpQskJH4iSnua8iWaO0Yt4x+xCJoRjG4a8i9XO2srrN9TvOIjiEAtl10Av6DW7oQ2KUPd+Gg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3qnEfbyPd8zEp98evtzj9r8lgwPjG1IqxCcbiRIyOGM=; b=GBZX6VPKx0lngeANAMyvftlQvfU2cmd1HYy3fC3LqQMbwe72XlYu0fGbmzVcUQvIBnrizOJUJU8w+QsSqUUfKxOfB4PYYaFh7YRKpMX+9Sr9v4JAbEj54MdmuOZ2nuhrM0f4vjEJoU1YO1jcKiBbVWbBOBVEItgSY9Y12FvphSA=
Received: from CH2PR00MB0678.namprd00.prod.outlook.com (2603:10b6:610:a9::23) by CH2PR00MB0828.namprd00.prod.outlook.com (2603:10b6:610:6f::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3170.0; Thu, 25 Jun 2020 04:42:11 +0000
Received: from CH2PR00MB0678.namprd00.prod.outlook.com ([fe80::3c44:1c81:e278:edb0]) by CH2PR00MB0678.namprd00.prod.outlook.com ([fe80::3c44:1c81:e278:edb0%2]) with mapi id 15.20.3173.000; Thu, 25 Jun 2020 04:42:11 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: Benjamin Kaduk <kaduk@mit.edu>, Murray Kucherawy <superuser@gmail.com>
CC: The IESG <iesg@ietf.org>, "secevent-chairs@ietf.org" <secevent-chairs@ietf.org>, Yaron Sheffer <yaronf.ietf@gmail.com>, "draft-ietf-secevent-http-push@ietf.org" <draft-ietf-secevent-http-push@ietf.org>, "id-event@ietf.org" <id-event@ietf.org>
Thread-Topic: Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT)
Thread-Index: AdZKqvuiPaEcfDhDSXK1/SLH9z5VYg==
Date: Thu, 25 Jun 2020 04:42:11 +0000
Message-ID: <CH2PR00MB06789AD8D954AE56AF9304E5F5920@CH2PR00MB0678.namprd00.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=3a1b2a01-02b6-4c82-a05b-77f9726a32ab; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-06-25T04:40:43Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.47.87.252]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: ff3d97d6-48ac-43ff-a34a-08d818c2205e
x-ms-traffictypediagnostic: CH2PR00MB0828:
x-microsoft-antispam-prvs: <CH2PR00MB0828CDA0E7F67EE2B4246ACAF5920@CH2PR00MB0828.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0445A82F82
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: mIrmI5aL8c/aN2cr4sL+GRhbywquypTQkwCu+f7z6CQywF6Xw0ptA7yD9G0TL1dWtRALXUfVdi/c5nVh9hsoLMGy6qV/kDt6MJxDGQoviD2Qo7/su9ZrPbtp+qTRsCGLNtcShuZvwggQXedbiMuCsAVn1I1c+PRmLpYjD0IHZdqteP9Ypad7ttDuGyT4gzeLNlzhhQrZQrPLIyq7WPgOrgv3ixIxYbSi5/EABF3z3WOe8+aiNFLb50jAoIHAqWyMeFieGstNrPXesGYLRddI1kTFsynXU95RNB3jnLwa6s399bayeZPf5HFvpBhdN/FBr9zDY566BCQytRhIWJX+p5GNlwnpwlQLSO/tlBTf0XXNgfwYJ1yPddyk2muoxF3h3xbcwBVeemuBKYM+784eZw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR00MB0678.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(396003)(376002)(366004)(346002)(136003)(66556008)(54906003)(5660300002)(316002)(8990500004)(33656002)(86362001)(4326008)(82950400001)(66476007)(478600001)(82960400001)(110136005)(966005)(10290500003)(52536014)(76116006)(55016002)(7696005)(66446008)(64756008)(66946007)(9686003)(71200400001)(2906002)(83380400001)(26005)(53546011)(8676002)(8936002)(186003)(6506007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: RyiuH7/M+HtcO39GMuaSh721LBhmZVz7535iQpzPMfbyDg2h78wuHDWi48cEAjwNVj1XzdIggJb53LGHa6PlS5+mINt6vNgdatQdEtv/3SaoWMPYOxbaIbxsP9gvD6Hh+fzleF0+ncRZlF1x4WsO6nrCn6nzqvgn73UEYSU35YFGo3BG1U37rPYnJQsLFkpYhjXLp1dj3xoSEYkY5t4ZHHHKvcUbP242ySYGKzOpy8aIFFpKeD5d8dJrkgXtpZke54z5ElD25SEALJqga49Pmm2kp28+oCxwdzJDLzPFweS+iTAeka0GD+PTBqPt1EwZYs6zskDDr3B542F+qdw9GgpemusY1eFA/dhPnLZtJ5t8T4/S5DO1q6jtjLd0KY2bigyySVDY8sLU2VOx08J1aMUQ/iYzc6WaO+XJB7oGMdhKABXTkRR4VUnwdfx6b/I+jSJMfEd/dFouLrPWOJrvePPx++eNDwZjiQ20Y037zmM=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR00MB0678.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ff3d97d6-48ac-43ff-a34a-08d818c2205e
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jun 2020 04:42:11.7027 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: s8oQ4kVcEy+qHMrrutvBDSMwq2/TswQIKw2+uyNwdpgLk2rLr5doWP9bqmA0IoM4QunLzlHHVWtAqpHV8YeprQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR00MB0828
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/xWXjUpROQ1kJq6Cx7xKBHIOP-6E>
Subject: Re: [Id-event] Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT)
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jun 2020 04:42:15 -0000
I responded to most of Murray's comments directly but I forgot to add that I changed "IETF SecEvent Working Group" to simply "IETF". Several other reviewers also called this out. -- Mike -----Original Message----- From: Benjamin Kaduk <kaduk@mit.edu> Sent: Saturday, June 20, 2020 10:07 PM To: Murray Kucherawy <superuser@gmail.com> Cc: The IESG <iesg@ietf.org>; secevent-chairs@ietf.org; Yaron Sheffer <yaronf.ietf@gmail.com>; draft-ietf-secevent-http-push@ietf.org; id-event@ietf.org Subject: Re: Murray Kucherawy's No Objection on draft-ietf-secevent-http-push-12: (with COMMENT) Hi Murray, Just my thoughts on a subset of the topics; the authors will need to respond for most of them. On Sat, Jun 20, 2020 at 12:05:36PM -0700, Murray Kucherawy via Datatracker wrote: > Murray Kucherawy has entered the following ballot position for > draft-ietf-secevent-http-push-12: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut > this introductory paragraph, however.) > > > Please refer to > https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-secevent-http-push/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Section 2: > * "SET parsing and issuer and ..." -- s/parsing and/parsing,/ > * I'm struggling a bit with the SHOULD and SHOULD NOT in the final paragraph. > When would you legitimately re-transmit a delivered SET, or not delay > re-transmission after a failure? > > Section 2.1: > OLD: > ... request to an HTTP endpoint using TLS provided by the SET Recipient. > NEW: > ... request to a TLS-enabled HTTP endpoint provided by the SET Recipient. > > * This section makes several references to "header" that I think > should be "header field". I see that Adam Roach's legacy lives on :) > Section 2.3: > * Same issue with the SHOULD in the first paragraph: When would you > not use an appropriate HTTP response code? * I think the "MAY" in the > "description" bullet I think this is "you SHOULD respond", not "you SHOULD use an appropriate error code". I agree about the "MAY". > is superfluous, since you're describing interoperability with a human > at this point. * Same issue with "header" here, with three instances > in this section. * I suggest that the example figures in this section > should be indented. One of them is actually outdented. * "example > non-normative" should be "non-normative example", with three instances in this section. > > Section 2.4: > * The table here is effectively a copy of the table in Section 7.1.2. > Could we just replace this section with a forward reference? > > Section 4: > * "... always retry failed transmissions, however, it should ..." -- "however" > should start a new sentence, or at least the first comma should be a > semi-colon > * More generally, I wonder if leaving the "retryability" (I wish that > was a > word) to the discretion of an implementation, which feels mushy, could > be improved. In SMTP and various other protocols there's an > indication, as part of the reply, that tells the client whether a > failure might succeed later on a retry (say, a local resource > limitation that might clear) versus one that will presumably never > succeed (no such user here). The DNS makes the same distinction. For > example, including in the registry a column indicating whether a > response is indicating a temporary or permanent condition might be useful, or it could be a formalized part of the JSON reply. > > Section 5.5: > * "... systems that the SET Recipient forwards the SET onto ..." -- > suggest "... systems to which the SET Recipient forwards the SET ..." > > Section 6: > * The variable use of "should" and "SHOULD" here made me look a bit > sideways at this section. They all "feel" the same, so the variance seems odd. I think "SHOULD consider" is not terribly enforcable -- what does it mean to "consider". OTOH, "attempt to deliver" seems more concrete, so "SHOULD attempt to deliver" seems to be at least somewhat enforcable. > Section 7.1.1: > * For "Error Code", this set of restrictions allows me to register a > code called "_". Do you want more restrictions here? * "For error > codes registered I think the DEs would look at you pretty funny about "_"... > by the IETF or its working groups, list "IETF SecEvent Working > Group"." -- What if it was some other working group? Good point. Thanks for the review! -Ben
- [Id-event] Murray Kucherawy's No Objection on dra… Murray Kucherawy via Datatracker
- Re: [Id-event] Murray Kucherawy's No Objection on… Benjamin Kaduk
- Re: [Id-event] Murray Kucherawy's No Objection on… Murray S. Kucherawy
- Re: [Id-event] Murray Kucherawy's No Objection on… Mike Jones
- Re: [Id-event] Murray Kucherawy's No Objection on… Mike Jones
- Re: [Id-event] Murray Kucherawy's No Objection on… Richard Backman, Annabelle