[Id-event] Poll document - shepherd review comments
Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 07 November 2019 10:06 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: id-event@ietfa.amsl.com
Delivered-To: id-event@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46BC012010D for <id-event@ietfa.amsl.com>; Thu, 7 Nov 2019 02:06:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.688
X-Spam-Level:
X-Spam-Status: No, score=-0.688 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MALFORMED_FREEMAIL=1.31, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hQGLfy5I0g9M for <id-event@ietfa.amsl.com>; Thu, 7 Nov 2019 02:06:37 -0800 (PST)
Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0D40120096 for <id-event@ietf.org>; Thu, 7 Nov 2019 02:06:37 -0800 (PST)
Received: by mail-wr1-x434.google.com with SMTP id j15so2305623wrw.5 for <id-event@ietf.org>; Thu, 07 Nov 2019 02:06:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=user-agent:date:subject:from:to:message-id:thread-topic :mime-version:content-transfer-encoding; bh=60SRyovAeSMgD0omPXt1F0gL4gSBMT1ntZxrLJHBpBo=; b=C9djFcsXU8xXWMM7/ZvGVS8t5eqmiQGgIGmNgHG5GH96Nkfy+1yTzDoslVs668lfpW KYoQ7eO9i6IPcPNRftNcdPXGgnMdmNPlUaItefryqh+GQAUTxBZjIOXHevsysCoKxHFz h8kYpCqHTwfXJx2X7SB/CI0YuxCVyFirxHwniRzuduo0fQCmOfu4prf6BtmvyHoo4ehE ioXWvESSqR7HWBbg+At7bi0MBUNneeiKVuEZamD6wmOwSBoOmCvn97OUbrwIj5tt693d GuVAg9XMGT9S6rn7Vu4fpIYrAO4k1s/TVsSE9EkYfqzCYBORgR50ITWbcdoKtmjHew1A tndg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:user-agent:date:subject:from:to:message-id :thread-topic:mime-version:content-transfer-encoding; bh=60SRyovAeSMgD0omPXt1F0gL4gSBMT1ntZxrLJHBpBo=; b=EQd0oIw54Kp9Az7IYfSI79K4t1NXgXv8USD5yhCfzS9qltJXr/degmsNo2EXIhTZGD 3W/0iom+5OnthfQTlKXKW7jRjdoyH2kcU0Masi95ifqxbT9WtOJLg0M/7lLcI0v4lPnn mVyc1dcvWSaTrK6XUA1bC+QEKz7B4l0uhzIocahzdWXqccU3gkRZRaR6g8kD0EdU5Y0/ VktIfdWoD3yjGOjHpnMdSHILbf346Poe1C0FlcU4BITV+J/VAycImfSOBDMRNZpjA2um cr+jb5IwnpDrGS1TJlFIYQ1xdkh5hTis0/fbU8Q6aHSUyFsyhIhuEi1ogNDNpPguVeD1 XmTA==
X-Gm-Message-State: APjAAAUTUMkNqHo8xsqTBZPdvSo4VcYCwdgM0MnH8j6N3XCWedDrT8IU dzT0n13cwoKr84xnBYMtRYe6Jg3U
X-Google-Smtp-Source: APXvYqzimyC9v28upu5uobwZGMsfJIh/GoZibBDiVt6COXT63deXlv2Fpyj632MO1c3s5UAsErGJDQ==
X-Received: by 2002:a5d:6585:: with SMTP id q5mr1943597wru.158.1573121195917; Thu, 07 Nov 2019 02:06:35 -0800 (PST)
Received: from [172.28.128.141] (pub-corp-42-8.intuit.com. [91.102.42.8]) by smtp.gmail.com with ESMTPSA id o1sm1869304wrs.50.2019.11.07.02.06.34 for <id-event@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 07 Nov 2019 02:06:34 -0800 (PST)
User-Agent: Microsoft-MacOutlook/10.1e.0.191013
Date: Thu, 07 Nov 2019 12:06:33 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
To: "id-event@ietf.org" <id-event@ietf.org>
Message-ID: <324BECA0-9425-4493-93F1-FE295A772253@gmail.com>
Thread-Topic: Poll document - shepherd review comments
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/id-event/tsQu1fyVK7p7s4iGje2l1k2M7Dw>
Subject: [Id-event] Poll document - shepherd review comments
X-BeenThere: id-event@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A mailing list to discuss the potential solution for a common identity event messaging format and distribution system." <id-event.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/id-event>, <mailto:id-event-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/id-event/>
List-Post: <mailto:id-event@ietf.org>
List-Help: <mailto:id-event-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/id-event>, <mailto:id-event-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2019 10:06:39 -0000
Hi, I’m jumping the gun a little bit, but since the authors seem to have implemented the WGLC comments, we should move forward to publish the document. Please address my comments below and republish the document, hopefully on the week of IETF or shortly thereafter. Then we will send it to Ben. Thanks, Yaron (Note: I used the latest version of the document, from GitHub.) • 1. Introduction: Please add, "This is an alternative SET delivery method to the one defined in [push]". • "How SETs are defined and the process by which events are identified for SET Recipients" - are both defined in RFC 8417. • The sentence "Transmitted SETs SHOULD be self-validating..." Is very awkward, please reword as two or more sentences. • 2.2: the description for setErrs is unclear. Specifically, please mention that the jti values are JSON object keys for the inner objects. (And a JSON schema definition would have been nice). • 2.4: "the ack and errs request parameters" - there is no "errs" parameter, and the "setErrs" parameter as defined requires one or more members (and the definition doesn't mention that it is optional). • "If after a period of time, negotiated between the SET Transmitter and Recipient, a SET Transmitter MAY redeliver SETs it has previously delivered." - The "if" is redundant, also, the period is not "negotiated", it is preconfigured. • The "err" flag is mentioned several times, where it should be "setErrs". • 2.4.1: "without acknowledgement parameters (sets and setErrs)" - "sets" is a response member. • "and notifies the SET Transmitter" - you might want to add "of successful receipt and of errors". • "This specification considers authentication as a feature to prevent denial-of-service attacks." It sounds like this is the *only* justification for authentication, which is clearly not the case. • Sec. 3.1 is completely out of context. There is also a dangling "including:" in the middle of the section. And a dangling reference at the end.
- [Id-event] Poll document - shepherd review commen… Yaron Sheffer
- Re: [Id-event] Poll document - shepherd review co… Mike Jones