Opsdir last call review of draft-ietf-kitten-rfc5653bis-05
Joe Clarke <jclarke@cisco.com> Tue, 05 September 2017 19:00 UTC
Return-Path: <jclarke@cisco.com>
X-Original-To: ietf@ietf.org
Delivered-To: ietf@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C19C132E29; Tue, 5 Sep 2017 12:00:08 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Joe Clarke <jclarke@cisco.com>
To: ops-dir@ietf.org
Cc: kitten@ietf.org, ietf@ietf.org, draft-ietf-kitten-rfc5653bis.all@ietf.org
Subject: Opsdir last call review of draft-ietf-kitten-rfc5653bis-05
X-Test-IDTracker: no
X-IETF-IDTracker: 6.60.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150463800843.29826.6748894127604407016@ietfa.amsl.com>
Date: Tue, 05 Sep 2017 12:00:08 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/14RsD4iCo_uPnoiwCftdAnNviI4>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Sep 2017 19:00:08 -0000
Reviewer: Joe Clarke Review result: Ready I have been asked to do an LC review of draft-ietf-kitten-rfc5653bis on behalf of the ops directorate (OPS-DIR). This draft is an update to the Java bindings for the Generic Security Service API Version 2. Overall, this document is READY. It clearly articulates the reason for the modifications in the Appendix, and the changes feel straight-forward and make sense in light of the C API capabilities. My one concern is the compatibility of this change relative to the previous RFC5653 bindings. That is, the previous GSSException does not have a getOutputToken method. The sample application in the draft (section 7) calls this new method (and I like the same covers the relevant change in this doc). But what happens if my Java library is the older 5653 version? A NoSuchMethodError will be thrown, which is not ideal. If there is a set of static properties one can check to see if they have the supported version of the library (and thus the GSSException.getOutputToken() method exists), then the example should use those, and that process should be called out in the text. In lieu of that, introspection could be used to determine if the new method exists in the current library before it is used. This is immediately a concern with any API change, but since the appendix mentions this is a compatible change, I wanted to raise the point.
- Opsdir last call review of draft-ietf-kitten-rfc5… Joe Clarke
- Re: [kitten] Opsdir last call review of draft-iet… Weijun Wang
- Re: [kitten] Opsdir last call review of draft-iet… Joe Clarke
- Re: [kitten] Opsdir last call review of draft-iet… Weijun Wang
- Re: [kitten] Opsdir last call review of draft-iet… Joe Clarke