Re: [Int-dir] [EXT] INTDIR Review of draft-ietf-dtn-dtnma-10.txt
Donald Eastlake <d3e3e3@gmail.com> Thu, 15 February 2024 23:58 UTC
Return-Path: <d3e3e3@gmail.com>
X-Original-To: int-dir@ietfa.amsl.com
Delivered-To: int-dir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D093C14F6FE; Thu, 15 Feb 2024 15:58:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.858
X-Spam-Level:
X-Spam-Status: No, score=-1.858 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lkxcWFO9OQ-Y; Thu, 15 Feb 2024 15:58:10 -0800 (PST)
Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F7CBC14F60F; Thu, 15 Feb 2024 15:58:10 -0800 (PST)
Received: by mail-lj1-x232.google.com with SMTP id 38308e7fff4ca-2d208d0b282so15672041fa.0; Thu, 15 Feb 2024 15:58:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708041488; x=1708646288; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=0iC022UqlbgwR+0I1+6qh/zC1MQt0BAoZb7joB41xHw=; b=MZYfTfgKwBGtZ/zEQra60aK5fKs7ufwk8kMxULcgDUdpBwTOW/ZBwliRjTqrLiWpkx m4ZjD9Fs4x2dJtQv8eHM4duTg9PtvlBtiVRlLsZS6kVCc57rS/CxQ8QSdYZhEld2/Cmq nPmZeDB+UrYFHMOOy0/uuckvu5GhzM71KBLtUcqCJKKKry1NOKeW0vII1RgXG6IU/e7j ZohDFv4j4+CDj+H6L7e1+RSRcANXuGhxG+tMvM2To18R2ztVUb9gM9sKkV730277gvHp SOIVMXXXgEtRmiTIPg+b4nx6n7wEhSbLX87CSmPK2O/5JvODafFK572WKGXquENh9ODN S1Bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708041488; x=1708646288; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0iC022UqlbgwR+0I1+6qh/zC1MQt0BAoZb7joB41xHw=; b=ITtKwP4WsRAWXAk/A7TkJIxs64dCurilJJEn/vlYVtk/pHa1Wd9RZTyHXgE7ou9sOY mGnsnPfLmIQ9Ca0IlqHUQ8ZoGL73RaqfPD0aofJHv4MruwnH725IPYQrc0+BcYZseOKM cp1YpGtv2ss3Hg00Tx0BSXjlzBQuwyBa6Uv5wnScbasyKkj3JiEvyqQmSbfMTawJGNIQ 4a4Ho1rf/KQmsSQjT/IhKAoy67w0jJ4b1hwNs+vgBV3ICjuY3+f32DKGbcrJSWaxtx02 GjOjA47Zvkcgc5hXzddrLNWgarZx1y9fsSAGKRywvv6we170/p1dk+Mzrh9kY6Fqv9pB Agbg==
X-Forwarded-Encrypted: i=1; AJvYcCUayz3+WcwtVgeSgCdlEt+PYO2PG1TeFadivhqZtzmuKkiDfo573j99I/lx4Oml7dInvgn2c1/Pfby/ZQS9ORqkJIoNyCrKCUWeHCnoWhaK8qw6+V+Fa8vRqFjJSjruWwtp9FdMsrDKBNeAhAFu/gDyiF4ShPKESGQ=
X-Gm-Message-State: AOJu0Yx5jMgqp3jdoq6gst4w5WYWjcPvPqsF9NyOaay0ykWKgsnwEFWq PNTgMY5pd67KZ02Ut1rTcokSbtp7giV2/DVx0xPSajL5U7v7yWxlbdP4uid0VRC7XNc2nq57rDB E21wVoQ/LdQUhO182QawmVxaC9MY=
X-Google-Smtp-Source: AGHT+IE0JkOGDsYdqC+WU7ZSp47PwI+2R5CglI3qnCY5vR1crpk6rWg5WsqUjTrZqmCFYzESl/nQVMKtbNUpWLMkjV4=
X-Received: by 2002:a05:651c:198d:b0:2d0:f62b:cdca with SMTP id bx13-20020a05651c198d00b002d0f62bcdcamr2871477ljb.1.1708041488194; Thu, 15 Feb 2024 15:58:08 -0800 (PST)
MIME-Version: 1.0
References: <CAF4+nEFoWPBCv6GyCkAr2jJm5GqzP8bO1wKjPG3fFn=VgKdvAw@mail.gmail.com> <3a8d022e81794b1ba3c7fa208ff4cc4c@jhuapl.edu>
In-Reply-To: <3a8d022e81794b1ba3c7fa208ff4cc4c@jhuapl.edu>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Thu, 15 Feb 2024 18:57:56 -0500
Message-ID: <CAF4+nEE5VN__F3u0ik9shs9K__jO_GuW2y=1y4u=LL3semdNCg@mail.gmail.com>
To: "Birrane, Edward J." <Edward.Birrane@jhuapl.edu>
Cc: "int-ads@ietf.org" <int-ads@ietf.org>, "int-dir@ietf.org" <int-dir@ietf.org>, "draft-ietf-dtn-dtnma.all@ietf.org" <draft-ietf-dtn-dtnma.all@ietf.org>, "dtn-chairs@ietf.org" <dtn-chairs@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/hmxENjxIEaUcfnXU9YE5gbWFBfU>
Subject: Re: [Int-dir] [EXT] INTDIR Review of draft-ietf-dtn-dtnma-10.txt
X-BeenThere: int-dir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This list is for discussion between the members of the Internet Area directorate." <int-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-dir>, <mailto:int-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-dir/>
List-Post: <mailto:int-dir@ietf.org>
List-Help: <mailto:int-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-dir>, <mailto:int-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Feb 2024 23:58:11 -0000
Hi Ed, See below. On Thu, Feb 15, 2024 at 1:19 AM Birrane, Edward J. <Edward.Birrane@jhuapl.edu> wrote: > > Donald, > > Thank you for your review of the dtnma-10 document. I have posted > responses and recommendations in-line below, and have enumerated > them as EJB_D# for discusses) and EJB_C# (for others) to help with > referencing. > Please let me know if the recommendations below would address your > discusses and comments. OK. > -Ed > > --- > Edward J. Birrane, III, Ph.D. (he/him/his) > Chief Engineer, Space Networking > Space Systems Implementation Branch > Space Exploration Sector > Johns Hopkins Applied Physics Laboratory > (W) 443-778-7423 / (F) 443-228-3839 > > > I have the following DISCUSS level issues: > > ------------------------------------------ > > > > Should some action by the DTNMA fail, can this trigger some sort of failure > > handling rule? For example, some rule to instantiate some "safe state"? Error > > handling guidance seems lacking in this document but seems important due > > to the independent nature of the DTNMA. > > EJB_D1: The document provides some general statements that managed > devices must "perform their own error discover and mitigation" > (Section 1.0), that DA's are responsible for "error handling" > (Section 2.0) and must "handle critical events (such as errors)" > (Section 7.3.2.2). The specific case of a rule response failing is > discussed in Section 9.5, which says "The success of failure of a > control may be handled locally by the agent autonomy engine." > > EJB_D1: I agree that an explicit statement to consider a "safe > state" and/or "control-specific recovery" could easily by added as > clarifying text as examples of how the agent autonomy engine might > handle a control failure. So, recommend adding a sentence to that > effect to Section 9.5 as part of the existing discussion of handling > control failures. Other types of failures of the DA, I think, are > covered by the more generic error handling wording mentioned above. I agree that Section 9 is a reasonable place to cover this. Possibly just adding two or three sentences... I would like to see the following three things touched on: 1. The importance of considering local error handling at the Agent due to the possible infrequence of Agent-Manager connectivity. (Mentioning error handling just parenthetically in passing in the Data Fusion section (7.3.2.2) does not seem adequate.) 2. In connection with 1 above, the occurrence of errors should be a trigger or accessible via a predicate or something so the response to the error can be programmed. 3. Mention the advisability of having a "safe state" for the DTNMA or parts thereof that can be installed on certain errors. > > Related to that, Section 9.2 speaks of bulk updates. Is there a requirement > > that those or other actions that result when predicate(s) are met be > > accomplished atomicly? Or can things change part way through some > > update? If so, does the action "fail" and undo any part already accomplished > > or partially complete? > > EJB_D2: Agree that the implementation of such bulk updates is an > important consideration. The existing text in that section does > discuss the need to consider pre-conditions prior to attempting > such and update. Recommend adding a parenthetical to that sentence > that a good example of a pre-condition to be checked is whether > some other update is already occurring on the device. OK. > EJB_D2: Also agree that rollback is an important function, and I > think would be covered by the recommendations in EJB_D1. OK if this is also covered in changes stemming from EJV_D1 above. > > The following are other issues I found with this document that SHOULD > > --------------------------------------------------------------------- > > be corrected before publication: > > -------------------------------- > > > > It seems to me that a notable absence is a list, even if scattered through > > much of the body of the document, of numbered (perhaps hierarchically > > numbered) requirements since there are so many apparently mandatory > > requirements in this document. It could be argued that such enumerated > > requirements are not common in "architecture" > > documents. While this is named an "Architecture" document, it is full of fairly > > specific and quite stern ("must") negative and positive requirements. > > Perhaps it should be renamed "DTN Management Architecture and > > Requirements". > > EJB_C1: As this is an informational document, we would not want this > to be the place to define normative requirements. We do agree that > there is good detail in this document to help with a subsequent > requirements document. It is a bit fuzzy what the boundary is between a "normative requirement" and a restriction that the architecture imposes... > > There are 35+ uses of lowercase "must" in this document as it stands. This > > would be much less a problem if the statements including "must" were > > labeled as requirements or they could be reworded using alternatives to > > "must" such as "required". The two points at the end of Section 3.2 are a > > notable exception in saying "should" rather than "must". > > EJB_C2: Recommend a review of the use of lowercase "must" and reword > using alternatives in cases where "must" could imply specific > normative behaviors from an informational document (specifically in > sections 7,8,9). However, many uses of "must" describe consequences > of operating environments or otherwise logical processing outcomes, > which would be consistent with an informational document and we > would recommend not changing wording in those cases. OK. > > I'm not sure the possibilities being explored in Section 5 are evaluated > > consistently with the mandatory ("must") requirements elsewhere in the > > draft. For example, Section 5 may say that some existing protocol is "a poor > > choice" when requirements elsewhere exclude that protocol. > > EJB_C3: Agree that the term "poor choice" is a poor > choice. Recommend replacing that term with "unsuitable for operating > in...". Otherwise, believe that a review of "must" as proposed in > EJB_C2 would address other concerns here. OK. > > At the end of Section 7.3.3, is it actually correct to say that responses and > > commands "are independent of one another"? Hopefully responses > > correspond to commands. Perhaps something more like "the issuance of > > new commands is not dependent on receiving responses to previous > > commands" or even just that "commands and reports are asynchronous". > > EJB_C4: There is another comment from another reviewer which > suggests replacing the term "closed-loop" with "system-in-the-loop > synchronous function" and believe that applying that to this section > would help explain the intent better. Agreed that there are > relationships between commands and responses, but that does not need > to be a 1-1 relationship - a single response can be a report > capturing the output or effects of multiple commands. For example, a > managed device might execute multiple (dozens) of commands and > provide a single report back, which is the number of commands > successfully executed. OK as long as there is some re-wording that clarifies that responses and commands are not completely independent. > > In Section 7.3.4, Agent Mappings, it says "only appropriate controls are sent > > to a DA". Should "controls" be "commands" or "control policies? > > EJB_C5: The DTNMA, in section 2, defines the word > Control. Recommend reviewing the use of the term "control" in the > document to see where we should use "Control" instead of > "control". Recommend correcting this instance of Section 7.3.4 in > particular to say "only appropriate Controls..." OK. > > Section 10, near the beginning, repeatedly refers to "mnemonics" defined in > > Section 9 but I don't really see much like that in Section 9. > > EJB_C6: Agreed that this is confusing. Recommend removing the two > uses of the word mnemonic in Section 10. It is sufficient to say > that Section 10 references the autonomy model from section 9. > > > > The following are minor issues with the document: > > ------------------------------------------------- > > > > Section 4.6, 1st paragraph: I don't think you can "define" elements "to" a data > > model. Either used "add" instead of define or "in" instead of "to". > > EJB_C7: Agreed. The intent here is "add". Recommend changing to "add". > > > Although it is pretty obvious that CTRL stands for Control, this is never > > defined. > > EJB_C8: Agreed, and good catch. This is leftover terminology and > needs to be corrected to "Control". > > > Section 5.3: "exciting" sounds like marketing. Suggesting deleting that > > adjective. > > EJB_C9: Agreed. Good catch. Recommend removing this word. > > > Section 10.6, Figure 7: Although this is clear enough with the text, I think it > > would benefit to add to the figure, inside the Agent B and Agent C boxes > > some indication that they are the sources of EDD1 and EDD2. Perhaps > > insering "{EDD1}" and "{EDD2}" insides their boxes respectively. > > EJB_C10: Agreed that the source of EDD1 should be in this > illustration. Recommend, instead, adding a PROD(1s, EDD1) and a > RPT(EDD1) between the DTNMA Manager B and DTNMA Agent B. OK. > > Section 11: Since IANA can do other things besides registrations, it seems > > simpler and more complete to just say "This document requires no IANA > > actions." > > EJB_C11: Agreed. Recommend changing the text as suggested. Thanks for all the Agreed's above. > > Many paragraphs begin with "NOTE: " and or special formatting. This is so > > common that it is not clear what this adds. I think in most cases these could > > be dispensed with without loss. > > EJB_C12: Many notes, through WG participation, were added to > emphasize perspectives or points of view. Since this is an > informational document we felt that these perspectives helped > explain some thinking behind certain concepts. Recommend keeping > them. I continue to think there are an excessive number of them so they lose their impact and don't really do anything but this is just a minor nit so I'm ok with you keeping them if you like them. Thanks, Donald =============================== Donald E. Eastlake 3rd +1-508-333-2270 (cell) 2386 Panoramic Circle, Apopka, FL 32703 USA d3e3e3@gmail.com
- [Int-dir] INTDIR Review of draft-ietf-dtn-dtnma-1… Donald Eastlake
- Re: [Int-dir] [EXT] INTDIR Review of draft-ietf-d… Birrane, Edward J.
- Re: [Int-dir] [EXT] INTDIR Review of draft-ietf-d… Donald Eastlake