[mile] Adam Roach's Discuss on draft-ietf-mile-rolie-11: (with DISCUSS and COMMENT)
Adam Roach <adam@nostrum.com> Wed, 25 October 2017 04:03 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: mile@ietf.org
Delivered-To: mile@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E42E8138BCD; Tue, 24 Oct 2017 21:03:57 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Adam Roach <adam@nostrum.com>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-mile-rolie@ietf.org, mile@ietf.org, mile-chairs@tools.ietf.org, Nancy Cam-Winget <ncamwing@cisco.com>, mile-chairs@ietf.org, ncamwing@cisco.com, mile@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.63.2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150890423788.4689.5942012074290459252.idtracker@ietfa.amsl.com>
Date: Tue, 24 Oct 2017 21:03:57 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/IKVi2EXBvedc_tE-QiFUrK0ICig>
Subject: [mile] Adam Roach's Discuss on draft-ietf-mile-rolie-11: (with DISCUSS and COMMENT)
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Oct 2017 04:03:58 -0000
Adam Roach has entered the following ballot position for draft-ietf-mile-rolie-11: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-mile-rolie/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- I agree with Ben, Martin, and Mark: the way this document uses /.well-known/ URIs is not consistent with RFC5785, section 1.1. It should be understood that /.well-known/ URLs are already a carve-out from overall REST principles regarding the agency of content publishers to assign URLs within their domain as they see fit; and, as such, need non-trivial justification for their use. If there were some fully-defined autodiscovery mechanism that were (non-artificially) constrained in such a way that only a host and port were available, then the use of /.well-known/ URIs would be more understandable. The only constraint hinted at in this document that might have these properties is the use of DNS SRV records. Given that ROLIE is defining a green-field protocol, the use of something as constrained as SRV seems ill-advised, given that the use of NAPTR records would trivially allow retrieval of a complete URL instead of just a host/port combination. The bottom line, however, is that we need to defer specification of a /.well-known/ URL until we completely define a discovery protocol that requires it. The corollary is that we should avoid defining a discovery protocol that requires it. ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Since ROLIE requires the use of TLS client certificates, all of its resources need to be conveyed over HTTPS (i.e., ROLIE resources can never use "http" IRI schemes, only "https" IRI schemes). The following examples need to be fixed to reflect this: Section 6.1.2: <link rel="self" href="http://example.org/feedA?page=5"/> <link rel="first" href="http://example.org/feedA?page=1"/> <link rel="prev" href="http://example.org/feedA?page=4"/> <link rel="next" href="http://example.org/feedA?page=6"/> <link rel="last" href="http://example.org/feedA?page=10"/> Section B.1: <collection href="http://example.org/provider/vulns"> ... <collection href="http://example.org/provider/public/vulns"> ... <collection href="http://example.org/provider/private/incidents"> ... <link rel="self" href="http://example.org/provider/public/vulns" /> <link rel="service" href="http://example.org/rolie/servicedocument"/> ... <content type="application/xml" src="http://www.example.org/provider/vulns/123456/data"/> ... <content type="application/xml" src="http://www.example.org/provider/vulns/123456/data"> ------------------------------------------------------------ Additionally, the following href values (also in B.1) are illegal, and need to contain a scheme (presumably, https): <atom:link rel="service" href="www.example.com/rolie/servicedocument"/> ... <atom:link rel="service" href="www.example.com/rolie/servicedocument"/>
- [mile] Adam Roach's Discuss on draft-ietf-mile-ro… Adam Roach
- Re: [mile] Adam Roach's Discuss on draft-ietf-mil… Banghart, Stephen A. (Fed)
- Re: [mile] Adam Roach's Discuss on draft-ietf-mil… Adam Roach
- Re: [mile] Adam Roach's Discuss on draft-ietf-mil… Banghart, Stephen A. (Fed)