IETF Logo Mail Archive

Re: [mile] Working group last call for ROLIE

Adam Montville <adam.w.montville@gmail.com> Wed, 19 April 2017 18:14 UTC

Return-Path: <adam.w.montville@gmail.com>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC8CC129BAC for <mile@ietfa.amsl.com>; Wed, 19 Apr 2017 11:14:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ITTa5Ajxd6Tu for <mile@ietfa.amsl.com>; Wed, 19 Apr 2017 11:14:18 -0700 (PDT)
Received: from mail-io0-x231.google.com (mail-io0-x231.google.com [IPv6:2607:f8b0:4001:c06::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3DC4E1275AB for <mile@ietf.org>; Wed, 19 Apr 2017 11:14:18 -0700 (PDT)
Received: by mail-io0-x231.google.com with SMTP id o22so32777781iod.3 for <mile@ietf.org>; Wed, 19 Apr 2017 11:14:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=YevADBUYwsfq0yyKPx2rE4uBqQwds5ncN33XWM+CVOo=; b=QKXKjQYEfZqIIp2LQWeT86qbAYYma/FtpcfxO8NcpRyC3OIby2+oyHiRnlEfDKRxv/ G5/yIoqoi5l4wglydgwE77o+DZzNiUo90qGGtUHKbyYmRJTyi1WGispWCztfKCz/M3ur Pw2m7qjVmPr1e+bmQPMFlbxxwYUZHwodK/lFY7OiDPXhOMSWOfaySYoSnzGcVYHwhGf3 NQAHVEGbv6bUFzA2vVTvIy7/WhxBCk+OS2dpI2DH0otJYdMIEtgQ3VzpjrIwQCx7iPex sr/VTkmuh9VUtHeAgoN7STpXCXgIFou3RmijWokmqQp3RFK2386eMvZaBfZThVIEmKRP joeQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=YevADBUYwsfq0yyKPx2rE4uBqQwds5ncN33XWM+CVOo=; b=lR+WCD2ITU9s/sd4SC1gecXWDLbmLDWhAS8VtZlI2jHsdJvGyicIyQ9Eapw+0RuH0R tZWw4sbXx69hboMs457G09EXQ4LRWyOUl5n4N8/tY6LMWS4taVfhvb7N74VOoUVpE5UW jQHwv9qLKaH1yIkuIdjWTnFd2xpBX1q0QjJLQF5rWPpOr5Gn7wjAOtr2bHMSLXcO7QEj 68b2LeT144IfUElyyFWIzO4wsoQvGEkNc7oxJ7Tnjyb4+kUrFR/kYMUeeZxVEDht8Yy7 UXnAVXChgwEokzrLdlcVRlDOHrG3d5a57fg5bwWlyuU5UhMomDhL7/cqWegylvbb279B SuUg==
X-Gm-Message-State: AN3rC/5snStJltHfuBeHoo194Sl5aH+/j8SrgVUBD2klYw64kEFzxhcH tm9VB1+KFM3SpTYBJhaIiheRS3N4Bw==
X-Received: by 10.107.170.80 with SMTP id t77mr4853002ioe.113.1492625657295; Wed, 19 Apr 2017 11:14:17 -0700 (PDT)
MIME-Version: 1.0
References: <CC7AB8C2-66EC-4B75-9CFA-F9A1D7A9C46D@cisco.com>
In-Reply-To: <CC7AB8C2-66EC-4B75-9CFA-F9A1D7A9C46D@cisco.com>
From: Adam Montville <adam.w.montville@gmail.com>
Date: Wed, 19 Apr 2017 18:14:06 +0000
Message-ID: <CACknUNWg=1ZCtaajq8HzFtMboiZ8L7W1jiUvnDf+n9EuUr3gYw@mail.gmail.com>
To: "Nancy Cam-Winget (ncamwing)" <ncamwing@cisco.com>, "mile@ietf.org" <mile@ietf.org>
Content-Type: multipart/alternative; boundary="001a11415d58161bbe054d88fe29"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/ktLbLxIFPsW5AILvYjWpugLR64E>
Subject: Re: [mile] Working group last call for ROLIE
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Apr 2017 18:14:21 -0000

Hi all.

I've read through the entire draft and found it to be a decent draft. Keep
in mind that I've not attempted an implementation, and must rely on
implementers to pick out any technical impacts from this specification.
That said, I have two broad categories of feedback. The first includes
suggestions and concerns that are something more than nits. The second are
really just nits and stylistic (i.e. take them or leave them) types of
concerns.

Suggestions/Concerns More Than Nits...

Page 6: There are two similar terms in the second paragraph of section 4.2:
"endpoint management system" and "endpoint monitoring system". Are they
intended to be distinct, or interchangeable in this context? I could
conclude either way, but if they are intended to be interchangeable, then I
recommend picking and using one.

Page 10: I've probably missed something along the way -- perhaps out of a
secdir lunch or other discussion -- but it really seems like section 5.3
could be dramatically reduced by saying, follow RFC7589. There are a lot of
non-ROLIE-specific things happening in this section, which mostly amount to
good practice overall (so I don't necessarily mind having the information
in here), but imagine this information being available in every draft
intended to be, in part, secured using TLS. That sounds like a nightmare
for managing requirements.

Page 11: First paragraph at the top of that page (part of section 5.3)
says, "The server MUST support certificate-based client authentication..."
Why is this not a SHOULD? Yes, we'd like them to, but there are perfectly
valid cases where they needn't support client authentication. Of course, if
a proper TLS server implementation does this already, then my previous
comment applies here as well.

Page 11: First pargraph of section 5.4. A similar concern to the previous,
the first sentence reads, "Implementations MUST support user
authentication." Why not SHOULD? Again, there are valid cases where
authentication is not, strictly speaking, needed.

Page 12: Section 5.5 treats GET and POST, but ignores the other methods
that may be treated similarly by stating, in section 5.6, "Servers MAY
accept request methods beyond those specified in this document." Do we
really want to leave those undefined? PUT? DELETE? I'm not an expert in
this area, but PUT could be treated similarly to POST. DELETE is probably
something that SHOULD be implemented only for user agents properly
authenticated and authorized, etc.

Sections 6.1 and 6.2 and maybe others I can't recall: These sections
provide an informative syntax for a given element that is a "stricter
representation" than the original RFC, but they don't ever really state
which part of that element is stricter, which forces the reader out to that
original RFC. If there is a way to make the statement right there, please
do so.

Page 15: First sentence of section 6.1.3 indicates that "the atom:updated
element MUST be populated with the current time at the instant the Feed
representation was last updated..." Is "instant" sufficient definition?


Nits and Such...

Page 5: Second sentence of section 3.2. Strike "However, " from the
beginning.

Page 5: Last sentence of section 3.2. Proposed change: "A non-normative
RELAX NG Compact Schema..." or "An informative RELAX NG Compact Schema..."

Page 5: Last sentence of only paragraph in Section 4 (proper). Proposed
change: "...human-in-the-loop sharing arise...". It just reads funny (to
me) using "become apparent" followed by something else that "becomes
apparent".

Page 19: First sentence of first bullet point in section 6.2.5. Proposed
change: "...have an atom:link element...".

Page 26: Last sentence in first paragraph of section 9. Proposed change:
"...All that follows is guidance.  More specific instruction is out of
scope for this document."

Page 26: The term CSIRT is used in the last paragraph on this page. Not
sure whether we would prefer to use a more generalized example, as CSIRTs
may not be the only type of sharing consortium.

Kind regards,

Adam

On Tue, Mar 28, 2017 at 6:27 PM Nancy Cam-Winget (ncamwing) <
ncamwing@cisco.com> wrote:

> Colleagues,
>
>
>
> Given the significant changes made to the last draft, we are doing another
> 30day WGLC for
>
> https://tools.ietf.org/html/draft-ietf-mile-rolie-06
>
>
>
> Please provide comments before May 1st and provide your support and/ or
> raise any issue you feel are yet to be addressed.
>
>
>
> Regards, Nancy
> _______________________________________________
> mile mailing list
> mile@ietf.org
> https://www.ietf.org/mailman/listinfo/mile
>

v2.23.0 | Report a Bug | By Email