Re: [netmod] Secdir last call review of draft-ietf-netmod-artwork-folding-08

Kent Watsen <kent+ietf@watsen.net> Mon, 05 August 2019 19:30 UTC

From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100016c63432c70-5f5c500b-ed4b-407a-ac9c-dc3631a9bac2-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_F666228C-C399-4535-A1A2-AC8B9803A80A"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Mon, 05 Aug 2019 19:30:42 +0000
In-Reply-To: <156477661481.21003.10781222745111642469@ietfa.amsl.com>
Cc: secdir@ietf.org, ietf@ietf.org, "netmod@ietf.org" <netmod@ietf.org>, draft-ietf-netmod-artwork-folding.all@ietf.org
To: Robert Sparks <rjsparks@nostrum.com>
References: <156477661481.21003.10781222745111642469@ietfa.amsl.com>
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/BDWyZLn5fXuLipRlqeaUIiwYq9g>
Subject: Re: [netmod] Secdir last call review of draft-ietf-netmod-artwork-folding-08
Precedence: list

Hi Robert,

I'm glad that you reviewed this draft, as I envision backend Datatracker integration may be desired (as we discussed in the Code Sprint before).


> On Aug 2, 2019, at 4:10 PM, Robert Sparks via Datatracker <noreply@ietf.org> wrote:
> 
> Reviewer: Robert Sparks
> Review result: Has Nits
> 
> Reviewer: Robert Sparks
> Review result: Has Nits
> 
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> security area directors.  Document editors and WG chairs should treat
> these comments just like any other last call comments.
> 
> This document introduces no new security concerns for the Internet.
> It aims to establish conventions for wrapping long lines in source code 
> sections of RFCs.
> 
> It does have shell scripts embedded in the Appendix. I see no obvious
> security issues with those scripts.
> 
> I strongly suggest this document proceed as Informational and not BCP. 
> It's fine if some documents adopt the convention. Other conventions may
> work better for other groups. See, for example, the <allOneLine> convention
> described in section 2.1 of RFC4475. (No automated wrap/unwrap scripts
> have been written for that convention to my knowledge, but it would
> not be hard to create some.)

The BCP status was recommended by the WG.  I'll defer my own opinion at this time.

Regarding <allOneLine>, I think that you're actually making a case for why this should be a BCP    ;)

FWIW, the NETMOD WG (and it's sister WG, NETCONF) have a long history of using XML-based inclusions in RFCs.




> Nits: 
> 
> In your headers, you anticipate receiving a two digit BCP number. At the
> moment, the next available BCP number has three digits. (We are well
> into the 200s). You have header lengths that would need to be adjusted.

Good catch. this has been fixed in my local copy.


> In 7.2.1 paragraph 5, I think you're saying to fail if any lines in the
> input document already end with a \. I think you mean to say any lines
> that you are considering wrapping. If I'm correct, the clarification may
> also need to be applied in other places where you say "the text content"

Updated.  My local copy now reads:

      Scan the text content to ensure no existing lines already end with a
      backslash ('\') character, as this could lead to an ambiguous result.
      If such a line is found, and its width is less than the desired maximum,
      then it SHOULD be flagged for forced folding (folding even though
      unnecessary). If the folding implementation doesn't support forced
      foldings, it MUST exit.</t>

The symmetric text in Section 8.2.1 already followed this form.



Thanks,
Kent // as co-author

[netmod] Secdir last call review of draft-ietf-ne… Robert Sparks via Datatracker
Re: [netmod] Secdir last call review of draft-iet… Kent Watsen