IETF Logo Mail Archive

[OPSAWG] AD review of draft-ietf-opsawg-finding-geofeeds-04

"Rob Wilton (rwilton)" <rwilton@cisco.com> Mon, 12 April 2021 14:16 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57BC03A1FE7; Mon, 12 Apr 2021 07:16:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.918
X-Spam-Level:
X-Spam-Status: No, score=-11.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=B+vwLWWp; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=HcmnR3QJ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tzxvTccOToqH; Mon, 12 Apr 2021 07:16:40 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD2873A1FE6; Mon, 12 Apr 2021 07:16:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7589; q=dns/txt; s=iport; t=1618237000; x=1619446600; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=tmrF6UIgArtQ++qdU5TUyTsZZMfCkDgFjq6lKSKMt9w=; b=B+vwLWWpCSKiDJiED1oWWod7XmL5AzQIdp2Q3xtaem0Cxxo/zDuY59SF wiRXopKTpbyDEzeCrPh0vaMdrFGEfR5+5USfWRBYNQNri72jQOHP5s57H P6fPHbI8Hr5zOIO7TyeBDS8K+wO9DCcRbdLhFBDE7esXkX3ToAYssAIco A=;
IronPort-PHdr: A9a23:AXb9hhdKfain3hLTHX8cD+gClGM/Q4qcDmYuwpM6l7JDdLii9J3+PUvZoO9gl0LNQZ6zw/NJl+SQtLrvCiQM4peE5XYFdpEEFxoIkt4fkAFoBsmZQVb6I/jnY21ffoxCWVZp8mv9PR1TH8DzNFzfvnP06iQdSV3zMANvLbHzHYjfx828y+G1/cjVZANFzDqwaL9/NlO4twLU48IXmoBlbK02z0ihnw==
IronPort-HdrOrdr: A9a23:RExIb6u7A+llMydcZG3qmm6D7skCLocji2hD6mlwRA09T+WxrOrrtOgH1BPylTYaUGwhn9fFA6WbXXbA7/dOgLU5FYyJGC3ronGhIo0n14vtxDX8Bzbzn9Qy6Y5JSII7MtH5CDFB4vrSyAOzH888hPyO9661jenTpk0dNz1CQadm8gt/F0K/Gkp5WAFJCfMCZeehz+BAoCetfmlSU9+yAWMLU/OGi9rAkp/nZhBuPW9q1CClizS05LnmVyWJxxt2aUID/Z4O00jg1zb46KKqru2hxnbnt1P7wpxKlLLau6N+LeOWjMx9EESIti+NRKBMH4KPpyo0pubH0idkrPDprw07N8p+r1P9F1vF2ifF4AXr3DYw53KK8zbx6hGPzb2bNVAHIvBcjoFUeAax0TtGgPhA0blG12/cl51bAQKoplWF2/H0VgpnnkfxnHw6keR7tQ04baIibtZq3Ogi1XIQNK1FMDPx6YghHuUrJtrb/uxqfVSTaG2clnVzwfS3N05DUCuucwwngIi4wjJWlHd2ww8z38oEhEoN85o7Vt1t+/nECKJ1j7tDJ/VmLJ5VNaMke4+aG2bNSRXDPCa5OlL8DpwKPHrLttrR7Kgq4vqpPLgF1oE7lpiEcF4wjx9zR2veTem1mLFb+BHER2uwGR73zNtF2pR/srrgALXxNymOT00vjtugr/0TDtazYYfwBLtmR9vYaUf+E4dA2APzH7NIL2MFbcETstEnH1KCy/i7b7HCh6j+SrL+NbDtGTErVifUGX0YRgX+I81G8wSuUn/8ix7BRmP1diXEjNZNOZmf29JW5JkGN4VKvARQo0++/Nu3JTpLtbFzelB/LrPhmqayvnK34m7M8mVsNnNmfwVoyYSld0kPiR4BMkvyf7pGkc6YY3pu0HyOIQI6U9nbCxdFp1N8+bu+KpuZwSxKMaPhDkuqy18o4F6aRZYVnaOOofr/cpQjF5A8RehaDgPQDSF4ng5stUZOYAIJXVXkCzvrkKmp5aZkQt33Rp1ZukOLKdQRgW/DvU+czPtfOkczbnqLa4qrpioAAxBTnUZ89qcDhqHoo0fRFUIPxMIiMFNNb2yLBqlhFwrtXvQMppnbPCdtUGyNmTuWzzY0d2aCzTRIukXRaQuJZPrMHl1R/kp975+v2lZ1emKBFngAMkxSuZFhFGjAp3Z42fKKYK32yGeKdl4e2IgmQU/4SCpXLQV0y9+t0hmJ3D6ECHU9350revfQFbI5btjoqzuQAZzNkaENBPlP+pl5cNjor+8QSOqaEjXlWg/QGqcs2waPoGwiNzQxoH44kenw0Bmg6GSjxnYwDb7TJ1thLotrau20/izhR/yS1o9+gs9wteysMn/pYtrD0LrJdVd4W2buiH/zS/ttpYFfvKo0urc2F57HUSHQ3HUC2BklNs/7mE4XXawT2sGLBqZ/O8gJPy5J9Fsgk9qCaFEmtQH7Gecyd1AghX2zBaL/35PY7b40RkGRrgr5PleStzBH9/DeRi2ZyPoUDbkzLWk+Ujl31F1yuOeZM4veBwWhe7sdoB60MnqhfKRcT6bAE7MKtRp+68yJmejSdyeQ4nGigRJrZqZVt2CgSoeuBQjJH+hC+dmzI06Njaun+9TbtkaCdRKrL0ADwZRYfkkRZNlZgjYsjIcrwjG/I5aH0n4Ngh9b+3V7jVbj1Yit/XfDEUxHOQPfhI9KXTM7CAn7se3Vte6C1Hr85zBZ2Z7MUEdIF+s+auQtcg==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CvCADqVXRg/51dJa1aHgEBCxIMQIFHC4FTUQeBUTYxCogAA4U5iFWPKooUgUKBEQNUCwEBAQ0BATICBAEBgRYBgzkCgXkCJTcGDgIDAQEMAQEFAQEBAgEGBHEThSMIJQ2HBQYBATAIEQE+QiYBBAEahT8DLwEDoSkCih91gTSBAYIEAQEGhQcYghMJgTmCdop+HIFJQoETQ4dFHINKgiuBWXABThYEGA0CAQoRGRdbXgQOGQ4ZIpBWi3WeJwqDC50fg02KeJYslRWCEJw3KYQ5AgQCBAUCDgEBBoFqJCuBLnAVgyRQFwIOhRuJBAwWg06KWXM4AgYKAQEDCXyJUi2BBwGBDgEB
X-IronPort-AV: E=Sophos;i="5.82,216,1613433600"; d="scan'208";a="885060789"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 12 Apr 2021 14:16:02 +0000
Received: from mail.cisco.com (xbe-rcd-004.cisco.com [173.37.102.19]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id 13CEG2tB014931 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Mon, 12 Apr 2021 14:16:02 GMT
Received: from xfe-rcd-004.cisco.com (173.37.227.252) by xbe-rcd-004.cisco.com (173.37.102.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Mon, 12 Apr 2021 09:16:02 -0500
Received: from xfe-rcd-004.cisco.com (173.37.227.252) by xfe-rcd-004.cisco.com (173.37.227.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3; Mon, 12 Apr 2021 09:16:01 -0500
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (72.163.14.9) by xfe-rcd-004.cisco.com (173.37.227.252) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.792.3 via Frontend Transport; Mon, 12 Apr 2021 09:16:01 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FsoB23Q3CNsRTfAyRhs3vjDWkt/mqEblXaqQDr73rn9EijEug+ahf8LuvDoCo1SDRkFfKfc3HzHs9Epwj+YESawkqtPNFIhZJU++y0Y9yT13n40wD3FYOCBOdRrtWi8/JOPObjYkSsjM+uZWfIULG37m6PhmpQhfit+fiCeGwqKhQjJQDQfD1EBwnEjBPpMOcIdGmWH8ro41XNikpOCe9QYdaB0SphKQK7xwP5IVAoAcy2x9exox021yfgpsemvmfa8wJmwBm7g0wo1KfoozotU3vG9pxH6CCHP+ukBSsL3lVPHs2OToAFQsJnLBh7I8j/Ex1qdWJf4zlxXlUUUfbA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/ypXzQ/S+ERFHMHkJa+EQSVY6hXxe3VH9sdczHWNzeQ=; b=DDE9trpdsEq5whkpOI2xoI036Ok/R6G6ViZS+vvSdB+aXPi8/cBUw2XDbgU0WALNzQGasFgoovmfAfaAWufB/bMNvRS6ikl679ZoOTwN5uh+2Rnd/3M5dVJYXZ7O0jsysg52i3+67I7jcxU+AyFbScTVHAJFNKQG1aaOXpvmzUmZRbPny+226OqbVLt+jeTJBpoNFk/Z89Pv4gdGvKbl0VeK6yM8LkI/1BhrC+CyXl01cO7ZrKhBX3j7igrTiIhso6u1CPpzAq/7PAZ5z/3eqOG92o3TTHEis1SG3u4jVTYi12BFieJB1s/MlhcjPQMTm09YVfbtCJ9mDhEP1SoIFg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/ypXzQ/S+ERFHMHkJa+EQSVY6hXxe3VH9sdczHWNzeQ=; b=HcmnR3QJ771W/xURPQrR5HEpxzk4Cq5NSW4A00qXnDf4eFtVfOEHS0CcWhVeoVMsKZLyWUNs/bBXwl+/BNIplczVRjmC3vYU9bvCRwkT8XOz03tq/KIaWMAm9MQ97mhjtJdrZ250ZnddKSLK3kjMZG9ZFnz7a9AK1Zfc3K6J800=
Received: from MN2PR11MB4366.namprd11.prod.outlook.com (2603:10b6:208:190::17) by BL0PR11MB2964.namprd11.prod.outlook.com (2603:10b6:208:7c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4020.22; Mon, 12 Apr 2021 14:16:00 +0000
Received: from MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::24c4:4c09:f6f0:5510]) by MN2PR11MB4366.namprd11.prod.outlook.com ([fe80::24c4:4c09:f6f0:5510%2]) with mapi id 15.20.4020.022; Mon, 12 Apr 2021 14:16:00 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "opsawg@ietf.org" <opsawg@ietf.org>, "draft-ietf-opsawg-finding-geofeeds.all@ietf.org" <draft-ietf-opsawg-finding-geofeeds.all@ietf.org>
Thread-Topic: AD review of draft-ietf-opsawg-finding-geofeeds-04
Thread-Index: Adcvpeyy83qb/u3gSJG+/iWWXFJePg==
Date: Mon, 12 Apr 2021 14:16:00 +0000
Message-ID: <MN2PR11MB4366E7BB3CE2A26FB6C3FB1DB5709@MN2PR11MB4366.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [82.12.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f6fd8a5c-6fd7-4cd6-603c-08d8fdbd7fc6
x-ms-traffictypediagnostic: BL0PR11MB2964:
x-microsoft-antispam-prvs: <BL0PR11MB2964EF84E5F11B870294D8B1B5709@BL0PR11MB2964.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BtRlyzp860yiGC21U7cidy3W9/LQMvUSBoUdHVGj962CLu9ouHwyW0PhSFwSHLcPMLkQtbvfGwQBOPzrUPKG43Px+toHPf8/QrxIMAh9w6nOyAp65bxTpBkIWHdC+gz5KmYr2DTYe+MDz2BXcOZUGqEGa7AXQfncZcYxGnmtGGBdnyKaBgdOWNdYGqR9zooue+uqW83EmPP68NODZwkA3tgJQyhM2uhjO6c7CrNMEUYGYQAomzDdLPMR/OpMpc02g+t0Bm58GvFtDPP6XrD/RtvTVLMHhePZm95n/17RoqJ7OkEODS4RRIaParFn5BZhk0QjvPap6ft5HG68FN5pEdFy0BiOAn0q5gzhlw4weOzA82Xu2DiLKO0COCdFuXIdZbpzhtmwNHAv1gx6m32ltL8TS4rb78uT7f0mvHa8t1WoKVYo+Mkt1Jz7n5ec5zn60eNA5kSBhy8lOSFnvDja5qSOLO3mgrZfrMUIauXFx632Gq6WjrgBfC3xl3RrqLNpkbzK5nvBHIrTOmqRvAVxAUlO5IPyKajXiVfUZbbC+ha3BAtYei9cMxBb1bxpMuN+mW6l07tPcEL2JMCxT4SfDgVsdw+/v4i61b9ecQboI2M=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4366.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(346002)(136003)(366004)(39860400002)(396003)(66556008)(8676002)(66446008)(66476007)(7696005)(66946007)(5660300002)(64756008)(76116006)(450100002)(55016002)(316002)(478600001)(186003)(52536014)(6506007)(71200400001)(83380400001)(8936002)(110136005)(9686003)(26005)(2906002)(38100700002)(86362001)(33656002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 3K/5uaGb8bn7H2VSffPaqOCscqi/wn8ExVS0dSnXiPVWWkd1T4lt7cxK24pn5Bro0Tz16dPdH+C+8RmtsTaf+O/xFavXmoOoPVWrTW8sKMPpkmgYX+0VEoOpKJdQ3X49zrcV4+v1p5EAVKRXSfHjOcmegjUKL32diwQfTlgGvhbxMsj8rmO30NlkQQWa3+bhTOIRTc3sTPok64T5whm3tc9jNNdX9d8JronwjJPwXml2c3ZogxCR85oEvAwUpwvNdwFAPrbWLa6VJgTS8V5zJH/+KTE1lxOa5/tsUXDpnB6lu4ye+XXCAy5sB2fCfa7+B88NGhXZggpNdwtbTu6pz9l8ihg+4cmhxN+hFhiWJvHo2ISRd10eHdKBTF4uCzIwXnoAg5g0SQwq7K8TyIVuSq5zpokaOQcQ2Yzxn8oUyRo0YzvWcN6voth0DUlGDxkHaRPV2PMO+ATIZpm14loXBmo8aYGx9yVGN3LcCxrtlcZMvkzn23Qr1P5FZCWGK6H/Bp3gjyD8plcd+qupOEo9u9J9312BMcfm9gz6NsvBhzruWa0ZOLwKv9dhcdVkaU47IWiSCNEREt+vuhInT7rtAmn8bivnSpGFtnykq5sfUP9LV5EFb1Hm65kiqVIucIJYYsf410EzXsouAwfjZUcuPUhFiIizW5c/QLX7f8krQGpYfgbuk0Yho5FfyeebHWQqd3BgFY4X6RSL9NJiv91asJfGE6yWBBShqDWy7aMlSN6/h0F/7YN89IpmhoK/we6Oz97UqyPr6wnZCMGAqukZF3+iuAjjV6/Hk/DOWehvIZBX9Ja2OBTB35tXZQ8alxzvCJ2KrrJF4Rt4+yhQv6KU/SCMZS69JHEjXFVCI2/HSvwdEn8OU4rnw4PANQtS5UzoK3wj37zIout3+DRMGzV5SqyW9V6oWhF+kQ/8BLJh+wKZMurrFla8+n1L3ECIit9I2If9Vxm6Q7spowrGuXY9Q/XQ3i02XKfWqIrKa2E9inzCh0IyZ04wGSapAshWhuyS0sCXqHc7JSUo0WT+1F1bG94oq+0ixc7McaSuxYnhFccxJwWyALRiQaYsae1SwL5pAHU/DXH861ffj7kXBHVxEraQsRrhGwregJzlTdd6alJkLKsaikW1gaNP/Aegg5liSmu4KUL/iguP8nT3k3Y5H63+/R4vf5TaHgQ4QvIiJz2C41qkm5tUpt2OM4GWyeYiFCKtxKJBDHDYEMlaxOBanl7a6Jv7hZLUZRIZdycGpMBxMjzEJ5+xf0/TMl2KXilTV9U6wGIkm7nwNPFDYtsA/NSfLgADLRIHLLpNMGIPPVBSXle9xRJivM9RiXJLaah0
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB4366.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f6fd8a5c-6fd7-4cd6-603c-08d8fdbd7fc6
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Apr 2021 14:16:00.5819 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: COPCYAOibYSQ53Mipy37DmQGVftsSmDfbjHJMwdBUIaloTZIIKIg02rdL7FJAT1S+SWolPj5oVnaqvZFIOHiaQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR11MB2964
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.19, xbe-rcd-004.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/1q4fkQKLyj-zDkctXzqdkdn9Fpc>
Subject: [OPSAWG] AD review of draft-ietf-opsawg-finding-geofeeds-04
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Apr 2021 14:16:45 -0000

Hi,

Sorry for the delayed AD review.

Whilst I regard this document is useful, and a good thing (tm), I have a couple of concerns about the exact relationship between this document (std's track) and to RFC 8805, that is informational.


Main comments:

1. Specifically, I think that it would be useful for this document to offer more clarity as to whether the "remarks: Geofeed" tag specifically ties the content of the URL to a document in RFC 8805 format, or whether other formats may be found at that URL in future, noting that RFC 8805 section 7 suggests that a future format may be defined, and end of section 4 of this document also suggests that RFC 8805 may be updated.  If multiple formats, how does the client tell the difference.

2. I wasn't quite sure whether the mechanism for authenticating geofeed data really belonged in this document (e.g., because it applies to all possible forms of geofeed data), or whether it would it is specific to the CSV format described in RFC 8805, and that an update to that document would contain the canonical reference.

3. The definition of canonicalization refers to section 2.2 of RFC 5485 (which talks about ASCII) vs RFC8805 which talks about UTF-8.  Is this disparity an issue?

4. I think that INETNUM should be a normative reference, but I also question whether it is going to be a sufficiently stable reference?  Hence, I was wondering whether it wouldn't be helpful to describe the essence of the INETNUM hierarchy here to avoid a need for a normative reference.


Minor comments:

1. Introduction

   An optional, but utterly awesome, means for authenticating geofeed
   data is also defined.

I'm guessing that this might be Warren's prose, but it perhaps might be worth refining 'utterly awesome' to 'practical'?
   

2.  Geofeed Files

   The size of a file can be
   even larger if an unsigned geofeed file combines data for many
   prefixes, as may be likely if the location data are maintained by a
   different department than address management, dual IPv4/IPv6 spaces
   are represented, etc.
   
I'm not disputing this, but I wasn't sure why having different departments would increase the side of data.


   This document also suggests optional data for geofeed files to
   provide stronger authenticity to the data.

Would "optional signature data" be clearer than just "optional data"?


3.  inetnum: Class

   Until all producers of inetnum:s, i.e. the RIRs, state that they have
   migrated to supporting a geofeed: attribute, consumers looking at
   inetnum:s to find geofeed URLs MUST be able to consume both the
   remarks: and geofeed: forms.

Is there any possibility that the proper geofeed attribute won't be standardized as "geofeed:"?  I.e., this document refers to this attribute as "geofeed:", but the way that it is written it would end up being very
confusing if the "proper geofeed: attribute" was standardized as "geo-feed:" by referred to as "geofeed:" by this document.

I think that it would aid clarity, at a minimum, if it always at least referred to as the "proper geofeed: attribute", but it may better to just refer to it as the "proper geofeed attribute", i.e., to avoid binding the name used in this document to the proposed long term name?


   Any particular inetnum: object MAY have, at most, one geofeed
   reference, whether a remarks: or a proper geofeed: attribute when one
   is defined.

I think that this MAY should be a MUST, probably with the commas removed.  Otherwise, the constraint can be ignored.  E.g. NEW: 

   Any particular inetnum: object MUST have at most one geofeed
   reference, whether a remarks: or a proper geofeed: attribute when one
   is defined.


Although the draft does not allow a record to contain it, is it worth specifying what a client should do if it receives a record with both "remark: Geofeed" and the proper geofeed attribute?  E.g., should a client choose to use one in preference to the other?


   Currently, the registry data published by ARIN is not the same RPSL
   as the other registries; therefore, when fetching from ARIN via FTP
   [RFC0959], whois [RFC3912], RDAP [RFC7482], or whatever, the
   "NetRange" attribute/key must be treated as "inetnum" and the
   "Comment" attribute must be treated as "remarks".

Is there a reason why these are musts are not MUSTs?  Otherwise, could change from "must be treated" to "is treated" to avoid potential ambiguity.



   inetnum: objects form a hierarchy, see [INETNUM] Section 4.2.4.1,
   Hierarchy of INETNUM Objects.  Geofeed references SHOULD be at the
   lowest applicable inetnum: object.  When fetching, the most specific
   inetnum: object with a geofeed reference MUST be used.
   
As menionted earlier, is "Section 4.2.4.1" going to be a sufficiently stable reference?


   It is significant that geofeed data may have finer granularity than
   the inetnum: which refers to them.
   
This paragraph felt incomplete to me, i.e., I wasn't quite sure what it is trying to convey.


4.  Authenticating Geofeed Data

The text in this section feels a little bit colloquial to me.  As per above, is the intention that this defines the definitive signature encoding that would apply to all Geofeed files (if there is more than one format)?  Or would that we defined in an RFC8805 bis document?

E.g., perhaps change "it would be essentially" to "it is",
      And probably change "would be" to "is" in a few places.


   Both the address ranges of the signing certificate and of the
   inetnum: MUST cover all prefixes in the geofeed file; and the address
   range of the signing certificate must cover that of the inetnum:.

This could perhaps be more simply stated as, NEW:

   The address range of the signing certificate MUST cover that of the
   inetnum: and the address ranges of the inetnum: MUST cover all
   prefixes in the geofeed file.


   An address range A 'covers' address range B if the range of B is
   identical to or a subset of A.  'Address range' is used here because
   inetnum: objects and RPKI certificates need not align on CIDR prefix
   boundaries, while those of geofeed lines must.
   
Unclear what is meant by geofeed lines.  Does this mean entries in the geofeed csv?  Perhaps clarify.  Note, Geofeed lines is used in a couple of places in the document.


   Identifying the private key associated with the certificate, and
   getting the department with the HSM to sign the CMS blob is left as
   an exercise for the implementor.  On the other hand, verifying the
   signature requires no complexity; the certificate, which can be
   validated in the public RPKI, has the needed public key.
   
HSM - Hardware Security Module?  If so, please expand on first use.
  

   Until [RFC8805] is updated to formally define such an appendix, it
   MUST be 'hidden' as a series of "#" comments at the end of the
   geofeed file.  This is a cryptographically incorrect, albeit simple
   example.  A correct and full example is in Appendix A.
   
Presumably the # prefixes of the line MUST be stripped before processing?  Does that need to be stated here?


Nits:

 "Iff the geofeed file" => If, and only if, the geofeed file"?
 "fetching with a tweezers." => "fetching with tweezers" or "fetching with a pair a tweezers".
   
RPKI - Please expand on first use.

Regards,
Rob

v2.23.0 | Report a Bug | By Email