Re: [P2PSIP] Ben Campbell's No Objection on draft-ietf-p2psip-share-09: (with COMMENT)

"Thomas C. Schmidt" <t.schmidt@haw-hamburg.de> Thu, 03 November 2016 15:47 UTC

Return-Path: <t.schmidt@haw-hamburg.de>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6E3E129A88; Thu, 3 Nov 2016 08:47:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.398
X-Spam-Level:
X-Spam-Status: No, score=-3.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lsHBIpdWA1hG; Thu, 3 Nov 2016 08:47:12 -0700 (PDT)
Received: from mx3.haw-public.haw-hamburg.de (mx3.haw-public.haw-hamburg.de [141.22.6.2]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83CCE1296A4; Thu, 3 Nov 2016 08:47:10 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.31,587,1473112800"; d="scan'208";a="30000631"
Received: from post.haw-hamburg.de (HELO HUB01.mailcluster.haw-hamburg.de) ([141.22.24.50]) by mail3.is.haw-hamburg.de with ESMTP/TLS/DHE-RSA-AES256-SHA; 03 Nov 2016 16:47:08 +0100
Received: from CAS04.mailcluster.haw-hamburg.de (2002:8d16:183f::8d16:183f) by HUB01.mailcluster.haw-hamburg.de (2002:8d16:1832::8d16:1832) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 3 Nov 2016 16:47:08 +0100
Received: from [10.134.254.178] (141.22.250.35) by haw-mailer.haw-hamburg.de (141.22.24.63) with Microsoft SMTP Server (TLS) id 14.3.319.2; Thu, 3 Nov 2016 16:47:03 +0100
To: Ben Campbell <ben@nostrum.com>, The IESG <iesg@ietf.org>
References: <2ea1f1a9466348ef9608232182626c11@HUB02.mailcluster.haw-hamburg.de>
From: "Thomas C. Schmidt" <t.schmidt@haw-hamburg.de>
Message-ID: <1b5e197c-cabf-3463-c8e5-8add4fd46974@haw-hamburg.de>
Date: Thu, 3 Nov 2016 16:45:32 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <2ea1f1a9466348ef9608232182626c11@HUB02.mailcluster.haw-hamburg.de>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 8bit
X-Originating-IP: [141.22.250.35]
Archived-At: <https://mailarchive.ietf.org/arch/msg/p2psip/bXMjAhU0YpjWVQnwGb0mIg-E0OI>
Cc: "draft-ietf-p2psip-share@ietf.org" <draft-ietf-p2psip-share@ietf.org>, "marc@petit-huguenin.org" <marc@petit-huguenin.org>, "p2psip@ietf.org" <p2psip@ietf.org>, "p2psip-chairs@ietf.org" <p2psip-chairs@ietf.org>
Subject: Re: [P2PSIP] Ben Campbell's No Objection on draft-ietf-p2psip-share-09: (with COMMENT)
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/p2psip/>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2016 15:47:15 -0000

Hi Ben,

thanks for your comments. Please see inline.

On 01.11.2016 23:42, Ben Campbell wrote:
> Ben Campbell has entered the following ballot position for
> draft-ietf-p2psip-share-09: No Objection
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-p2psip-share/
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> I have a one set of substantive comments/questions, and some editorial
> comments:
>
> Substantive:
>
> - I'm confused about the validation procedure. In step one, is this the
> user name of the user attempting to write the resource? In step 5, I do
> not understand how this terminates. Which ACL item is the "previously
> selected" one. If that refers to the one selected in the last iteration
> of steps 3 and 4, how do you know there are not more ACL items to iterate
> through?
>

You are referring to 6.3 "validating writ access"?

In this case, you receive a store request along with a certificate. In 
step 1, you resolve the user name of the requester, i.e., the user name 
that corresponds to the certificate in the request.

  ... then you identify the user in the ACL and walk up the delegation 
chain.

In step 5, you have arrived at the root of the delegation tree. This is 
the case, when the to_user equals the signer equals the owner of the 
resources (see see Figure 1). This is also how it terminates - the owner 
of the resource is the root of the trust chain.

>
> Editorial:
>
> -1, first paragraph, first sentence: s/that/, which
> -- recurring singular plural mismatch "resources with a variable name".
>

Thanks, fixed.

> -1, 2nd paragraphs: "It transfers the authorization..."
> What is the antecedent for "it"?
>
We meant the "trust delegation mechanism" - but it's ambiguous, you're 
right. Changed to "...based on a trust delegation mechanism that 
transfers the authorization .."

> -3. First paragraph after numbered list, "user called Authorized Peer":
> missing article.
>
Thanks, fixed.

> -3.1, 3rd paragraph: Is the SHALL appropriate? Is an authorized user
> actually required to access the array in the first place?
>

It says "If the data model of the Shared Resource is an array, each 
Authorized..".

So the user is not required to use an array for sharing, but if an array 
is used, write conflicts MUST not be produced.

> - 6.5, first paragraph: Does the MAY grant permission, or is it a
> statement of fact?
>
Good point. The actual statement means that users are enabled to do so. 
So we replace the may by a "can".

> -6.6, paragraphs 3 and 4: Are the MUSTs appropriate? Are there not other
> (perhaps application specific)  reasons one might choose not to write the
> value?
>

I believe the MUST is correct: we're in a section that describes the 
behavior of the storing peer. When receiving a store request, this peer 
should not behave according to its own application semantic, but to the 
common overlay rule.

> -- 2nd paragraph from end: The MUST seems more like a statement of fact.
> (E.g. "The resulting ... integer is used...")
>

Mhmm, I don't think so. These are all iterative decision steps:  try 
(a), then write ... otherwise try (b), then write ... +++ ... otherwise 
refuse.

> - 4.1, last paragraph: s/implementations/implementors
>

Thanks, fixed.

> - 4.2, definition of res_name_ext: The sentence starting with "This name
> serves..." is hard to parse.
>
O.K., changed to "This name is used by the storing peer for validating..."

> -5.1, 4th paragraph (paragraph after example) : s/witch/which
>

Yep, this document was full of witches, but they have been banned now.

Cheers,
  Thomas

-- 

Prof. Dr. Thomas C. Schmidt
° Hamburg University of Applied Sciences                   Berliner Tor 7 °
° Dept. Informatik, Internet Technologies Group    20099 Hamburg, Germany °
° http://www.haw-hamburg.de/inet                   Fon: +49-40-42875-8452 °
° http://www.informatik.haw-hamburg.de/~schmidt    Fax: +49-40-42875-8409 °