Re: [paws] Gen-art LC review: draft-ietf-paws-protocol-12

Robert,

Thanks so much for your comments. Just a quick note that I'm working my
through them and will post a reply in the next couple of days.

-vince

On Thu, Jul 3, 2014 at 10:28 AM, Robert Sparks <rjsparks@nostrum.com> wrote:

> I am the assigned Gen-ART reviewer for this draft. For background on
> Gen-ART, please see the FAQ at
>
> <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
>
> Please resolve these comments along with any other Last Call comments
> you may receive.
>
> Document: draft-ietf-paws-protocol-12
> Reviewer: Robert Sparks
> Review Date: 3 July, 2014
> IETF LC End Date: 7 July, 2014
> IESG Telechat date: 10 July, 2014
>
> Summary: This document is not ready for publication as a Proposed Standard.
>
> I apologize in advance if I've missed where one of the questions below is
> already answered. There's a lot to take in here.
>
> Major Issues
>
> - The document says it "describes" the use of HTTP/TLS as the transport
> for the protocol. Was it the intent to allow others? If not, the language
> should be firmed up.
>
> - The document still says "TBD Define message format" in the section on
> Listing Servers. I understand from reading the list that what the document
> is going to say about Listing Servers is going to change (to not include
> how you talk to them?). This change needs to be finished before the
> document can be reviewed for completeness.
>
> - It's not clear when a server should use the HTTP level redirection
> discussed in section 7 vs the databaseChange mechanism in the protocol's
> responses. There should be some discussion about what the Device should do
> when the databaseChange mechanism results in a redirect loop.
>
> - The document needs to be clear where the primitive types (like string,
> float, and integer) in the UML-ish diagrams in section 4 are defined. I'm
> guessing from context that you're assuming the definitions in RFC4627. If
> that's true, there are several places that you talk about string where your
> text should change. RFC4627 says string is UNICODE, and may be encoded many
> ways (see section 3 of that document). If your intent is to restrict all
> strings to UTF-8 encoding say that, and adjust the text you currently have
> that mentions UTF-8. (The various places where you say a string MAY contain
> UTF-8 do not make sense - if you're assuming the encoding is UTF-8 and
> trying to reinforce that there may be non-ASCII range UTF-8 here, say that
> explicitly). There are other related phrases that don't make sense such as
> where you say things like "The length of the string MUST NOT exceed 64
> US-ASCII characters."
>
> - The descriptions of messages in section 4 all contain *other:any. None
> of those are reflected in the concrete schema of section 6. Should they be?
>
> - The INIT_RESP description requires one or more RulesetInfo objects. What
> is a database supposed to do if it has no rulesets to return (possibly
> because it doesn't have anything overlapping with the list of ruleset IDs
> listed in the DeviceDescriptor in the INIT_REQ.). Should this have been
> 0..* (along with the corresponding change to the text), or is there an
> Error that the database should return when this happens. If the latter, it
> would be good to call it out in 4.2.2.
>
> - Section 4.4 talks about returning OUTSIDE_COVERAGE when the location
> specified in the request is outside the regulatory domain (could that be
> domains?) supported by the database. The sections on init and registration
> (4.2 and 4.3) don't have this discussion. Should they?
>
> - A databaseChange (at least as described in 4.4) can provide one or more
> alternate database URIs, affecting the Device's configuration. When there's
> more than one, is there any preference to what order the Device should try
> to use them in? Is there any expectation that they will give the same
> answers to a given request? If not, do you want to say anything about
> discouraging devices from asking all the databases it knows about to find
> an answer it likes best?
>
> - If the requirements to act as if there is no available whitespace when
> you can't reach a Listing Server remain in the document, the security
> considerations should call out that any attack that would prevent reaching
> a Listing Server would result in all devices relying on that Listing Server
> ceasing their use of any whitespace.
>
> - Please check the description of 'timeRange' in section 5.9
> (SpectrumSpec). I think you meant to say "in which there is _NO_ available
> spectrum".
>
> - The definition of SpectrumProfile (section 5.12) needs clarification. Is
> this allowed?
>   "profiles" : [
>     {"hz": 5.18e8, "dbm": 30.0 },
>     {"hz": 5.24e8, "dbm": 37.0 }
>   ]
> If so, what does it mean? Do I do linear interpolation between points
> (33.5 dbm (~2.25 watts) at 521Mhz)?
> Similarly, does this specify a ramp up and then back down? (shaped like a
> ^)?
>   [
>     {"hz": 5.18e8, "dbm": 30.0 },
>     {"hz": 5.21e8, "dbm": 33.5 },
>     {"hz": 5.24e8, "dbm": 30.0 }
>   ]
> If not, what text disallows it?
>
>
> - You are using the schema language defined in draft-zyp-json-schema to
> define your message format. That makes it a normative reference. The draft
> is expired - are there plans to progress it?
>
> - Something needs to talk about case-sensitivity of the various protocol
> elements. JSON-RPC says that member names are case sensitive and is
> otherwise silent. The string "sensitive" doesn't appear in RFC4627. So, you
> have an example that says "authority":"us". Is that the same as
> "authority":"US", and where does the spec answer that question? My read of
> JSON-RPC says that "authority":"us" and "Authority":"us" are _not_ the same
> thing, and that the second would not be a recognized property of a
> RulesetInfo object.
>
> Minor Issues
>
> - I'm not finding where you define the protocol version. I see "1.0" in
> the json examples in section 6. Where is it specified? Within a given
> method, the only extension point I find other than changing the protocol
> version is the *other concept in messages, which MUST be ignored when
> either side doesn't understand them. So there should be some discussion
> about what kind of change would require the protocol version number to
> change. Suppose you wanted to allow batching requests from several slaves
> into one request to the database (similar to AVAIL_SPECTRUM_BATCH_REQ but
> allowing a list of DeviceDescriptors perhaps). Does this require a new
> protocol version, or is it just a new request type in this version? If you
> think it's a new request-type, should there be a request and response type
> and/or method registry?  And yes, I see how you could do this with JSON-RPC
> batch, but if that's where you'd send this idea, why didn't you do
> AVAIL_SPECTRUM_BATCH_REQ that way? (Possibly related: I can't figure out
> what "The initialization message also represents extension points for
> database implementations or rulesets that require the explicit handshake."
> is trying to say. Can you rephrase that more simply?)
>
> - It's not clear what it means to "support" a ruleset. I infer that this
> means that the device has code that implements what's required by the name.
> Can you state that explicitly? Does a Master device have to have this code?
> Could it simply be a box that only serves to answer requests from Slave
> devices? If so, why does it care what the rulesets actually are. If a slave
> can ask and a database can answer, should a master just shovel the bits, or
> is there a requirement that the master device be configured to handle a
> ruleset before a slave can ask about it?
>
> - In the last paragraph of section 4.1 (before 4.1.1 starts), "If the
> Device is already operating" assumes that the device could only be
> operating if it had previously contacted some database. The problem is that
> the device was able to reach a database at one point and now it can't reach
> any.  It would read more clearly if you said that explicitly.
>
> - Please point somewhere for a definition of the terms 'uncertainty' and
> 'confidence' (I suggest draft-ietf-geopriv-uncertainty). The GEOPRIV
> working group has gone through many iterations of disagreement about what
> these terms mean and how they should be used. For a taste, skim some of <
> https://mailarchive.ietf.org/arch/search/?email_list=geopriv&q=uncertainty>.
> If you don't point to a hard definition, your implementation community will
> have to go through the same arguments.
>
> - Should the security considerations section talk about the risk of
> collisions in serialNumber (since it is the only required element in
> DeviceDescriptor, and isn't a particularly secret thing)? Is there any harm
> at the database if two devices innocently end up sending the same serial
> number (without providing any of the optional information that would
> otherwise disambiguate the devices)? Can a device learn anything useful
> about another device by spoofing it? Is it possible that in some regulatory
> realm, some devices would get more access than others, encouraging devices
> to ask about what their competition gets to do? Can harm be done by a
> device sending SPECTRUM_USE_NOTIFY messages claiming to be some other
> serial number (and perhaps manufacturer) maliciously? I think this needs
> more discussion than what RFC6953 contains.
>
> - The use of the "id" parameter from JSON-RPC deserves more discussion.
> The JSON-RPC spec allows it to be string, numeric (without a fractional
> part), NULL or missing. You've chosen to require it (since you're not using
> json-rpc notifications), and not allowing numeric values (why?). Are you
> making any other assumptions about what it should contain? I think you're
> assuming a level of uniqueness that would let you use the Batch mechanism
> in section 6 of JSON-RPC (otherwise, the HTTP request/response context is
> enough to associate the request and response and the id might as well be
> constant).
>
> - Section 7 says a server can reject a GET with a 404 - wouldn't that have
> consequences for a later POST? Why wouldn't it use a 405?
>
> - The draft calls for the creation of a special list for review requests
> for the IANA assignments. This may be ok (mailing lists are easy to set
> up), but is there not an existing list that would serve the purpose just as
> well?
>
> Nits
>
> - RFC 2616 has been obsoleted - the references should be updated.
>
> - It would help to have an example of a ruleset in the definition in the
> Terminology section and perhaps for that definition to more strongly convey
> that it is a name in a namespace, and what that rule means is elsewhere.
>  (Right now the definition says that the ruleset is the actual set of
> rules, not a name, and it made reading the protocol overview much harder
> than it needed to be). At the very least, pointing to the examples in
> section 9 early would help.
>
> - Is the document loosely borrowing UML, or are the diagrams used in
> section 4 of a format formally defined in some other RFC? A pointer to a
> definition of the format, or a brief description noting it's based on UML
> along with where the base types are defined would be useful.
>
> - "One approach to manage spectrum sharing" is awkward. Would "One
> approach to managing spectrum sharing" or "One approach to the management
> of spectrum sharing" work?
>
> - There are several instances of "The Device needs to use the information
> to update its list". Consider clarifying 'needs to'. Should this have been
> MUST?
>
> - "The vertices MUST be defined in a counter-clockwise direction" assumes
> you are looking at them from above - please be explicit.
>
> - Section 9.1.2's first paragraph should say "FCC and ETSI" the same way
> 9.2.2 does. You could generalize that to "any particular set of
> authorities".
>
> _______________________________________________
> paws mailing list
> paws@ietf.org
> https://www.ietf.org/mailman/listinfo/paws
>

-- 
-vince