[Policy] AD review: draft-reyes-policy-core-ext-schema-03.txt (targeted fo r PS)
"Wijnen, Bert (Bert)" <bwijnen@lucent.com> Sat, 30 August 2003 06:42 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA25924 for <policy-archive@odin.ietf.org>; Sat, 30 Aug 2003 02:42:40 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19swkD-0005H8-94 for policy-archive@odin.ietf.org; Fri, 29 Aug 2003 23:49:47 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h7U3njL5020277 for policy-archive@odin.ietf.org; Fri, 29 Aug 2003 23:49:45 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19svBt-0000hg-S9; Fri, 29 Aug 2003 22:10:13 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19sqCG-0003Vh-Gb for policy@optimus.ietf.org; Fri, 29 Aug 2003 16:50:17 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA03768 for <policy@ietf.org>; Fri, 29 Aug 2003 16:50:09 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19sqCE-0006r6-00 for policy@ietf.org; Fri, 29 Aug 2003 16:50:14 -0400
Received: from ihemail1.lucent.com ([192.11.222.161] helo=ihemail1.firewall.lucent.com) by ietf-mx with esmtp (Exim 4.12) id 19sqCD-0006qC-00 for policy@ietf.org; Fri, 29 Aug 2003 16:50:13 -0400
Received: from nl0006exch001h.wins.lucent.com (h135-85-76-62.lucent.com [135.85.76.62]) by ihemail1.firewall.lucent.com (Switch-2.2.0/Switch-2.2.0) with ESMTP id h7TKneZ09906 for <policy@ietf.org>; Fri, 29 Aug 2003 15:49:40 -0500 (CDT)
Received: by nl0006exch001h.nl.lucent.com with Internet Mail Service (5.5.2656.59) id <RYHC2RK7>; Fri, 29 Aug 2003 22:49:39 +0200
Message-ID: <7D5D48D2CAA3D84C813F5B154F43B15502331450@nl0006exch001u.nl.lucent.com>
From: "Wijnen, Bert (Bert)" <bwijnen@lucent.com>
To: "'Pana, Mircea'" <mpana@metasolv.com>, 'Marcus Brunner' <brunner@ccrle.nec.de>, "'telabm@mat.upc.es'" <telabm@mat.upc.es>, "'angelica@mat.upc.es'" <angelica@mat.upc.es>, 'David Moron' <dmor4477@hotmail.com>
Cc: "Policy (E-mail)" <policy@ietf.org>
Date: Fri, 29 Aug 2003 22:49:38 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain; charset="iso-8859-1"
Subject: [Policy] AD review: draft-reyes-policy-core-ext-schema-03.txt (targeted fo r PS)
Sender: policy-admin@ietf.org
Errors-To: policy-admin@ietf.org
X-BeenThere: policy@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/policy>, <mailto:policy-request@ietf.org?subject=unsubscribe>
List-Id: Policy Framework <policy.ietf.org>
List-Post: <mailto:policy@ietf.org>
List-Help: <mailto:policy-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/policy>, <mailto:policy-request@ietf.org?subject=subscribe>
Here are my comments. Would be good to not only hear authors/editors
responses, but also input from the WG.
- RFC3460 Updates RFC3060. So would it not be logical to say/claim
that this PCELS Updates PCLS ?? If so, we need to say so in the
abstract with a simple, but explicit sentence:
This document updates RFC zzzz
-- RFC-Editor replaces zzzz with RFC number assigned to [PCLS]
- Maybe I just do not understand... But is it valid to just move a
class, like you moved the pcimGroup (and all that was under it)
underneath a new pcimPolicySet. Would it not be more cuatious to
deprecate the pcimGroup and define s pcimeGroup or such under
pcimPolicySet and do something similar for the other moved groups
classes? I understand that PCIM-EXT did this moving too, but that
is an information model (so abstract) while this is a mapping onto
a repository, so here things may get incompatible if we already
have implementation of PCLS, no?
- Is it wise to have (as part of this document) two Vendor specific
classes that are not part of or based on PCIM-EXT ?? This doc is
supposed to do the LDAP Schema defintiions for PCIM-EXT, right?
So why these additions?
- Is it wise to just rename classes (sect 4.2, bullet 1). Would it
not be wiser to deprecate the old ones and add new ones?
- There seems to be more of these things that I wonder if deprecation
and adding new ones would be better. I guess I do not very well
understand the impact (or non-impact) on existing implementations
of the PCLS by the changes being made. Can someone explain to me.
Or possibly add text to the document that describes such
(non-)impact.
- In section 5, I think you need to explain/define which matching
rules are used and make citations to where they are defined.
PCLS does that too (zeilenga-user_schema), but you probably
better use: draft-zeilenga-ldap-user-schema-mr-00.txt
Pls make sure that that indeed covers all matching rules.
- Security Considerations
Would it not be better to change the first 3 paragraphs:
This topic is based on requirements from previous [PCLS] documents
and also takes into account other RFCs about the same security
aspects entitled as following:
RFC 2829 (Authentication Methods for LDAP)
RFC 2830 (Lightweight Directory Access Protocol (v3): Extension for
Transport Layer Security)
These RFC documents provide a general framework for security
architecture of the system. However some comments have to be provided
as a consequence of the inclusion of extensions in this own document
and its relation with PCLS doc.
Into something like:
Since this PCELS document is an update to the [PCLS] it has the same
basic security considerations as the [PCLS] document. So see the
Security considerations in [PCLS] first.
- You may want to check the English on Page 55 (up to IANA considerations)
For example: what is "obtention" ??
what is "p.e." ? I guess par example or per exemple?
in English text we tend to use e.g.
And for me (but I am not a security expert), I do not understand what
that text on page 55 is trying to tell me. You may want to check with
one of the security ADs, Russ Housley is probably the most appropriate,
if this is clear and acceptable for them.
- IANA Considerations.
Isn't the IANA-ASSIGNED-OID the same as the one in PCLS ??
If so, we should make that clear in the document, so it is
easy for IANA to see and understand.
NITS:
- in abstract, do not use citations as per RFC-Editor policy. It is OK to
use RFC numbers.
- RFC2119 (your [KEYWORDS] citation) must be a normative reference
Your text on keywors on page 1 does not make a citation to this by the
way.
I want to get this doc reviewed by an LDAP expert (from the LDAP
directorate) as well, but maybe you can try to address and/or answer
the above first.
Thanks,
Bert
_______________________________________________
Policy mailing list
Policy@ietf.org
https://www1.ietf.org/mailman/listinfo/policy
- [Policy] AD review: draft-reyes-policy-core-ext-s… Wijnen, Bert (Bert)
- RE: [Policy] AD review: draft-reyes-policy-core-e… John Strassner