Re: [Tzdist] OPPOSE Time Zone Data Distribution Service / draft-ietf-tzdist-service-09
Cyrus Daboo <cyrus@daboo.name> Thu, 23 July 2015 02:51 UTC
Return-Path: <cyrus@daboo.name>
X-Original-To: tzdist@ietfa.amsl.com
Delivered-To: tzdist@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E170E1A8983; Wed, 22 Jul 2015 19:51:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.912
X-Spam-Level:
X-Spam-Status: No, score=-1.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JxnWCR1PZG5W; Wed, 22 Jul 2015 19:51:22 -0700 (PDT)
Received: from daboo.name (daboo.name [173.13.55.49]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2687A1A882C; Wed, 22 Jul 2015 19:51:21 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by daboo.name (Postfix) with ESMTP id 8218419C08EC; Wed, 22 Jul 2015 22:51:20 -0400 (EDT)
X-Virus-Scanned: amavisd-new at example.com
Received: from daboo.name ([127.0.0.1]) by localhost (daboo.name [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CWzIZDqOga3j; Wed, 22 Jul 2015 22:51:20 -0400 (EDT)
Received: from [10.0.1.14] (unknown [173.13.55.49]) by daboo.name (Postfix) with ESMTPSA id 36B5019C08DF; Wed, 22 Jul 2015 22:51:19 -0400 (EDT)
Date: Wed, 22 Jul 2015 22:51:17 -0400
From: Cyrus Daboo <cyrus@daboo.name>
To: Tobias Conradi <tc@tobiasconradi.com>, Time Zone Data Distribution Service <tzdist@ietf.org>
Message-ID: <AD1F6DF5A283FA48EA0795E0@cyrus.local>
In-Reply-To: <CAAGevbWvzDSRWCM5M=7Ra4tM=Oo_KKY2OaBsPuVSbpE=b7_1Bg@mail.gmail.com>
References: <CAAGevbWvzDSRWCM5M=7Ra4tM=Oo_KKY2OaBsPuVSbpE=b7_1Bg@mail.gmail.com>
X-Mailer: Mulberry/4.1.0b1 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline; size="4091"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tzdist/GJqy-OX0BFyjxVwEA7-DAL8GPrM>
Cc: tzdist-chairs@ietf.org
Subject: Re: [Tzdist] OPPOSE Time Zone Data Distribution Service / draft-ietf-tzdist-service-09
X-BeenThere: tzdist@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <tzdist.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tzdist>, <mailto:tzdist-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tzdist/>
List-Post: <mailto:tzdist@ietf.org>
List-Help: <mailto:tzdist-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tzdist>, <mailto:tzdist-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jul 2015 02:51:25 -0000
Hi Tobias, --On July 21, 2015 at 5:24:38 PM +0200 Tobias Conradi <tc@tobiasconradi.com> wrote: > 1) Concept of Time Zone Data Distribution Service > > Time zone data (TZD) is iCalendar data, so a iCalendar Data > Distribution Service could cover the TZD distribution. Delivery of other types of time zone data formats is anticipated. > 2) The name of the service > does not agree with the abstract I have no concerns about that. > 3) Orthography > Does capitalization follow any rule, if so which? Typographical and stylist issues will be handled by the RFC editor when they process the draft for publication. However, I have gone ahead and fixed various section titles in the next draft. > 4) The setup of draft-ietf-tzdist-service-09 > > https://tools.ietf.org/html/draft-ietf-tzdist-service-09#section-7 > defines new iCalendar properties, but they are used already in > > https://tools.ietf.org/html/draft-ietf-tzdist-service-09#section-5 The formal definitions of syntax and property registration templates were put into their own sections at the end. > 5) Naming of new iCalendar properties and section I think there was a discussion of this before and there was no consensus for a change. At this point the names matter less than the actual definition of what they mean. > 6) TZD properties not declared to be new iCalendar properties > > Why are some declared to be new iCalendar properties and others not? Not sure what you mean by this. > Naming issues: > > https://tools.ietf.org/html/draft-ietf-tzdist-service-09#section-3.8 > "3.8. Time Zone Localized Names" > but > https://tools.ietf.org/html/draft-ietf-tzdist-service-09#section-5.2.1 > "local-names" I don't see that as a problem. > > 7) Spaces in JSON Yes, that is a common way for "pretty printing" JSON. > ======= > Document has > time zones -> timezones > > instead of > time zones -> time-zones As discussed on many occasions the protocol elements will be left as "timezone" and prose will use "time zone". > 8) Service name registrations No change will be made - these are protocol elements. > 9) timezone Well-Known URI Registration No change will be made - these are protocol elements. > 10) IANA Considerations > https://tools.ietf.org/html/draft-ietf-tzdist-service-09#section-10.1 > IANA is asked to create a new top-level category called "Time Zone > Distribution Service (TZDIST) Parameters" > > contradicts document name "Time Zone Data Distribution Service" Agreed I have fixed that and a couple of other places where "data" was missing, thank you. > 11) synctoken > No definition of format. Examples only show time stamps. Formal syntax defines it as a "string" and the descriptions describe it as an "opaque token". I think that is reasonably clear. > 12) Privacy Considerations > > Randomize the order in which individual time zones are fetched > using the "get" action, when retrieving a set of time zones based > on a "list" action response. > > Less leaking would be a standard order? Not sure what you mean by that. > > 13) Overbearance > I don't know what the best translation for the German "Anmaßung" is here. > > https://tools.ietf.org/html/draft-ietf-tzdist-service-09#section-8 > "Servers providing a time zone data distribution > service MUST support HTTP > over Transport Layer Security (TLS)" > > There are a lot of use cases where this is not needed. The document > itself allows it: "Servers MAY support a time zone data distribution > service over HTTP without TLS." No - the document requires TLS but allows servers to offer a non-TLS solution if they want. But servers could choose to only implement TLS. > Requiring it will only lead to TZDDS servers that are not fully > compliant with the document. Rendering the document less > authoritative. I am afraid in the current climate of security and privacy concerns, not requiring TLS is simply a non-starter. Anyone claiming that there are situations where it is not needed are simply wrong - as the continuing evidence of attacks of all kinds has shown. -- Cyrus Daboo
- [Tzdist] OPPOSE Time Zone Data Distribution Servi… Tobias Conradi
- Re: [Tzdist] OPPOSE Time Zone Data Distribution S… Eliot Lear
- Re: [Tzdist] OPPOSE Time Zone Data Distribution S… Tobias Conradi
- Re: [Tzdist] OPPOSE Time Zone Data Distribution S… Cyrus Daboo