[Tzdist] eliot review of draft-ietf-tzdist-service
Eliot Lear <lear@cisco.com> Fri, 30 January 2015 14:32 UTC
Return-Path: <lear@cisco.com>
X-Original-To: tzdist@ietfa.amsl.com
Delivered-To: tzdist@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 9923B1A9072
for <tzdist@ietfa.amsl.com>; Fri, 30 Jan 2015 06:32:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Level:
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001,
T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id L0G1IBdc2wTc for <tzdist@ietfa.amsl.com>;
Fri, 30 Jan 2015 06:32:12 -0800 (PST)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54])
(using TLSv1 with cipher RC4-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 0DA3C1A9071
for <tzdist@ietf.org>; Fri, 30 Jan 2015 06:32:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=cisco.com; i=@cisco.com; l=3241; q=dns/txt; s=iport;
t=1422628332; x=1423837932;
h=message-id:date:from:mime-version:to:subject;
bh=ZjntoglBq9GBLr6eg7gjaT2Rltod20m3VtzUiBtN76E=;
b=DJDSvGQGc5OkRZl3dWDM7LI8enBvAl9TYMdRs5fOtXQgWHc6mkBwe4Bk
p2MlAg1fKQfjigo0acBHMxBCQfv5dy/UNvZQjAbhez1ZXPR32p/FclN9T
Dw383a8xggvK8lE/WmuA7JCXs0GqM5/DDSdrgyYNLI5VcCMhK4RnOVICt Y=;
X-Files: signature.asc : 486
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DyBACblctU/xbLJq1ahDGDAclAAQEBAQF9hA4EJEsKBjcWCwILAwIBAgFLDQYCAQGIIAixXI9IlX4BAQgCAR+SZ4FBBZBPgSmGJoY4jBkig289MYJCAQEB
X-IronPort-AV: E=Sophos;i="5.09,491,1418083200";
d="asc'?scan'208";a="328172156"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com)
([173.38.203.22])
by aer-iport-4.cisco.com with ESMTP; 30 Jan 2015 14:32:10 +0000
Received: from [10.61.198.118] ([10.61.198.118])
by aer-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id t0UEWA22022294
for <tzdist@ietf.org>; Fri, 30 Jan 2015 14:32:10 GMT
Message-ID: <54CB95E9.1020702@cisco.com>
Date: Fri, 30 Jan 2015 15:32:09 +0100
From: Eliot Lear <lear@cisco.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10;
rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Time Zone Data Distribution Service <tzdist@ietf.org>
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="sTKBAlFtSdTrGIufu82mIXuvxfWWT2hBC"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tzdist/QaKs2_jc8EGd8ckxL2zkry5Wc1w>
Subject: [Tzdist] eliot review of draft-ietf-tzdist-service
X-BeenThere: tzdist@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <tzdist.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tzdist>,
<mailto:tzdist-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tzdist/>
List-Post: <mailto:tzdist@ietf.org>
List-Help: <mailto:tzdist-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tzdist>,
<mailto:tzdist-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jan 2015 14:32:13 -0000
Major issues: Security & privacy considerations must be addressed. That doesn't mean we have to accept every aspect of Daniel's review, but we certainly do need to address them. Section 8: > > Clients that support transport layer security as defined by [RFC2818] > SHOULD try the "_timezones" service first before trying the > "_timezone" service. Clients MUST follow the certificate > verification process specified in [RFC6125]. This poses a downgrade attack. What I thought we had agreed was that we wanted was that servers MUST implement timezones, and MAY implement both; clients SHOULD use timezones, but MAY instead query timezone. But they should choose one and use it, processing an error if no service is available. Minor Issues: In Section 2, as far as this protocol is concerned, is there any architectural difference between Root Providers and Secondary Providers? If not, we should should say so. I'm tempted to suggest combining them, as well. Section 3.9: > When truncating the start of a "VTIMEZONE" component, the server MUST > include either a "STANDARD" or "DAYLIGHT" sub-component with a > "DTSTART" property value that matches the start point of the > truncation range, and appropriate "TZOFFSETFROM" and "TZOFFSETTO" > properties to indicate the correct offset in effect right before and > after the truncation range start point. Very minor: do you mean an OR or an exclusive OR above. If you mean the former, I would suggest replacing the word "either" with "at least one of". If you mean an exclusive or, then I would suggest replacing "either" with "exactly one". Section 4.2.1.2 & 4.2.1.3 Is there a need for both of these mechanisms? Nits: In the next version the following text should either have its tense changed or be removed: > Discussion of this document should take place on the tzdist working > group mailing list <tzdist@ietf.org>rg>. Section 2: > (a) Contributors: Individuals, governments or organizations which > provide information about time zones to the publishing process. > There can be many contributors. Note that this spec does not address contributors as that is an internal matter for the publisher. Eliot
- [Tzdist] eliot review of draft-ietf-tzdist-service Eliot Lear
- Re: [Tzdist] eliot review of draft-ietf-tzdist-se… Lester Caine