IETF Logo Mail Archive

Re: [weirds] About to push the approve button, but...

Pete Resnick <presnick@qti.qualcomm.com> Wed, 31 December 2014 16:48 UTC

Return-Path: <presnick@qti.qualcomm.com>
X-Original-To: weirds@ietfa.amsl.com
Delivered-To: weirds@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 010A61A9252 for <weirds@ietfa.amsl.com>; Wed, 31 Dec 2014 08:48:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.011
X-Spam-Level:
X-Spam-Status: No, score=-7.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NGia-Dpx1cAq for <weirds@ietfa.amsl.com>; Wed, 31 Dec 2014 08:48:56 -0800 (PST)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C9B81A916B for <weirds@ietf.org>; Wed, 31 Dec 2014 08:48:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qcdkim; t=1420044534; x=1451580534; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=55yjoDLaalZt2tnr5LpkiymfBlGKFr3zaMadjo7vYqg=; b=TWxa5NGMWax8TSqM5uUVsSRYyV/KDGFZzkf3dfvNoIrU1Qdaehdn2y5L uNS9uBw21upKbg2xHQ9yi8/PRN4Qji1Lq1N1PwbjTpWYqUFhUBe1Dha0A quf+umXzvGWffROE3CdlHePLZK/I9aZPG10F/JxQUY6aJR/ZX9W7DN6fd M=;
X-IronPort-AV: E=McAfee;i="5600,1067,7667"; a="96150472"
Received: from ironmsg03-l.qualcomm.com ([172.30.48.18]) by wolverine01.qualcomm.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 31 Dec 2014 08:48:54 -0800
X-IronPort-AV: E=Sophos;i="5.07,673,1413270000"; d="scan'208";a="808373075"
Received: from nasanexm01f.na.qualcomm.com ([10.85.0.32]) by Ironmsg03-L.qualcomm.com with ESMTP/TLS/RC4-SHA; 31 Dec 2014 08:48:52 -0800
Received: from presnick-mac.local (10.80.80.8) by NASANEXM01F.na.qualcomm.com (10.85.0.32) with Microsoft SMTP Server (TLS) id 15.0.995.29; Wed, 31 Dec 2014 08:48:51 -0800
Message-ID: <54A428F2.8010102@qti.qualcomm.com>
Date: Wed, 31 Dec 2014 10:48:50 -0600
From: Pete Resnick <presnick@qti.qualcomm.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.7; en-US; rv:1.9.1.9) Gecko/20100630 Eudora/3.0.4
MIME-Version: 1.0
To: "Hollenbeck, Scott" <shollenbeck@verisign.com>
References: <20141029184749.10576.92440.idtracker@ietfa.amsl.com> <8CD1C8CB-38B4-44AF-A90D-9792FE62EBA3@arin.net> <54A1CF56.7080707@qti.qualcomm.com> <831693C2CDA2E849A7D7A712B24E257F49F0F1FA@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
In-Reply-To: <831693C2CDA2E849A7D7A712B24E257F49F0F1FA@BRN1WNEXMBX01.vcorp.ad.vrsn.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.80.80.8]
X-ClientProxiedBy: NASANEXM01H.na.qualcomm.com (10.85.0.34) To NASANEXM01F.na.qualcomm.com (10.85.0.32)
Archived-At: http://mailarchive.ietf.org/arch/msg/weirds/S53eT3_UzewiezLdObEvInXGVxI
Cc: "weirds-chairs@tools.ietf.org" <weirds-chairs@tools.ietf.org>, "weirds@ietf.org" <weirds@ietf.org>, "draft-ietf-weirds-rdap-query@tools.ietf.org" <draft-ietf-weirds-rdap-query@tools.ietf.org>, "draft-ietf-weirds-json-response@tools.ietf.org" <draft-ietf-weirds-json-response@tools.ietf.org>
Subject: Re: [weirds] About to push the approve button, but...
X-BeenThere: weirds@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "WHOIS-based Extensible Internet Registration Data Service \(WEIRDS\)" <weirds.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/weirds>, <mailto:weirds-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/weirds/>
List-Post: <mailto:weirds@ietf.org>
List-Help: <mailto:weirds-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/weirds>, <mailto:weirds-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Dec 2014 16:48:59 -0000

On 12/30/14 6:30 PM, Hollenbeck, Scott wrote:
>> Doing my final review of the docs, it looks like using-http, rdap-sec,
>> and object-inventory are ready to go, and I want to do one final check
>> on bootstrap in light of Peter's comments, but that looks good too.
>> However, as I was about to approve the lot, I noticed a few issues in
>> rdap-query and json-response that seem to have been dropped during IESG
>> Eval. On some of them, perhaps the intention was to say, "Thanks, but
>> we're leaving that as-is", but all I see is silence.
>>
>> On rdap-query, from Ted's comments:
>>
>> On 10/29/14 5:45 PM, Andy Newton wrote:
>>      
>>> On Oct 29, 2014, at 2:47 PM, Ted Lemon<Ted.Lemon@nominum.com>   wrote:
>>>
>>>        
>>>> Point A:
>>>>
>>>> In 3.1.2:
>>>> ...
>>>>
>>>>          
>>> The point is: don't do ASDOT... which is an issue for 4-byte as
>>> numbers. We should probably actually say that, and split apart the
>>> first paragraph to put the examples closer to it.
> I'll leave this one to Andy.
>    

Ack. He promised to get back to me when he was not hopped-up on cough 
medicine.

>>>> Point B:
>>>>
>>>> Section 6 appears to be confusing presentation and representation. 
>>>> A client might well present a UI that shows U-labels, but use 
>>>> A-labels on the back end. The text as written here really doesn't 
>>>> make sense. What are you trying to say? I think that you shouldn't 
>>>> confuse what's presented to the user with what's sent on the wire. 
>>>> Possibly this is related to the confusion over A-labels and 
>>>> U-labels that I called out in Point 2 of the discuss.
>>> [No response]
>>>        
> There was no response because this was part of our "we don't know what to say about Ted's IDN issues" off-list discussion. If I were to respond now I would say "what we have there came from our best IDN experts and I'm inclined to leave it alone unless they say otherwise".
>    

Good. That's my gut too. He doesn't like this sentence:

    Clients capable of
    processing non-ASCII characters may prefer a U-label since this is
    more visually recognizable and familiar than A-label strings, but
    clients using programmatic interfaces might find it easier to submit
    and display A-labels if they are unable to input U-labels with their
    keyboard configuration.

And he's right, that sentence is mixing apples and oranges: You can 
display a U-label or an A-label as a decoded string, and which encoding 
you use internally doesn't effect that. But I know what was meant, and I 
don't think it is likely to confuse implementers, so I don't see a big 
need to change it.

>> And later:
>>
>> On 10/29/14 6:49 PM, Ted Lemon wrote:
>>      
>>> My concern is that it will be used for data mining by people other
>>> than owners of nameservers.   I don't think there's much that can be
>>> done to mitigate this, though, so I'll take it out of the DISCUSS.   It
>>> wouldn't hurt to mention it specifically in the security considerations
>>> section, but I'll leave that up to you.
>>>        
>> Sounds like Point A was supposed to get some additional text, but
>> nothing changed, and that Point B and the requested addition to
>> Security Consideration were ignored.
>>      
> I have to disagree with the suggestion to add text about data mining. This isn't WHOIS, and we wrote a security document that describes client identification, authorization, and access control features in RDAP to address that issue with WHOIS.

Seems like a fair response to me.

> There was no direct response simply because the point got lost in the flurry of higher priority discuss topics.
>    

Yep. Just making sure we have a record on the list that we saw the issue 
and there was a disposition.

>> On json-response, Stephen's last two points:
>>
>> On 10/30/14 8:47 AM, Stephen Farrell wrote:
>>      
>>> - p21, the list following the example contains items that were
>>> not in the example - this is unclear writing. Are you saying
>>> that the list is normative or not? If so, you need to say so.
>>> If not, why go beyond the example? The same point applies to
>>> the lots of other examples that follow.
>>>
>>> - 10.2.X: there's a lot of stuff here that wasn't described. I
>>> wouldn't be surprised if that causes interop problems.
>>>
>>>        
>> and both of Ted's points:
>>
>> On 10/29/14 2:40 PM, Ted Lemon wrote:
>>      
>>> Point 1:
>>>
>>> In 4.3:
>>>    It is the job of the clients to determine line breaks, spacing and
>>>    display issues for sentences within the character strings of the
>>>    "description" array.  Each string in the "description" array contains
>>>    a single complete division of human readable text indicating to
>>>    clients where there are semantic breaks.
>>>
>>> What do you mean by "semantic breaks"?   Paragraph breaks?   Sentence
>>> breaks?   Dependent clause breaks?   This doesn't make sense.   I'm
>>> not going to raise a discuss on it because I don't think it affects
>>> interoperability, but I have no idea how to implement a client to
>>> display this in a way that will make sense to the user.
>>>
>>> Point 2:
>>>
>>> A general question that occurred to me in reading 5.5, which also
>>> applies to 5.4: should you have some text talking about how the
>>> link member of a network or autnum object is generated?  Both
>>> networks and autnum objects, as I understand it, can be gotten by
>>> querying any number in the range they enclose.   But of course the
>>> link member isn't going to enumerate all the possible queries that
>>> could return the particular object containing that link member.
>>> So how is the value that's returned chosen?  Is it the lowest
>>> number in the range?   The number that was used in the query that
>>> returned the object?   Some other number?
>>>
>>> I don't think you need to change anything, but it might be worth
>>> discussing this in sections 5.4 and 5.5.
>>>        
>> These all look completely dropped.
>>
>> Can the authors give me a status on the above comments?
>>      
> Status for rdap-query provided above. I'll need to talk to Andy about json-response.
>    

Thanks.

pr

-- 
Pete Resnick<http://www.qualcomm.com/~presnick/>
Qualcomm Technologies, Inc. - +1 (858)651-4478

v2.23.0 | Report a Bug | By Email