IETF Logo Mail Archive

[XCON] AD review: draft-ietf-xcon-ccmp-10

Robert Sparks <rjsparks@nostrum.com> Tue, 14 September 2010 15:51 UTC

Return-Path: <rjsparks@nostrum.com>
X-Original-To: xcon@core3.amsl.com
Delivered-To: xcon@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 856903A6839 for <xcon@core3.amsl.com>; Tue, 14 Sep 2010 08:51:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.441
X-Spam-Level:
X-Spam-Status: No, score=-102.441 tagged_above=-999 required=5 tests=[AWL=0.159, BAYES_00=-2.599, SPF_PASS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dbfdQXl9+KTo for <xcon@core3.amsl.com>; Tue, 14 Sep 2010 08:51:16 -0700 (PDT)
Received: from nostrum.com (nostrum-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:267::2]) by core3.amsl.com (Postfix) with ESMTP id 9C77F3A681D for <xcon@ietf.org>; Tue, 14 Sep 2010 08:51:15 -0700 (PDT)
Received: from [192.168.2.105] (pool-173-71-48-4.dllstx.fios.verizon.net [173.71.48.4]) (authenticated bits=0) by nostrum.com (8.14.3/8.14.3) with ESMTP id o8EFpcBW009082 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for <xcon@ietf.org>; Tue, 14 Sep 2010 10:51:38 -0500 (CDT) (envelope-from rjsparks@nostrum.com)
From: Robert Sparks <rjsparks@nostrum.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Tue, 14 Sep 2010 10:51:38 -0500
Message-Id: <DE53D7D6-7FC6-445F-8500-FDE234681FA3@nostrum.com>
To: xcon@ietf.org
Mime-Version: 1.0 (Apple Message framework v1081)
X-Mailer: Apple Mail (2.1081)
Received-SPF: pass (nostrum.com: 173.71.48.4 is authenticated by a trusted mechanism)
Subject: [XCON] AD review: draft-ietf-xcon-ccmp-10
X-BeenThere: xcon@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Centralized Conferencing <xcon.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/xcon>, <mailto:xcon-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xcon>
List-Post: <mailto:xcon@ietf.org>
List-Help: <mailto:xcon-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xcon>, <mailto:xcon-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Sep 2010 15:51:21 -0000

Summary: There are some minor issues to address before moving to IETF LC.

This is a good document - it was very easy to read. Thanks to all who worked
to get it into the shape it's in.

Administrative:
* Please send a request to type-review for application/ccmp+xml.

* I would like the writeup to name who verified the schema and examples 
  (and what tool they used). How did the reviewer ensure the snippets of 
  schema in the sections that describe various elements exactly matches 
  the full schema listed in section 11?

Technical:

* Is there any text that prevents a ccmp request from being empty?
  (all of the elements in the schema have minOccurs="0"). If not,
  either some should be added, or the text should say something 
  about how a server should react to a request built this way.

* The AUTO_GENERATE mechanism's definition is currently hard to find,
  (it's at the end of 4.1), and easy to miss that it's a normative
  requirement on server behavior. (I couldn't find the place where
  the behavior was defined for my first several reads of this document).
  This behavior should be defined with 2119 terms. What definition
  exists in this section requires the wildcard to have the form of
  AUTO_GENERATE_X, but there are several examples and places in the text
  (here and in the examples document), particularly for xcon-userid:
  constructs where AUTO_GENERATE appears without the _X.

* The draft calls out "first party" and "third party" actions, but doesn't
  define those terms.

* The document should call out why <standard-message-list> and
  <extended-message-list> were separated, and what makes that separation
  useful. What will an implementation do differently if a message name 
  it doesn't understand shows up in a <standard-message-list> vs in an 
  <extended-message-list>?

* Can you add a note explaining that the server chooses the contents 
  of the URI when it creates a conference or user? The examples for 
  creating users, such as 6.7, imply that some bits (Ciccio in this case) 
  are copied from the request's userInfo into the response's userInfo 
  AUTO_GENERATEd URI. While a server might choose to do something like 
  that, it's not required to.

* It should be more clearly stated in 6.9 that the "confSummaryRequest" 
  is hypothetical and is not actually being defined.

* The URL sub-namespace registration html is not well formed
  (There's a spurious <a/>).

* Is there a privacy leak with cloning existing conferences? What text
  prevents any member from cloning the conference to see who is in what
  sidebar? Was the intent to not allow cloning of conferences that are
  in progress?

* The security considerations section should call out that most CCMP commands
  can pend indefinitely - clients need to be ready to wait an arbitrary amount
  of time to get the response (see section 6.3 of xcon-examples and consider
  Alice not responding and the IVR not timing out, Alice using an automaton 
  to keep the IVR from completing its script when it did have timeout protection,
  etc. The document should say what a client should do when it is no longer
  willing to wait (close the underlying connection?), and point out what 
  servers can do if they have lots of pending requests starting to pile up.

v2.8.7 | Report a Bug | By Email