[Last-Call] Artart last call review of draft-ietf-opsawg-mud-acceptable-urls-10

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Reviewer: Darrel Miller
Review result: Ready with Nits

I reviewed this document as part of the Art Area's Last Call Review.  Document
authors, document editors, and WG chairs should treat these comments just like
any other IETF Last Call comments.

In general this document was clearly written and without any background in this
area I was able to get a reasonable understanding of the problem being
addressed and the proposed solution.

There were a few nits that could be addressed to improve clarity.

Section 1

The introduction uses the term network manager but then later seems to use the
term MUD controller to mean the same thing.  RFC8520 defines terminology for
MUD manager and MUD controller but not network manager, so it is unclear if
this is actually a different concept or just another name for the same thing.

Section 3.4

> While many small tweaks to a MUD file can be done in place, the situation
described above, > particularly when it comes to removing capabilities will
suggest that changes to the MUD URL > are in order.

This sentence could use some editing for clarity. It is not clear what is being
referenced by "the situation described above". Is it referring to 3.1, 3.2 and
3.3 and if so, would it be better to say "the situations described above" ?

Section 5

> Subsequent MUD files are considered valid if:
> - they have the same initial Base-URI as the MUD-URL, but may have a
different final part > - they are signed by an equivalent End Entity (same
trusted CA and same Subject Name) as >   the "root"  MUD file.

It wasn't immediately obvious to me if the following conditions were "and" or
"or".

Section 5.1.1

> Note that in order for MUD controllers to reload the old file, it MUST have
been served > with an appropriate ETag, and appropriate Expires or Cache
Control headers [RFC9111], Section 5.3.

It is not clear why an Etag would be required for a MUD controller to reload
the file. Would an Expires or Cache-Control with Max-Age not be sufficient?

> The manufacturer must continue to serve the files from the old location for
some time, > or to return an HTTP 301 (Moved Permanently) redirecting to the
new location.

It is not clear whether I could use a HTTP 301 to redirect
https://example.com/household/products/mudfiles/toaster.json directly to
https://example.com/mudfiles/toasters/model1945/mud.json or whether the 301 is
also constrained by "have the same initial Base-URI as the MUD-URL".

Section 6

> The use of ETag allows a MUD controller to more efficiently poll for changes
in the file.

It might be worth adding "by making conditional GET requests" for additional
clarity.

> A manufacturer should also serve MUD files with an HTTP Max-Age header as per
Section 5.2.2.8 of [RFC7234].

Should this should be SHOULD?

> MUD controllers MAY use a single HTTP(S)/1.1 connection to retrieve all
resources at the same destination. This doesn't seem necessary. Is there any
significance to whether one or more connections are used? Is this making some
statement about the use of HTTP/2 or HTTP/3?

Regards,

Darrel


-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux