Re: Gen-ART LC Review of draft-ietf-tsvwg-ecn-tunnel-08

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks for the response. Further comments inline. (If I don't comment on a point, please take that to mean "okay" :-) )

On Jul 13, 2010, at 6:13 AM, Bob Briscoe wrote:

> Ben,
> 
> Thank you for your review comments from the GEN-ART perspective.
> 
> I think I have dealt with all your points in my responses, which are inline...
> 
> There is just one outstanding question for you concerning updating BCP4774...
> 
> At 22:23 01/07/2010, Ben Campbell wrote:
>> I am the assigned Gen-ART reviewer for this draft. For background on
>> Gen-ART, please see the FAQ at
>> <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
>> 
>> Please resolve these comments along with any other Last Call comments
>> you may receive.
>> 
>> Document: draft-ietf-tsvwg-ecn-tunnel-08
>> Reviewer: Ben Campbell
>> Review Date: 2010-07-01
>> IETF LC End Date: 2010-07-06
>> IESG Telechat date: (if known)
>> 
>> Summary:
>> 
>> This draft is almost ready for publication as a proposed standard. I have a couple of procedural questions that should be considered first, as well as a few editorial comments.
>> 
>> Major Issues: None.
>> 
>> Minor Issues:
>> 
>> -- RFC Editor request (immediately after ToC): "In the RFC index, RFC3168 should be identified as an update to RFC2003.
>> RFC4301 should be identified as an update to RFC3168."
>> 
>> This seems odd. I assume the intent is that this draft says that things from 3168 should be applied to 2003, therefore updating 2003, etc? If so, wouldn't it be more correct to say that _this_ draft updates 2003 and 3168?
> 
> Quoting from the RFC Index:
> /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
> Updates xxxx refers to other RFCs that this one merely updates but
> does not replace); ...
>                              Generally, only immediately succeeding
> and/or preceding RFCs are indicated, not the entire history of each
> related earlier or later RFC in a related series.
> /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
> The consensus on the TSVWG list was that the updates should be identified in the RFC Index as follows
> 2003 -> 3168 -> ecn-tunnel
> 3168 -> 4301 -> ecn-tunnel
> 
> In the headers of this draft we have said:
> Updates: 3168, 4301
> 
> But we also noticed that the RFC Index incorrectly omits to identify that these RFCs in turn already update the earlier RFCs. The note to the RFC Editor was the result of this consensus request from the TSVWG list.
> 
> [BTW, There is nonetheless text on backward compatibility between this I-D and these early RFCs in Section 6. And "Appendix A; Early ECN Tunnelling RFCs" explains the interactions.]
> 
> Summary: I propose no change on this point.

It's not entirely clear to me how the RFC index quote supports the argument one way or another. I was not proposing we needed to maintain the entire history of updates.

Was the work group consensus that 3168 _already_ updated 2003 (i.e. the original intent of 3618 was to update 2003), and the notation of that fact was simply missing? Or that it _should_have_ updated 2003 but did not? If the first, then I agree with the proposed approach. But if the second, then I think you have a case of _this_ draft updating 2003 by calling out text in 3618 that should now apply to it. 

In particular, does 3168 contain text on how it updates 2003? Could someone understand how 3168 applies to 2003 by reading that document alone? Or does that text reside in this draft?

In any case, if you still believe it should stand as is, I will not push the point further. If the IESG is okay with the approach, then it's fine with me.



> 
> 
>> -- 7, first paragraph: "The guidance below extends RFC4774, giving additional guidance on designing any alternate ECN semantics
>> that would also require alternate tunnelling semantics."
>> 
>> Should this draft be listed as updating 4774? Also, you've declared this section non-normative. What does it mean to non-normatively extend a BCP?
> 
> That's a very good question/point and I would appreciate your advice on how to proceed. My take was that this was an informational section of a STDS RFC. So I did not include any RFC2119 language. But your nicely succinct question throws this into better perspective.
> 
> Should I:
> * Add 'Updates 4774' to the headers?
> * Scrub the line saying "This section is informative not normative." ?
> * Shift the RFC2119 keywords in this section to upper-case?

See my response to your separate email on this subject.

> 
>> Nits/Editorial:
>> 
>> -- General:
>> 
> 

[...]

> 
>> -- 5.3.1, last bullet:"… the IETF Security Area now considers copying acceptable given the bandwidth of a 2-bit covert channel can be managed."
>> 
>> Can you supply a reference for that assertion?
> 
> 1. Introduction
> already says:
> 
> "...Nonetheless, the latest IPsec architecture [RFC4301] considered a bandwidth limit of 2 bits per packet on a covert channel made it a manageable risk."
> 

It's a subtle distinction, but I'm not sure the fact that 4301 says it's okay necessarily represents any specific current belief on the part of the Security Area (But I guess the security ADs can decide that.) But given that such believes can change over time, and an RFC is fixed, perhaps it would be better to simply repeat the mention that 4301 asserts this.

BTW, a quick perusal of 4301 seems to say something more to the effect of "administrators can decide if the risk is acceptable" rather than "the risk is acceptable". When you say the risk is "manageable", are you referring to the fact an administrator could "manage" it by turning copying off?

[...]

_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]