Mercurial > hg > ietf
comparison ace-key-groupcomm-review.txt @ 8:d4e5d6b079bc default tip
merge
| author | Henry S. Thompson <ht@inf.ed.ac.uk> |
|---|---|
| date | Tue, 02 Jul 2024 13:51:47 +0100 |
| parents | ac8f4ba48e08 |
| children |
comparison
equal
deleted
inserted
replaced
| 7:328798b2a7d1 | 8:d4e5d6b079bc |
|---|---|
| 1 Document: | 1 Document: Key Provisioning for Group Communication using ACE [1] |
| 2 Intended RFC status: Proposed Standard | 2 Intended RFC status: Proposed Standard |
| 3 Review type: artart - Last Call review | 3 Review type: artart - Last Call review |
| 4 Reviewer: Henry S. Thompson | 4 Reviewer: Henry S. Thompson |
| 5 Review Date: 2023-10-@@ | 5 Review Date: 2023-10-@@ |
| 6 Result: Ready with Issues | 6 Result: Ready with Issues |
| 10 Caveat: I'm not familiar with the group comms family of RFCs or the | 10 Caveat: I'm not familiar with the group comms family of RFCs or the |
| 11 applications they support, so this review is from an outsider's | 11 applications they support, so this review is from an outsider's |
| 12 perspective. | 12 perspective. |
| 13 | 13 |
| 14 As such, I am not able to comment on the adequacy of section 4. This | 14 As such, I am not able to comment on the adequacy of section 4. This |
| 15 is where the details of the Client and ??? interactions are spelled | 15 is where the details of the Client and KDC interactions are spelled |
| 16 out, and it needs a potential user of this spec. to judge whether they | 16 out, and it needs a potential user of this spec. to judge whether they |
| 17 provide the necessary functionality. | 17 provide the necessary functionality. |
| 18 | 18 |
| 19 *Substantive points* | 19 *Substantive points* |
| 20 | 20 |
| 42 | 42 |
| 43 *Minor points* | 43 *Minor points* |
| 44 | 44 |
| 45 Section 1. I note that one of the two referenced examples of candidate | 45 Section 1. I note that one of the two referenced examples of candidate |
| 46 application profiles, "A publish-subscribe architecture for the | 46 application profiles, "A publish-subscribe architecture for the |
| 47 Constrained Application Protocol (CoAP)" [1], has expired. I'm not | 47 Constrained Application Protocol (CoAP)" [2], has expired. I'm not |
| 48 sure how much it matters to have reasonably mature examples, but | 48 sure how much it matters to have reasonably mature examples, but |
| 49 without _some_ good reasons to suppose that there's a community out | 49 without _some_ good reasons to suppose that there's a community out |
| 50 there waiting to implement this framework, its future does seem a bit | 50 there waiting to implement this framework, its future does seem a bit |
| 51 shaky... There is of course a chicken-and-egg problem here which may | 51 shaky... There is of course a chicken-and-egg problem here which may |
| 52 explain the lack of progress. | 52 explain the lack of progress. |
| 63 roles. Although there is a parenthetical reference to the [Vv]erifier | 63 roles. Although there is a parenthetical reference to the [Vv]erifier |
| 64 role in Section 3.3.1, no other mention of Monitor is given, and in | 64 role in Section 3.3.1, no other mention of Monitor is given, and in |
| 65 general the role of roles is not explained anywhere. There is a | 65 general the role of roles is not explained anywhere. There is a |
| 66 "Request inconsistent with the current roles" error code defined in | 66 "Request inconsistent with the current roles" error code defined in |
| 67 section 9, but no tabulation of roles allowed/required for particular | 67 section 9, but no tabulation of roles allowed/required for particular |
| 68 requests, which one might expect. | 68 requests, which one might expect. Nor are any REQ or OPT obligations |
| 69 provided to cover this. | |
| 69 | 70 |
| 70 If all this is something defined in one of the many referenced specs, | 71 If all this is something defined in one of the many referenced specs, |
| 71 and so familiar to likely readers, that's OK, otherwise perhaps | 72 and so familiar to likely readers, that's OK, otherwise perhaps |
| 72 something should be added. | 73 something should be added. |
| 74 | |
| 75 Sections 11.6--11.16: _Seven_ new IANA registries! At a quick count, | |
| 76 that's a 50% increase in the number of related (CBOR + COAP) | |
| 77 registries. Is there a plan for populating the expert reviewer slots | |
| 78 this entails? | |
| 73 | 79 |
| 74 *Nits* | 80 *Nits* |
| 75 | 81 |
| 76 Section 1 / Appendix A: The use of REQ[n] and OPT[n] in conjunction | 82 Section 1 / Appendix A: The use of REQ[n] and OPT[n] in conjunction |
| 77 with REQUIRED and MAY is not explained, nor are they linked to the | 83 with REQUIRED and MAY is not explained, nor are they linked to the |
| 88 trasferring -> transferring | 94 trasferring -> transferring |
| 89 | 95 |
| 90 ht | 96 ht |
| 91 -- | 97 -- |
| 92 | 98 |
| 93 [1] https://datatracker.ietf.org/doc/html/draft-ietf-core-coap-pubsub-12 | 99 [1] https://datatracker.ietf.org/doc/draft-ietf-ace-key-groupcomm/ |
| 100 [2] https://datatracker.ietf.org/doc/html/draft-ietf-core-coap-pubsub-12 |