On 10/5/15 17:22, Eric Voit (evoit) wrote:


In section 3, could the Subscription Service be an external broker?
Said another way, it reads like the Subscription Service is/could be an 
external entity.  Is that the case, or will this always be a component of the 
Publisher?
<Eric> I don't know of any reason why the Subscription Service must be a 
component of the Publisher.

Nor do I.  I just asked the question to justify some of my other comments.


In section 4.2.2 regarding negotiation, it states that when negotiating QoS, if the 
Subscription Service is unable to meet the request, it must, "include in its decline 
a set of criteria that would have been acceptable when the Subscription Request was 
made."

This got me thinking about future state.  That is, let's say that as of now I 
negotiate that I can do reaction time of T.  But in an hour, due to other 
things (maybe higher-priority work) I can only do T plus some factor, X.  The 
requirements in section 4.2.1 state that a Subscription Service can terminate a 
Subscription at any time.

And as I read on, Section 4.2.3 describes what happens in the case of a "breach of 
contract."  Perhaps that paragraph needs to folded in to the Negotiation section:

"When a Subscription Service is not able to send updates per its
     subscription contract, the Subscription must notify subscribers and
     put the subscription into a state of indicating the Subscription was
     suspended by the service.  When able to resume service, subscribers
     need to be notified as well.  If unable to resume service, the
     Subscription Service may terminate the subscription and notify
     Subscribers accordingly."
<Eric> Yes, this is paragraph 3 of Section 4.2.3.   I think you are suggesting we make more robust 
error/informational codes for a Suspended subscription, including giving parameters which might work to 
un-suspend.   The Subscriber could then attempt a "Modify Subscription" which would then have a 
chance to bring things back to "Active".   The hard part is knowing when to send these 
parameters when a suspension is very temporary due to short during overload conditions.  This will be 
especially difficult as many subscriptions could be suspended (and modifications synchronized) at the 
same time due to an transient overload event.

That would be ideal, but at its simplest, I am suggesting some of the wording in section 4.2.3 make it into the Negotiation section to be clear what would happen if negotiated attributes are no longer able to be maintained.


In section 4.2.5, is it needed to say that the mutual authn that exists between 
Subscriber and Subscription Service take into account the Publisher?  That is, 
as a Subscriber I would want to ensure that a given Subscription Service is 
actually providing data from a known, trusted Publisher.  I don't see any 
mention of Publishers in this section, and I would think there should be some 
in the case where the Subscription Service could be a broker.
<Eric>  This could be as simple as " Publisher and Subscription Service must 
maintain a secure relationship".   I have no problem adding that.

Works for me. I just think that aspect of secure interactions needs to be called out.


I like the fact that you have section 4.2.8.  It goes to the idea of built-in 
serviceability.  When you say, "fetch" is it envisioned that this data is 
exposed through another Subscription Service, or will there be other mechanisms to get at 
this?
<Eric> Why would this need to be a different Subscription Service?  I 
envisioned the same one.

So did I. I didn't think it was clear given the word "fetch." Perhaps you should state that these data must be available via the subscription service.

Joe

_______________________________________________
i2rs mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i2rs

Reply via email to