First, sorry for the delay in reviewing this -- I'm recovering from
pneumonia and so it took longer than it should have.
I do have a few comments that I’d like addressed
before I start IETF LC — addressing these now will avoid
issues later in the process.
I believe that all my comments are editorial, and should be easy fixes.
Please explicitly let me know once you've posted a new version, just
to make sure it doesn't slip through the cracks.
Warren.
-------
1. Introduction
The Internet has largely been constructed on general purpose
computers; those devices that may be used for a purpose that is
[O] computers;
[P] computers:
[R] punctuation
specified by those who buy the device.
...
Let us then posit a group of objects that are
specifically NOT general purpose computers. These devices have a
purpose to their use. By definition, therefore, all other purposes
[O] purpose to their use.
[P] specific purpose to their use.
[R] clarity / continuity with previous
are NOT intended.
...
We use the notion of "manufacturer" loosely in this context, to
simply mean the entity or organization that will state how a device
[O] context, to simply mean
[P] context to refer to
[R] clarity and grammar
is intended to be used.
...
The key points are that the device itself is expected
to serve a limited purpose, and that there may exist an organization
in the supply chain of that device that will take responsibility for
informing the network about that purpose.
The intent MUD is to solve for the following problems:
[O] intent MUD
[P] intent of MUD
[R] grammar
In this specification we describe each of these building blocks and
how they are intended to be used together. However, they may also be
used separately, independent of this specification by local
[O] independent of this specification
[P] independent of this specification,
[R] grammar
deployments for their own purposes.
1.1. What MUD doesn't do
...
How they are instantiated
locally will depend on many factors, and is ultimately up to the
[O] factors,
[P] factors
[R] grammar
local network administrator, who must decide what is appropriate in a
given circumstances.
1.2. A Simple Example
A light bulb is intended to light a room. It may be remotely
controlled through the network; and it may make use of a rendezvous
[O] network;
[P] network,
[R] grammar
service of some form that an app on smart phone accesses.
1.3. Determining Intended Use
...
Profiling systems that make use of heuristics to
identify types of systems have existed for years as well.
A Thing could just as easily tell the network what sort of protection
[O] protection
[R] protection? Or access?
it requires without going into what sort of system it is.
1.4. Finding A Policy: The MUD URL
...
The IEEE has developed [IEEE8021AR] that provides a
certificate-based approach to communicate device characteristics,
which itself relies on [RFC5280].
[C]: "that provides" or "which provides"?
...
In these cases, manufacturers may be able to map those
identifies to particular MUD URLs (or even the files themselves).
[O] indentifies
[P] indentifiers
[R] I think this is what was meant. Or perhaps identities?
1.5. Types of Policies
...
For example:
Allow access to devices of the same manufacturer
Allow access to and from controllers via COAP
[O] via COAP
[R] Please expand COAP, it's not well known.
To add a bit more depth that should not be a stretch of anyone's
imagination, one could also make use of port-based access lists.
[O] that should not be a stretch of anyone's imagination
[R] I don't think this phrase makes sense in this context, or at least
it sounded odd to me.
...
While the policy examples given here focus on access control, this is
not intended to be the sole focus. By structuring the model
described in this document with clear extension points, so that other
[O] , so that other
[P], other
[R] readability
descriptions could be included.
...
The "manufacturer" classes can be easily specified by the
manufacturer, whereas controller classes are initially envisioned to
be specified by the administrator.
Because manufacturers do not know who will be using their devices, it
is important for functionality referenced in usage descriptions to be
relatively ubiquitous, and mature. For these reasons only a limited
[O] ubiquitous, and mature
[P] ubiquitous and mature
[R] grammar
subset YANG-based configuration of is permitted in a MUD file.
1.6. Terminology
...
After it has processed a MUD file it may
[O] After it has processed a MUD file it may
[P] After it has processed a MUD file, it may
[R] grammar
direct changes to relevant network elements.
...
1.7. The Manufacturer Usage Description Architecture
With these components laid out we now have the basis for an
archicture. This leads us to ASCII art.
[O] archicture
[P] architecture
[R] spelling / typo.
...
The web site is typically run by or on behalf of the manufacturer.
Its domain name is that of the authority found in the MUD URL. For
legacy cases where Things cannot emit a URL, if the switch is able to
determine the appropriate URL, it may proxy it, the trivial cases
being a map between some registered Thing or port and a URL.
[O] the trivial cases
being a map between some registered Thing or port and a URL.
[R] cannot parse this part of the sentence.
...
Communication within those systems and from those systems to
network elements is beyond the scope of this memo.
[O] memo
[P] document -- either is allowed, this is just a pet peeve of mine,
so I always point it out. Feel free to ignore :-)
2. The MUD Model and Semantic Meaning
...
To provide the widest possible deployability, publishers of MUD files
SHOULD make use of the abstractions in this memo and avoid the use of
[O] memo
[P] document - as above :-p Also, is 'deployability' a real word now?
MW doesn't seems to think so, nor does OE.
...
Furthermore, only or "accept" or "drop" actions SHOULD be included.
[O] only or
[P] only
[R] either we are missing a word before “or,” or or is not needed
3.4. is-supported
This boolean is an indication from the manufacturer to the network
administrator as to whether or not the Thing is supported. In this
context a Thing is said to NOT be supported if the manufacturer
intends never to issue an update to the Thing or never update the MUD
file. A MUD controller MAY still peridocally check for updates.
[O] peridocally
[P] periodically
[R] spelling
----
Thanks again,
W
--
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
---maf
_______________________________________________
OPSAWG mailing list
OPSAWG@ietf.org
https://www.ietf.org/mailman/listinfo/opsawg
