Hi Ben,
thanks for your comments. Please see inline.
On 01.11.2016 23:42, Ben Campbell wrote:
Ben Campbell has entered the following ballot position for
draft-ietf-p2psip-share-09: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-p2psip-share/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
I have a one set of substantive comments/questions, and some editorial
comments:
Substantive:
- I'm confused about the validation procedure. In step one, is this the
user name of the user attempting to write the resource? In step 5, I do
not understand how this terminates. Which ACL item is the "previously
selected" one. If that refers to the one selected in the last iteration
of steps 3 and 4, how do you know there are not more ACL items to iterate
through?
You are referring to 6.3 "validating writ access"?
In this case, you receive a store request along with a certificate. In
step 1, you resolve the user name of the requester, i.e., the user name
that corresponds to the certificate in the request.
... then you identify the user in the ACL and walk up the delegation
chain.
In step 5, you have arrived at the root of the delegation tree. This is
the case, when the to_user equals the signer equals the owner of the
resources (see see Figure 1). This is also how it terminates - the owner
of the resource is the root of the trust chain.
Editorial:
-1, first paragraph, first sentence: s/that/, which
-- recurring singular plural mismatch "resources with a variable name".
Thanks, fixed.
-1, 2nd paragraphs: "It transfers the authorization..."
What is the antecedent for "it"?
We meant the "trust delegation mechanism" - but it's ambiguous, you're
right. Changed to "...based on a trust delegation mechanism that
transfers the authorization .."
-3. First paragraph after numbered list, "user called Authorized Peer":
missing article.
Thanks, fixed.
-3.1, 3rd paragraph: Is the SHALL appropriate? Is an authorized user
actually required to access the array in the first place?
It says "If the data model of the Shared Resource is an array, each
Authorized..".
So the user is not required to use an array for sharing, but if an array
is used, write conflicts MUST not be produced.
- 6.5, first paragraph: Does the MAY grant permission, or is it a
statement of fact?
Good point. The actual statement means that users are enabled to do so.
So we replace the may by a "can".
-6.6, paragraphs 3 and 4: Are the MUSTs appropriate? Are there not other
(perhaps application specific) reasons one might choose not to write the
value?
I believe the MUST is correct: we're in a section that describes the
behavior of the storing peer. When receiving a store request, this peer
should not behave according to its own application semantic, but to the
common overlay rule.
-- 2nd paragraph from end: The MUST seems more like a statement of fact.
(E.g. "The resulting ... integer is used...")
Mhmm, I don't think so. These are all iterative decision steps: try
(a), then write ... otherwise try (b), then write ... +++ ... otherwise
refuse.
- 4.1, last paragraph: s/implementations/implementors
Thanks, fixed.
- 4.2, definition of res_name_ext: The sentence starting with "This name
serves..." is hard to parse.
O.K., changed to "This name is used by the storing peer for validating..."
-5.1, 4th paragraph (paragraph after example) : s/witch/which
Yep, this document was full of witches, but they have been banned now.
Cheers,
Thomas
--
Prof. Dr. Thomas C. Schmidt
° Hamburg University of Applied Sciences Berliner Tor 7 °
° Dept. Informatik, Internet Technologies Group 20099 Hamburg, Germany °
° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 °
° http://www.informatik.haw-hamburg.de/~schmidt Fax: +49-40-42875-8409 °
_______________________________________________
P2PSIP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/p2psip
