Hi, please see inline.
On 03.11.2016 13:43, Stephen Farrell wrote:
Stephen Farrell has entered the following ballot position for draft-ietf-p2psip-share-09: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-p2psip-share/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- - General: this feels more like an experimental spec. If the authors didn't object I think that'd be more appropriate.
Well authors hope(d) for this to serve as an enabling standard ...
- General: can these ACLs be resources to which access is controlled via another of these ACLs? If so, then it seems like there may be some nasty corner-cases where things get lost (so nobody can change 'em in future) and I don't see how one might recover from that. (Apologies if I'm just mixed up here, I read this fairly quickly and didn't reload RELOAD into my little head first;-)
No. The ACL is itself a shared resource owned by the initial creator that will have full rights as long as the resource (and the owner) exist. There is no way of disabling the owner.
- 3.1: 24 bits of collision resistance isn't many. I'm not clear why that's ok
This actually is meant for small numbers and the storing peer protects against collisions (see SecDir review).
- 3.1, last para: SHA-1 isn't a good example really, SHA-256 would be better today.
This is from Reload - we are not specifying overlay hash functions in this document.
- 5.3: Is the mapping to USER and DOMAIN from certificates well-defined? It may be in RELOAD, I forget, sorry;-) It doesn't seem to be well-defined here anyway.
Yes, certificate and usernames are held in correspondence by reload. Cheers, Thomas -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group 20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidt Fax: +49-40-42875-8409 ° _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
