Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Owen Friel \(ofriel\) wrote: > Thanks Esko, I just merged a PR to address these: > https://github.com/anima-wg/brski-cloud/issues/40 Thanks, Owen now posted -07: https://author-tools.ietf.org/iddiff?url1=draft-ietf-anima-brski-cloud-06=draft-ietf-anima-brski-cloud-07=--html -- Michael Richardson. o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Thanks Esko, I just merged a PR to address these: https://github.com/anima-wg/brski-cloud/issues/40 Thanks, Owen -Original Message- From: Anima On Behalf Of Esko Dijk Sent: Thursday, June 22, 2023 9:01 AM To: Sheng Jiang ; Brian E Carpenter ; Brian Carpenter ; Toerless Eckert Cc: anima-chairs ; anima Subject: Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward Hi Sheng, authors, I checked the new text vs the WGLC issues and confirm that these are resolved. Because there's new text being added; I've reviewed this as well. Below my findings. I would prefer if the WG could fix this as part of the WGLC work. ** Section 3.2 I can't fully follow the logic in Section 3.2 - it's unclear. Below is a proposal for improvement. There needs to be reference to [BRSKI] defined codes, and a particular code defined for the "owner cannot be determined" case because just using any 4xx/5xx code for that at the whim of the registrar implementer doesn't make sense to me. (The party implementing the cloud registrar may be another party than the one making the pledge code - interoperability plays a role here.) PROPOSED NEW TEXT: The cloud registrar must determine pledge ownership. Prior to ownership determination, the registrar checks the request for correctness and if it is unwilling or unable to handle the request, it MUST return a suitable 4xx or 5xx error response to the pledge as defined by [BRSKI] and HTTP. For example, in case of an unknown pledge a 404 is returned, for a malformed request 400 is returned, or in case of server overload 503. If the request is correct and the registrar is able to handle it, but unable to determine ownership, then it MUST return a 401 Unauthorized response to the pledge. This signals to the Pledge that there is currently no known owner domain for it, but that retrying later might resolve this situation. If the cloud registrar successfully determines ownership, then it MUST take one of the following actions: * return a suitable 4xx or 5xx error response (as defined by [BRSKI] and HTTP) to the pledge if the request processing failed for any reason * redirect the pledge to an owner register via 307 response code * issue a voucher and return a 200 response code ** Section 3.3 It seems that a section is missing on the Pledge side handling an "error response". For example, it could be just a sentence saying the "usual" HTTP error handling defined by [BRSKI] and HTTP applies. And that for the case of 401 Unauthorized the Pledge MAY retry at a later time. ** Nits "They operator the Registrar or EST Server" "which is addresses in part in" Best regards Esko -Original Message- From: Anima On Behalf Of Sheng Jiang Sent: Friday, June 16, 2023 05:17 To: Brian E Carpenter ; Brian Carpenter ; Toerless Eckert ; Esko Dijk Cc: anima-chairs ; anima Subject: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward Hi, Brian, Esko & Toerless, The authors has submitted a new version draft-ietf-anima-brski-cloud-06. In principle, this draft has passed ANIMA WGLC with the condition that your editional comments are addressed. Could you check and confirm? After your confirmation, the document shepherd and WG chair would like to move it forward. Regards, -- Sheng Jiang ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Esko Dijk wrote: > Because there's new text being added; I've reviewed this as well. Below > my findings. I would prefer if the WG could fix this as part of the > WGLC work. okay! https://github.com/anima-wg/brski-cloud/issues/40 -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- *I*LIKE*TRAINS* signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Hi Sheng, authors, I checked the new text vs the WGLC issues and confirm that these are resolved. Because there's new text being added; I've reviewed this as well. Below my findings. I would prefer if the WG could fix this as part of the WGLC work. ** Section 3.2 I can't fully follow the logic in Section 3.2 - it's unclear. Below is a proposal for improvement. There needs to be reference to [BRSKI] defined codes, and a particular code defined for the "owner cannot be determined" case because just using any 4xx/5xx code for that at the whim of the registrar implementer doesn't make sense to me. (The party implementing the cloud registrar may be another party than the one making the pledge code - interoperability plays a role here.) PROPOSED NEW TEXT: The cloud registrar must determine pledge ownership. Prior to ownership determination, the registrar checks the request for correctness and if it is unwilling or unable to handle the request, it MUST return a suitable 4xx or 5xx error response to the pledge as defined by [BRSKI] and HTTP. For example, in case of an unknown pledge a 404 is returned, for a malformed request 400 is returned, or in case of server overload 503. If the request is correct and the registrar is able to handle it, but unable to determine ownership, then it MUST return a 401 Unauthorized response to the pledge. This signals to the Pledge that there is currently no known owner domain for it, but that retrying later might resolve this situation. If the cloud registrar successfully determines ownership, then it MUST take one of the following actions: * return a suitable 4xx or 5xx error response (as defined by [BRSKI] and HTTP) to the pledge if the request processing failed for any reason * redirect the pledge to an owner register via 307 response code * issue a voucher and return a 200 response code ** Section 3.3 It seems that a section is missing on the Pledge side handling an "error response". For example, it could be just a sentence saying the "usual" HTTP error handling defined by [BRSKI] and HTTP applies. And that for the case of 401 Unauthorized the Pledge MAY retry at a later time. ** Nits "They operator the Registrar or EST Server" "which is addresses in part in" Best regards Esko -Original Message- From: Anima On Behalf Of Sheng Jiang Sent: Friday, June 16, 2023 05:17 To: Brian E Carpenter ; Brian Carpenter ; Toerless Eckert ; Esko Dijk Cc: anima-chairs ; anima Subject: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward Hi, Brian, Esko & Toerless, The authors has submitted a new version draft-ietf-anima-brski-cloud-06. In principle, this draft has passed ANIMA WGLC with the condition that your editional comments are addressed. Could you check and confirm? After your confirmation, the document shepherd and WG chair would like to move it forward. Regards, -- Sheng Jiang ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Brian E Carpenter wrote: > Now draft-ietf-lamps-rfc7030-csrattrs is a downref, which needs to be > mentioned in the shepherd's write-up. It's unstuck as of yesterday. I think it could be WGLC by the end of the summer. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- *I*LIKE*TRAINS* signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
Re: [Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Hi Sheng, I checked, and all the points in my review last November are covered. Thank you to the authors. Now draft-ietf-lamps-rfc7030-csrattrs is a downref, which needs to be mentioned in the shepherd's write-up. Regards Brian On 16-Jun-23 15:16, Sheng Jiang wrote: Hi, Brian, Esko & Toerless, The authors has submitted a new version draft-ietf-anima-brski-cloud-06. In principle, this draft has passed ANIMA WGLC with the condition that your editional comments are addressed. Could you check and confirm? After your confirmation, the document shepherd and WG chair would like to move it forward. Regards, -- Sheng Jiang ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
[Anima] Moving draft-ietf-anima-brski-cloud-06 forward
Hi, Brian, Esko & Toerless, The authors has submitted a new version draft-ietf-anima-brski-cloud-06. In principle, this draft has passed ANIMA WGLC with the condition that your editional comments are addressed. Could you check and confirm? After your confirmation, the document shepherd and WG chair would like to move it forward. Regards, -- Sheng Jiang ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
