Thanks for the feedback Joel. Comments in-line.
Jim > -----Original Message----- > From: Joel M. Halpern [mailto:[EMAIL PROTECTED] > Sent: Friday, April 21, 2006 6:10 PM > To: Mary Barnes; gen-art@ietf.org > Cc: [EMAIL PROTECTED]; rddp@ietf.org > Subject: [rddp] Re: [Gen-art] IETF LC reviews: rddp security > andapplicability > > I was selected as General Area Review Team reviewer for this specification > (for background on Gen-ART, please see > http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html). > > (These reviews treat DDP and RDMAP as given, and do not comment > directly on those protocols.) > > RDDP/ RDMAP Security > Given the nature of RDDP, this document is a very good idea. I > am glad to see it. > This review does not check the completeness of the security > coverage. However, as a lay reader I am quite impressed. > > The document is ready for publication as an Informational RFC, > and probably ready as a Proposed Standard. > Personally, I would put the one IPSec requirement into the main > document, and consider the rest of the material to be in the category > of good advice. This is driven by the fact that the actual advice is > somewhere between difficult and impossible to observe on the wire. > > minor point: The last sentence of the introduction reads: > > If all recommended mitigations are in place the implemented usage > models, the RDMAP/DDP protocol can be shown to not expose any new > security vulnerabilities. > > Aside from the linguistic oddity of this sentence, it is unclear > what state is being compared. I.e., compared with what condition is > there an absence of new security vulnerabilities. (Presumably some > state other than "not communicating".) There are scattered other odd > English usages. [<jim>] Good point. Below is the suggested rewording to address your concerns, plus after rereading the section, it doesn't summarize the appendices (it does summarize all the other sections), so I add some informative text describing them just before this text. The appendices provide focused summaries of this specification. Section 11 Appendix A: ULP Issues for RDDP Client/Server Protocols focuses on implementers of traditional client/server protocols. Section 12 Appendix B: Summary of RNIC and ULP Implementation Requirements summarizes all normative requirements in this specification. Section 13 Appendix C: Partial Trust Taxonomy provides an abstract model for categorizing trust boundaries. If an RDMAP/DDP protocol implementation uses the mitigations recommended in this document, that implementation should not exhibit additional security vulnerabilities above and beyond those of an implementation of the transport protocol (i.e., TCP or SCTP) and protocols beneath it (e.g., IP) without RDMAP/DDP. > minor: In section 2.3.2, in describing three mechanisms, the text > refers to one mechanism (X) and one mechanism (Y and Z). It should > refer to two mechanisms (Y and Z). > [<jim>] Thanks. Fixed. > IDNits reports some references missing and some unused. > > [<jim>] Thanks. Reran and fixed the issues. Jim > RDMA/DDP Applicability: > Other than needing a good English language editor, this document > appears ready for publication as an Informational RFC. > An example of this is that the references ought to actually be > referenced in the body of the document. > > > > At 03:46 PM 4/13/2006, Mary Barnes wrote: > >Reviewer: Joel Halpern > > > >- 'DDP/RDMAP Security ' > > <draft-ietf-rddp-security-08.txt> as a Proposed Standard > >- 'Applicability of Remote Direct Memory Access Protocol (RDMA) and > >Direct Data > > Placement (DDP) ' > > <draft-ietf-rddp-applicability-05.txt> as an Informational RFC > > > >IETF LC ends on 2006-04-19. > > > >The file can be obtained via > >http://www.ietf.org/internet-drafts/draft-ietf-rddp-security-08.txt > >http://www.ietf.org/internet-drafts/draft-ietf-rddp-applicability-05.tx t > > > _______________________________________________ > rddp mailing list > rddp@ietf.org > https://www1.ietf.org/mailman/listinfo/rddp _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art