Re: [Ecrit] LoST Review - part 2

[Henning Schulzrinne <hgs at cs.columbia.edu>]

More comments on comments.

> >    For example, a UUID is a suitable format.  The 'version'
> > attribute is
> >    a positive integer that is incremented by one for each change in
> > the
> >    mapping.
>
> So if the difference between two records I happen to have is 4, there
> MUST have been that number of versions in between? It is unclear in
> this text as no MUST, SHOULD etc is in use if this increment of one
> is mandatory or not. Makes the protocol unclear and might lead to
> incompatible implementations.

I'm not sure why this matters. If a version exists only for a  
femtosecond, did it really exist, even though nobody could ever see  
it? Did the tree fall in the forest if nobody heard the sound?

What interoperability problem would you imagine?

I'm trying to avoid unnecessary text.



> You have an attack vector if someone manage to spoof a record into a
> cache with a version number that is extremely high. How large can
> this version number be?

It's an XML integer. I don't think restricting the range would  
ameliorate that problem since being able to pick something that is  
only modestly large would have the same effect. Longer-term, these  
mappings will be signed.

> > 5.2.  Time of Last Update: The 'lastUpdated' Attribute
> >
> >    The 'lastUpdated' attribute describes when the mapping was last
> >    changed.  The contents of this attribute is a timezoned XML type
> >    dateTime, in canonical representation.  The attribute is REQUIRED.
>
> Note that according to 3.2.7.2 of http://www.w3.org/TR/2001/REC-
> xmlschema-2-20010502/#dateTime (maybe I am looking at the wrong
> source) the canonical representation of a time is always in UTC, so
> the timezoned canonical version will always have 'Z' as the timezone
> indicator.
>
> This is what you want?

Yes, unless there's a better alternative. (We definitely don't want  
to express time zones, since they don't add any value here.)


> > 5.3.  Validity: The 'expires' Attribute
> >
> >    The 'expires' attribute contains the absolute time until which the
> >    mapping is to be considered valid.
>
> Does not "expires" contain the dateTime spec of when the mapping is
> changing state from valid to not valid? The text above to me seems to
> be the reverse.

This seems to be the same thing. It is valid until 'expires' arrives;  
I'll rephrase to use invalid.



> I think you should try to only use the terms "client" and "server"
> throughout the document when you talk about the protocol. We already
> know that a server can act as a proxy, and then act as a client.
>
> Try to not use the term "resolver". Experience from the DNS show it
> is a confusing term.

Please take a look at the architecture document, where these terms  
are defined, to see if they are sufficiently precise for our  
purposes. I'll avoid the terminology here, to avoid cross-references.  
As you say, they are probably not necessary here.


> Why is lang tag needed for the rendering? Because of alternate
> displayName elements with different lang tags?

Yes. For example, in Canada, the mapping would presumably return both  
the English and French version.

> >    A response can indicate the region for which the service URL
> > returned
> >    would be the same as in the actual query, the so-called _service
> >    region_.
>
> What is "can" in this sentence? What does that word imply? That it
> might not indicate the same region as in the actual query?

MAY; fixed.





_______________________________________________
Ecrit mailing list
Ecrit at ietf.org
https://www1.ietf.org/mailman/listinfo/ecrit