Stephen Farrell
2016-11-03 12:43:24 UTC
Stephen Farrell has entered the following ballot position for
draft-ietf-p2psip-share-09: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-p2psip-share/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
- General: this feels more like an experimental spec. If the
authors didn't object I think that'd be more appropriate.
- General: can these ACLs be resources to which access is
controlled via another of these ACLs? If so, then it seems like
there may be some nasty corner-cases where things get lost (so
nobody can change 'em in future) and I don't see how one might
recover from that. (Apologies if I'm just mixed up here, I read
this fairly quickly and didn't reload RELOAD into my little head
first;-)
- 3.1: 24 bits of collision resistance isn't many. I'm not clear
why that's ok
- 3.1, last para: SHA-1 isn't a good example really, SHA-256
would be better today.
- 5.3: Is the mapping to USER and DOMAIN from certificates
well-defined? It may be in RELOAD, I forget, sorry;-) It doesn't
seem to be well-defined here anyway.
draft-ietf-p2psip-share-09: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.
The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-p2psip-share/
----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------
- General: this feels more like an experimental spec. If the
authors didn't object I think that'd be more appropriate.
- General: can these ACLs be resources to which access is
controlled via another of these ACLs? If so, then it seems like
there may be some nasty corner-cases where things get lost (so
nobody can change 'em in future) and I don't see how one might
recover from that. (Apologies if I'm just mixed up here, I read
this fairly quickly and didn't reload RELOAD into my little head
first;-)
- 3.1: 24 bits of collision resistance isn't many. I'm not clear
why that's ok
- 3.1, last para: SHA-1 isn't a good example really, SHA-256
would be better today.
- 5.3: Is the mapping to USER and DOMAIN from certificates
well-defined? It may be in RELOAD, I forget, sorry;-) It doesn't
seem to be well-defined here anyway.