> On Feb 14, 2018, at 7:45 PM, Michael Richardson <mcr+i...@sandelman.ca> wrote: > > > Toerless Eckert <t...@cs.fau.de> wrote: >> 1.2) Terminology: > >> a) vendor vs. manufacturer. > >> The document uses 48 times "vendor" and 13 times "manufacturer". Please >> revisit this: If there is a clear reason when/why to use vendor and when/why >> to use the term "manufacturer", then please put these explanations into >> terminology. Otherwise maybe eliminate "vendor". > > Ha. Good catch. > I'm pretty sure we want to say manufacturer consistently. > The IETF has often talked about vendors rather than manufacturers, so this > might cause some confusion. Let's go ahead with this and see what confusion > we cause. > > There is a distinction between vendor (which generally includes VARs) and > OEMs. > >> For example: Abstract: "using vendor installed X.509 certificate" ... >> "vendor's authorizing service". This latter one definitely seems to be >> wrong (MASA = "manufacturer authorizied..., not vendor). > > I've also condensed a number of cases like you noticed: > "vendor authorized MASA service" ==> MASA > > I am concerned that we might lose some subtly between the entity that sold > the device to the customer, and the entity that signs the vouchers. > We used the term MASA specifically because we were sure that the service > would be outsourced by many manufacturers. > >> b) Key infrastructure > >> There is no definition/reference for this term. Please describe on >> first use and in terminology. Is there a difference >> between "key infrastructure" and "keying material" ? If not, then >> maybe remove one term otherwise pls. describe difference. > > The term is in the title and in section 1. > And you are right that it does not appear again, nor is it defined. > I think it generally refers to the mechanism of PKI, but I'm not sure what to > do.
An “infrastructure” is the basic entities and protocols necessary for the operations of key management. I think it comes from the common language term and can’t find a normative definition within IETF document. As a native english speaker who has used the concept in IETF interactions for eons it feels silly to try and define it. Odd. Key management itself is defined in RFC4949, although ironically a “public key infrastructure” or “key infrastructure” is not defined. "Keying material" is defined in RFC4949. - max > >> c) (terminology) MASA definition: "A third-party Manufacturer...". Why >> "third-party" ? >> who are the first two parties ? If this is only slang and we can't explain >> who the >> first two parties are, delete "third-party" ? > > Fixed... The first party is the Pledge and manufacturer. > The second party is the Domain Owner. > The third party is the entity running the MASA, which may not be the > manufacturer. > >> d) "Domain Registrar" vs. "Join Registrar", JRC. Especially because the text >> mostly >> uses "Domain Registrar" and very seldom "Join Registar". > > Yes, because we agreed that the term across WGs would be JRC, and we say > in the terminology that we shorten it to Registrar. We say "Domain > Registrar" because we want to link it to the PKI concept of a Registration > Authority (RA). > >> JRC is used in exactly three places in the draft. I also can not find on >> www.google.com >> or wikipedia any example of "The term JRC is used in common with other >> bootstrap >> mechanisms" as the Terminology claims. Either provide a non-anima reference >> for the >> use of that term or eliminate it in the document. > > We agreed to use common terms. > It was a thread on ANIMA and 6tisch a year ago. > I can't get mailarchive to find it for me... > Ah, I see because "JRC" was never used contracted in that thread. > https://mailarchive.ietf.org/arch/msg/anima/iotBM0-kxsIB66t8hBo4XUtZLag > > As long as they Informative references. > https://tools.ietf.org/html/draft-ietf-6tisch-architecture-13#section-6.1 > https://tools.ietf.org/html/draft-ietf-6tisch-terminology-09 > (yes, expired, but not forgotten, just not a priority) > >> e) Voucher >> - misses ":" after term. >> - please change "statement" to "artifact" so the terminology aligns with >> both voucher >> draft and voucher-request text which also uses artifact. See also section 2.2 >> where you use "cryptographically protected" instead of "signed" and figure >> out >> which term you want to use in all cases (hint: signed). > > I've changed it to: > <t>A voucher is a cryptographically protected artifact (a digital signature) > to the Pledge > > I feel that we need to say it's cryptographically signed at least once. > >> f) IMPORTANT: Please add/define the term "ANI" > >> ANI - "Autonomic Network Infrastructure". Systems that support both BRSKI and >> Autonomic Control plane - ACP ([I-D.ietf-anima-autonomic-control-plane]). ANI >> systems (pledges, proxies, registrar) have specific requirements detailled in >> the document. > > <t hangText="ANI:">The Autonomic Network Infrastructure as > defined by <xref target="I-D.ietf-anima-autonomic-control-plane" > />. This document details specific requirements for pledges, > proxies and registrars when they are part of an ANI.</t> > > Does this work for you? > >> Without this term we can not nail down the explicit requirements against >> ANI Pledges, Proxies, Registrars that we need from the document (and >> distinguish >> from requirements against any non-ANI adaptation of BRSKI). I added according >> comments into other parts of the doc. > >> g) Please replace "MASA server" with "MASA service" everywhere. > > I prefer to just say "MASA" actually. > Are you okay with that? > > Let me wrap up here for the moment so you can see the edits and > I'll reply to the rest as Max and I digest it. It's a lot of comments. > I'd like to push an -11 (if only to fix email for M. Behringer). > > https://github.com/anima-wg/anima-bootstrap/pull/42 > > https://github.com/anima-wg/anima-bootstrap/pull/42/commits/cb7af66344ad709aaf70287a40fa13a67bbf601c > > > -- > Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works > -= IPv6 IoT consulting =- > > > > _______________________________________________ > Anima mailing list > Anima@ietf.org > https://www.ietf.org/mailman/listinfo/anima _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
