Hello, Stewart. The DTN WG chair has advised me to go ahead and post the next version of the bpbis draft, so version 22 is now available for your review. On the specific issues you bring up: - The [BPSEC] reference has been updated as you propose. - The allocation policy for the Block Processing Control Flags registry (10.4) and the Bundle Protocol URI Scheme Types registry (10.6) has been changed to Standards action, as the number of possible values is limited in both cases. For the other registries I didn't think we needed to be so exacting, as these values are integers of essentially unlimited length. - I think "as needed" is actually better, as it indicates that this more robust protection may be needed in some cases but not in others. - All occurrences of "bpsec" have been changed to "BPsec". - "namespace" has been changed to "registry in the Bundle Protocol Namespace" in sections 10.1 through 10.5, though on re-reading the updated text I notice that I missed this change in a few places; I'll make those corrections on the next iteration of the draft.
Scott -----Original Message----- From: dtn <dtn-boun...@ietf.org> On Behalf Of Stewart Bryant via Datatracker Sent: Friday, January 31, 2020 11:24 AM To: gen-art@ietf.org Cc: last-c...@ietf.org; draft-ietf-dtn-bpbis....@ietf.org; d...@ietf.org Subject: [EXTERNAL] [dtn] Genart telechat review of draft-ietf-dtn-bpbis-21 Reviewer: Stewart Bryant Review result: Ready with Issues I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please wait for direction from your document shepherd or AD before posting a new version of the draft. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-ietf-dtn-bpbis-21 Reviewer: Stewart Bryant Review Date: 2020-01-31 IETF LC End Date: None IESG Telechat date: 2020-02-06 Summary: This version is a major improvement on the version that I reviewed earlier. I thank the authors for addressing my earlier review comments. There are a number of minor issues that the authors ought to look at, particularly around IANA allocation policy. Major issues: None Minor issues: [BPSEC] Birrane, E., "Bundle Security Protocol Specification", Work In Progress, October 2015. SB> I think that this should be a reference to draft-ietf-dtn-bpsec ======= In Section 10.3 the allocation policy has been changed to Standards Action which seems wise given the size of the registry. However all the registries called up in 10.1..10.5 are all small and the authors ought to consider upgrading them of at least a portion of them to a higher bar than at present (they are specification required). Specification required can be met by a specification that is not even publicly accessible which can grab multiple entries. This is a dangerous position to leave small the registries of a Standards Track protocol. I have only checked the registries specifically addressed by this specification and the authors ought to check the other registries in the Bundle Protocol Namespace to see if any of them are also vulnerable. ======== Nits/editorial comments: Note that more robust protection of BP data integrity, as needed, SB> I that should be ….,if needed, ===== SB> Bpsec appears as BPsec and bpsec also the noun bpsec is not defined I assume you mean the BPsec protocol or mechanism or similar. ======= The current Bundle Block Types namespace is augmented SB> I think that strictly you should say: SB> The current Bundle Block Types registry in the Bundle Protocol SB> Namespace is augmented. This problem applies to the registries 10.2, 10.3, 10.4, and 10.5 _______________________________________________ dtn mailing list d...@ietf.org https://www.ietf.org/mailman/listinfo/dtn _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
