draft-ietf-savi-framework-05.txt
This document is a high level framework for SAVI and references a
number of other documents. As such, I think, that the Security
Considerations section is probably of adequate depth. However, there
are a number of wording problems, both clarity and grammar, that I
believe should be fixed, particularly in the Security Consideration
section (Section 10) where there is one sentence I really didn't
understand. See below.
Also, as an Information document, it cannot have Normative References
and all such should be reclassified as Informative.
In the first sentence of the last paragraph of Section 3.1, it is a
bit hard to tell that "single" is supposed to modify "method" rather
ant "IP Address". I suggest replacing "each single IP address
configuration method" with "each single method for IP address
configuration individually". Unless, of course, I am more confused
by this document than I think and "single" was supposed to modify
"IP Address".
Section 3.2, first bullet, suggest adding a reference to RFC 5342.
Section 7, second setence has problems. Suggest replacing with "This
document suggests 3 prefix configuration mechanisms for SAVI
devices:".
Section 7, first bullet, the acronym SLACC is used without
definition or reference. Since it is only used twice, both instances
being in this bullet, I suggest it bet spelled out in full.
Section 7, first bullet item, what does "feasible" mean? Should "a
feasible" by reaplced with "an allowed"?
Section 7, second bullet item, the acronym RA is used without
definition or reference. Since it is only used twice, both instances
being in this bullet, I suggest it bet spelled out in full.
Section 7, third bullet item, the acronym DHCP-PD is used without
defintion or reference. Since it is only used twice, both instances
being in this bullet, I suggest it bet spelled out in full (not
"DHCP", just "PD").
Section 7, last sentence: the word "present" seems to be used in the
sense of displaying to someone. How and to whom is this
presentation?
Section 10: I was a bit befuddled by the sentence "Besides, the
binding may not accord with the address management requirement,
which can be more specified for each client." The word "client" is
used nowhere else in this document. What does this sentence mean and
to what does "client" refer?
Smaller Nits:
People will probably figure it out but the first occurrence of
Source Address Validation Improvement in the Introduction (and
Abstract) should be followed by "(SAVI)".
In the first sentence of Section 3.1, I would replace "traces" with
"monitors" or "snoops". (The word "snoop" is used elsewhere in the
document.)
Section 5, third bullet, "in hosts to communicate" -> "in hosts
communicating".
Section 6, first paragraph, last sentence, "in mix scenario" -> "in
this mixed scenario".
Section 6, second paragraph, last three sentences have
problems. Suggest "Current address assignment method standards
documents have implied a prioritized relationship in general
cases. However, in some scenarios, the default prioritizing may not
be suitable. Configurable prioritization levels should be supported
in a SAVI solution for the mixed scenario."
Section 7, next to last sentence/paragraph, "is" -> "are" and insert
"the" after "implies".
Section 10, last sentence, suggest replacing with "Cryptographically
based authentication is the only way to meet a requirement for
strong security of IP addresses."
Thanks,
Donald
=============================
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
155 Beaver Street, Milford, MA 01757 USA
d3e3e3(_at_)gmail(_dot_)com
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf