Location Configuration Extensions for Policy Management
draft-ietf-geopriv-policy-uri-07
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2014-04-22
|
07 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2014-04-02
|
07 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2014-03-26
|
07 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2014-03-26
|
07 | (System) | RFC Editor state changed to RFC-EDITOR from IANA |
2014-03-25
|
07 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2014-03-25
|
07 | (System) | IANA Action state changed to Waiting on Authors from On Hold |
2014-03-04
|
07 | (System) | RFC Editor state changed to IANA from EDIT |
2014-02-14
|
07 | (System) | RFC Editor state changed to EDIT from MISSREF |
2014-01-27
|
07 | Richard Barnes | Ballot writeup was changed |
2014-01-23
|
07 | Richard Barnes | Ballot writeup was changed |
2014-01-23
|
07 | Richard Barnes | Shepherding AD changed to Richard Barnes |
2012-10-09
|
07 | (System) | IANA Action state changed to On Hold from In Progress |
2012-10-09
|
07 | (System) | IANA Action state changed to In Progress |
2012-10-09
|
07 | Amy Vezza | State changed to RFC Ed Queue from Approved-announcement sent |
2012-10-08
|
07 | Cindy Morgan | State changed to Approved-announcement sent from IESG Evaluation::AD Followup |
2012-10-08
|
07 | Cindy Morgan | IESG has approved the document |
2012-10-08
|
07 | Cindy Morgan | Closed "Approve" ballot |
2012-10-08
|
07 | Cindy Morgan | Ballot approval text was generated |
2012-10-08
|
07 | Robert Sparks | [Ballot Position Update] Position for Robert Sparks has been changed to Yes from Discuss |
2012-10-04
|
07 | Richard Barnes | New version available: draft-ietf-geopriv-policy-uri-07.txt |
2012-09-20
|
06 | Richard Barnes | New version available: draft-ietf-geopriv-policy-uri-06.txt |
2012-09-20
|
05 | Robert Sparks | [Ballot discuss] Holding a discuss while the changes in -05 are verified with the WG |
2012-09-20
|
05 | Robert Sparks | [Ballot Position Update] Position for Robert Sparks has been changed to Discuss from Yes |
2012-09-20
|
05 | Stephen Farrell | [Ballot Position Update] Position for Stephen Farrell has been changed to No Objection from Discuss |
2012-09-19
|
05 | Richard Barnes | New version available: draft-ietf-geopriv-policy-uri-05.txt |
2011-12-16
|
04 | Stephen Farrell | [Ballot comment] - Just adding 32 random bits to the mix might not be enough if you have ~ 2^32 clients. Worth noting? - 2^(N/2)/T … [Ballot comment] - Just adding 32 random bits to the mix might not be enough if you have ~ 2^32 clients. Worth noting? - 2^(N/2)/T is likely to be error-prone. One more set of parenthesis would be good. (used to be discuss point #8 but shouldn't have been) Why not acually define a good policy URI generation function rather than give all these partial hints? I don't even necessarily mean as a MTI but rather as a good example of how to do it. |
2011-12-16
|
04 | Stephen Farrell | [Ballot discuss] #1 Intro para 2 says that the deref protocol provides a PEP, but just having read it, it doesn't, except for in that … [Ballot discuss] #1 Intro para 2 says that the deref protocol provides a PEP, but just having read it, it doesn't, except for in that very very limited sense of supporting authorization-by-possession. So the claim seems wrong. I'd say just removing the claim is easiest. (I guess I agree with Tobias' Apps area review points being a discuss, so... I've broken the overall points down into a number of specific things below, hopefully that'll help get 'em sorted quicker.) #2 Why even allow HTTP URIs? Why not insist on HTTPS for this? geopriv-deref does (almost correctly) insist on use of TLS so it seems illogical for this to be more open. In any case, the same choices would be best for both of these specs I think wrt TLS usage. #3 For the case where a policy URI is a "shared secret," what TLS server auth settings are required to be used? Would it be good to say the client MUST NOT offer TLS_*_anon_* ciphersuites in the client hello? #4 Saying the policy server SHOULD allow all requests (3.1 2nd para) seems unwise. It may be reasonable to allow for the URI-is-secret model, but I don't get why you want to prevent anything more? (That's how I interpret the SHOULD.) Saying (at the end of section 3) that a new policy URI MUST be generated whenever a new location URI set if generated also seems to work against any other (better;-) kind of authorization. #5 Assuming URIs remain secret seems problematic. Is there evidence that the confidentiality of these URIs can be maintained really? #6 Describing the policy URI as a shared secret doesn't seem to be enough. I think you need to say that it MUST be a practically unguessable shared secret, even if I have seen many such URIs. The DHCP option in 4.2 means that anyone can I guess get the server to emit loads of policy URI values. #7 Why is it reasonable to have a default of making location available (to possessor's of the URI)? Couldn't that be dangerous in conjunction with some other defaults (e.g. some other protocol might default to including a location URI in a message), or is there somewhere in geopriv where it says that the overall default is that location information has to be denied by default? #8 cleared see comment #9 What is the argument that 2^32 unique policy URIs is a big enough number? #10 (2^(N/2))/T is meant to restrict an unlimited attacker to one successful guess per T seconds? Is that correct and the intent? Be better to explain your logic there. If that is the intent, I don't see why its considered a good thing. (Be fun to sse if my arithmetic is screwed up there or not;-) #11 What are the likely values of T that will be used? It seems odd to only introduce a lifetime value like this at this point. Maybe you mean that T is some value derived from system behaviour rather than a parameter? If the former, then is it reasonable to expect the rate limiting enforcement function to have that number available to it? |
2011-12-15
|
04 | Cindy Morgan | Removed from agenda for telechat |
2011-12-15
|
04 | Cindy Morgan | State changed to IESG Evaluation::AD Followup from IESG Evaluation. |
2011-12-15
|
04 | Cindy Morgan | Ballot writeup text changed |
2011-12-15
|
04 | Gonzalo Camarillo | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-15
|
04 | Sean Turner | [Ballot comment] I'm with Stephen and Jari on this one and definitely support Stephen's discuss. This really feels like security through obscurity, but if I … [Ballot comment] I'm with Stephen and Jari on this one and definitely support Stephen's discuss. This really feels like security through obscurity, but if I let you see mine then you can be me for while. |
2011-12-15
|
04 | Sean Turner | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-15
|
04 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-15
|
04 | Jari Arkko | [Ballot discuss] I will probably clear this after some discussion in the IESG tonight, and let Stephen hold his Discuss (item #5 in particular). However, … [Ballot discuss] I will probably clear this after some discussion in the IESG tonight, and let Stephen hold his Discuss (item #5 in particular). However, I am concerned that the document provides an authorization-by-possession model for clients to access their policies, delivers the policy URLs in the same DHCP and XML structures as other location URLs, and also acknowledges that there is a legitimate need for other entities to access policies: This document does not describe how policy might be provided to entities other than for location configuration, for example, in responses to dereferencing requests [I-D.ietf-geopriv-deref-protocol] or requests from third parties [RFC6155]. I predict that policy URLs will be leaked, intentionally, to those who need them, and that this will lead to security issues down the road. Is there something that we could do about this? |
2011-12-15
|
04 | Jari Arkko | [Ballot Position Update] New position, Discuss, has been recorded |
2011-12-14
|
04 | Wesley Eddy | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-14
|
04 | Ron Bonica | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-13
|
04 | Ralph Droms | [Ballot Position Update] Position for Ralph Droms has been changed to No Objection from Discuss |
2011-12-13
|
04 | Ralph Droms | [Ballot discuss] idnits reports a Normative downref to the Informational RFC 2818. It doesn't appear that the downref was announced in the IETF last … [Ballot discuss] idnits reports a Normative downref to the Informational RFC 2818. It doesn't appear that the downref was announced in the IETF last call. |
2011-12-13
|
04 | Ralph Droms | [Ballot Position Update] New position, Discuss, has been recorded |
2011-12-13
|
04 | Peter Saint-Andre | [Ballot comment] I concur with the DISCUSS position of Stephen Farrell. Why does this specification use the term "Internet host" instead of the term "Target" … [Ballot comment] I concur with the DISCUSS position of Stephen Farrell. Why does this specification use the term "Internet host" instead of the term "Target" from RFC 3693? Consistency across this suite of documents would be good. It would be helpful to cite RFC 3693 and RFC 5808 in Section 2. In Section 4.1, the schema references "urn:ietf:params:xml:ns:geopriv:held:policy" but that namespace is never used in the schema definition. In the examples, it would be helpful to point to the specifications that define the various data structures (i.e., the "urn:ietf:params:xml:ns:geopriv:held", "urn:ietf:params:xml:ns:common-policy", and "urn:ietf:params:xml:ns:geolocation-policy" namespaces). The second block of XML in Section 5.3 never defines the gp: prefix (i.e., you need to add xmlns:gp="urn:ietf:params:xml:ns:geolocation-policy" to the root element). |
2011-12-13
|
04 | Peter Saint-Andre | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-13
|
04 | Pete Resnick | [Ballot comment] Please consider the review of Tobias Gondrom . I will defer to the expertise of the Security ADs to consider whether the issues … [Ballot comment] Please consider the review of Tobias Gondrom . I will defer to the expertise of the Security ADs to consider whether the issues he points out are worthy of DISCUSSion, but I have not seen a public reply to his message. [Updated to add:] I note from the writeup that there are no implementations of this. I also note that geopriv-policy is given as an example of what might be used as a policy document in addition to the others. Is my suspicion correct that, in fact, down the road geopriv-policy will be the *predominant* use of this URI? If so, is it not worth holding this document until that one is completed? I suspect it will end up a lot shorter if it could talk in terms of an actual GEOPRIV policy document and use the others only as examples. (I see no need to hold a DISCUSS position on this, as I think there is no harm in publishing this first, but I would like to hear from the authors/chair/WG as to what the reasoning was.) |
2011-12-12
|
04 | Stephen Farrell | [Ballot comment] - Just adding 32 random bits to the mix might not be enough if you have ~ 2^32 clients. Worth noting? - 2^(N/2)/T … [Ballot comment] - Just adding 32 random bits to the mix might not be enough if you have ~ 2^32 clients. Worth noting? - 2^(N/2)/T is likely to be error-prone. One more set of parenthesis would be good. |
2011-12-12
|
04 | Stephen Farrell | [Ballot discuss] #1 Intro para 2 says that the deref protocol provides a PEP, but just having read it, it doesn't, except for in that … [Ballot discuss] #1 Intro para 2 says that the deref protocol provides a PEP, but just having read it, it doesn't, except for in that very very limited sense of supporting authorization-by-possession. So the claim seems wrong. I'd say just removing the claim is easiest. (I guess I agree with Tobias' Apps area review points being a discuss, so... I've broken the overall points down into a number of specific things below, hopefully that'll help get 'em sorted quicker.) #2 Why even allow HTTP URIs? Why not insist on HTTPS for this? geopriv-deref does (almost correctly) insist on use of TLS so it seems illogical for this to be more open. In any case, the same choices would be best for both of these specs I think wrt TLS usage. #3 For the case where a policy URI is a "shared secret," what TLS server auth settings are required to be used? Would it be good to say the client MUST NOT offer TLS_*_anon_* ciphersuites in the client hello? #4 Saying the policy server SHOULD allow all requests (3.1 2nd para) seems unwise. It may be reasonable to allow for the URI-is-secret model, but I don't get why you want to prevent anything more? (That's how I interpret the SHOULD.) Saying (at the end of section 3) that a new policy URI MUST be generated whenever a new location URI set if generated also seems to work against any other (better;-) kind of authorization. #5 Assuming URIs remain secret seems problematic. Is there evidence that the confidentiality of these URIs can be maintained really? #6 Describing the policy URI as a shared secret doesn't seem to be enough. I think you need to say that it MUST be a practically unguessable shared secret, even if I have seen many such URIs. The DHCP option in 4.2 means that anyone can I guess get the server to emit loads of policy URI values. #7 Why is it reasonable to have a default of making location available (to possessor's of the URI)? Couldn't that be dangerous in conjunction with some other defaults (e.g. some other protocol might default to including a location URI in a message), or is there somewhere in geopriv where it says that the overall default is that location information has to be denied by default? #8 Why not acually define a good policy URI generation function rather than give all these partial hints? I don't even necessarily mean as a MTI but rather as a good example of how to do it. #9 What is the argument that 2^32 unique policy URIs is a big enough number? #10 (2^(N/2))/T is meant to restrict an unlimited attacker to one successful guess per T seconds? Is that correct and the intent? Be better to explain your logic there. If that is the intent, I don't see why its considered a good thing. (Be fun to sse if my arithmetic is screwed up there or not;-) #11 What are the likely values of T that will be used? It seems odd to only introduce a lifetime value like this at this point. Maybe you mean that T is some value derived from system behaviour rather than a parameter? If the former, then is it reasonable to expect the rate limiting enforcement function to have that number available to it? |
2011-12-12
|
04 | Stephen Farrell | [Ballot Position Update] New position, Discuss, has been recorded |
2011-12-12
|
04 | Russ Housley | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-12
|
04 | Robert Sparks | State changed to IESG Evaluation from Waiting for AD Go-Ahead. |
2011-12-12
|
04 | Adrian Farrel | [Ballot Position Update] New position, No Objection, has been recorded |
2011-12-12
|
04 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call. |
2011-12-11
|
04 | Pete Resnick | [Ballot comment] Please consider the review of Tobias Gondrom . I will defer to the expertise of the Security ADs to consider whether the issues … [Ballot comment] Please consider the review of Tobias Gondrom . I will defer to the expertise of the Security ADs to consider whether the issues he points out are worthy of DISCUSSion, but I have not seen a public reply to his message. |
2011-12-11
|
04 | Pete Resnick | [Ballot Position Update] New position, No Objection, has been recorded |
2011-11-30
|
04 | Jean Mahoney | Assignment of request for Telechat review by GENART to Suresh Krishnan was rejected |
2011-11-30
|
04 | David Black | Request for Last Call review by GENART Completed. Reviewer: David Black. |
2011-11-30
|
04 | David Black | Request for Last Call review by GENART Completed. Reviewer: David Black. |
2011-11-29
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2011-11-29
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2011-11-29
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2011-11-29
|
04 | Jean Mahoney | Request for Last Call review by GENART is assigned to David Black |
2011-11-28
|
04 | Amy Vezza | Last call sent |
2011-11-28
|
04 | Amy Vezza | State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (Location Configuration Extensions for Policy Management) to Proposed Standard The IESG has received a request from the Geographic Location/Privacy WG (geopriv) to consider the following document: - 'Location Configuration Extensions for Policy Management' as a Proposed Standard This is a second last call to verify a change in intended status from Informational to Proposed Standard. The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2011-12-12. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Current location configuration protocols are capable of provisioning an Internet host with a location URI that refers to the host's location. These protocols lack a mechanism for the target host to inspect or set the privacy rules that are applied to the URIs they distribute. This document extends the current location configuration protocols to provide hosts with a reference to the rules that are applied to a URI, so that the host can view or set these rules. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-geopriv-policy-uri/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-geopriv-policy-uri/ No IPR declarations have been submitted directly on this I-D. |
2011-11-28
|
04 | Robert Sparks | Last Call was requested |
2011-11-28
|
04 | Robert Sparks | State changed to Last Call Requested from IESG Evaluation. |
2011-11-28
|
04 | Robert Sparks | Last Call text changed |
2011-11-28
|
04 | Robert Sparks | Telechat date has been changed to 2011-12-15 from 2011-12-01 |
2011-11-28
|
04 | Robert Sparks | Intended Status has been changed to Proposed Standard from Informational |
2011-11-28
|
04 | (System) | New version available: draft-ietf-geopriv-policy-uri-04.txt |
2011-11-28
|
04 | Stewart Bryant | [Ballot Position Update] New position, No Objection, has been recorded |
2011-11-24
|
04 | Samuel Weiler | Request for Telechat review by SECDIR is assigned to Scott Kelly |
2011-11-24
|
04 | Samuel Weiler | Request for Telechat review by SECDIR is assigned to Scott Kelly |
2011-11-17
|
04 | Jean Mahoney | Request for Telechat review by GENART is assigned to Suresh Krishnan |
2011-11-17
|
04 | Jean Mahoney | Request for Telechat review by GENART is assigned to Suresh Krishnan |
2011-11-16
|
04 | Robert Sparks | State changed to IESG Evaluation from Waiting for AD Go-Ahead. |
2011-11-16
|
04 | Robert Sparks | Setting stream while adding document to the tracker |
2011-11-16
|
04 | Robert Sparks | Stream changed to IETF from IETF |
2011-11-16
|
04 | Robert Sparks | Placed on agenda for telechat - 2011-12-01 |
2011-11-16
|
04 | Robert Sparks | [Ballot Position Update] New position, Yes, has been recorded for Robert Sparks |
2011-11-16
|
04 | Robert Sparks | Ballot has been issued |
2011-11-16
|
04 | Robert Sparks | Created "Approve" ballot |
2011-11-16
|
03 | (System) | New version available: draft-ietf-geopriv-policy-uri-03.txt |
2011-11-08
|
04 | Samuel Weiler | Request for Last Call review by SECDIR Completed. Reviewer: Scott Kelly. |
2011-10-25
|
04 | (System) | State changed to Waiting for AD Go-Ahead from In Last Call. |
2011-10-24
|
04 | Amanda Baber | One of the IANA Actions in this document is dependent on the approval of another document. IANA understands that, upon approval of this document, there … One of the IANA Actions in this document is dependent on the approval of another document. IANA understands that, upon approval of this document, there are three actions which IANA must complete. First, in the namespaces registry of the IANA XML registry located at: http://www.iana.org/assignments/xml-registry/ns.html a new registration will be added as follows: ID: held URI: urn:ietf:params:xml:ns:geopriv:held:policy Registration Template: [ as provided in Section 6.1 of the approved document ] Reference: [ RFC-to-be ] Second, in the schema registry of the IANA XML registry located at: http://www.iana.org/assignments/xml-registry/schema.html a new registration will be added as follows: ID: held:policy URI: urn:ietf:params:xml:schema:geopriv:held:policy Filename: [ as provided in Section 4.1 of the approved document ] Reference: [ RFC-to-be ] Third, the document requests that a value to the LuriTypes registry. It appears that the Luritypes registry has not yet been created but would be upon approval of the following document: draft-ietf-geopriv-dhcp-lbyr-uri-option Upon approval of both that document and the current document, a new registration would be added to the new Luritypes registry as follows: +------------+----------------------------------------+--------------+ | LuriType | Name | Reference | +------------+----------------------------------------+--------------+ | TBD* | Policy-URI | [ RFC-to-be ]| +------------+----------------------------------------+-----------+--+ IANA understands that these are the only actions required to be completed upon approval of this document. |
2011-10-14
|
04 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Scott Kelly |
2011-10-14
|
04 | Samuel Weiler | Request for Last Call review by SECDIR is assigned to Scott Kelly |
2011-10-11
|
04 | Amy Vezza | State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: … State changed to In Last Call from Last Call Requested. The following Last Call Announcement was sent out: From: The IESG To: IETF-Announce CC: Reply-To: ietf@ietf.org Subject: Last Call: (Location Configuration Extensions for Policy Management) to Informational RFC The IESG has received a request from the Geographic Location/Privacy WG (geopriv) to consider the following document: - 'Location Configuration Extensions for Policy Management' as an Informational RFC The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2011-10-25. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract Current location configuration protocols are capable of provisioning an Internet host with a location URI that refers to the host's location. These protocols lack a mechanism for the target host to inspect or set the privacy rules that are applied to the URIs they distribute. This document extends the current location configuration protocols to provide hosts with a reference to the rules that are applied to a URI, so that the host can view or set these rules. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-geopriv-policy-uri/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-geopriv-policy-uri/ No IPR declarations have been submitted directly on this I-D. |
2011-10-11
|
04 | Robert Sparks | Last Call was requested |
2011-10-11
|
04 | Robert Sparks | State changed to Last Call Requested from Publication Requested. |
2011-10-11
|
04 | Robert Sparks | Last Call text changed |
2011-10-11
|
04 | (System) | Ballot writeup text was added |
2011-10-11
|
04 | (System) | Last call text was added |
2011-10-11
|
04 | Robert Sparks | Ballot writeup text changed |
2011-10-07
|
04 | Cindy Morgan | (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he … (1.a) Who is the Document Shepherd for this document? Has the Document Shepherd personally reviewed this version of the document and, in particular, does he or she believe this version is ready for forwarding to the IESG for publication? The document shepherd for this document is Alissa Cooper. I have personally reviewed this version of the document and believe that it is ready for publication. (1.b) Has the document had adequate review both from key WG members and from key non-WG members? Does the Document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? The document has had reviews from several working group participants, experts from the RAI and APP areas, and from an OGC participant. I do not have any concerns about the level of review. (1.c) Does the Document Shepherd have concerns that the document needs more review from a particular or broader perspective, e.g., security, operational complexity, someone familiar with AAA, internationalization or XML? I do not believe that any particular further reviews are necessary. (1.d) Does the Document Shepherd have any specific concerns or issues with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. Has an IPR disclosure related to this document been filed? If so, please include a reference to the disclosure and summarize the WG discussion and conclusion on this issue. I have no major concerns. The WG thoroughly discussed issues around authorization and security related to this document, and I believe the resulting outcome is sound. There have been no IPR disclosures filed. (1.e) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is consensus behind this document among the members that do the majority of the work in this WG. It is a small extension to the core work of the group. (1.f) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is entered into the ID Tracker.) I am not aware of any threat of appeal. (1.g) Has the Document Shepherd personally verified that the document satisfies all ID nits? Boilerplate checks are not enough; this check needs to be thorough. Has the document met all formal review criteria it needs to, such as the MIB Doctor, media type and URI type reviews? The document satisfies all ID nits. The document does not require any formal reviews. (1.h) Has the document split its references into normative and informative? Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the strategy for their completion? Are there normative references that are downward references, as described in [RFC3967]? If so, list these downward references to support the Area Director in the Last Call procedure for them [RFC3967]. The references are appropriately split into normative and informative. The only non-RFC normative reference is to draft-ietf-geopriv-dhcp-lbyr-uri-option, which is in IESG review. There are no downward references. (1.i) Has the Document Shepherd verified that the document IANA consideration section exists and is consistent with the body of the document? If the document specifies protocol extensions, are reservations requested in appropriate IANA registries? Are the IANA registries clearly identified? If the document creates a new registry, does it define the proposed initial contents of the registry and an allocation procedure for future registrations? Does it suggest a reasonable name for the new registry? See [RFC5226]. If the document describes an Expert Review process has Shepherd conferred with the Responsible Area Director so that the IESG can appoint the needed Expert during the IESG Evaluation? The IANA considerations section is consistent with the body of the document. The section appropriately registers a new URN sub-namespace, an XML schema, and a DHCP LuriType. The document does not require new registries or expert review. (1.j) Has the Document Shepherd verified that sections of the document that are written in a formal language, such as XML code, BNF rules, MIB definitions, etc., validate correctly in an automated checker? I have checked that all of the XML correctly validates. (1.k) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up? Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary Relevant content can frequently be found in the abstract and/or introduction of the document. If not, this may be an indication that there are deficiencies in the abstract or introduction. Current location configuration protocols are capable of provisioning an Internet host with a location URI that refers to the host's location. These protocols lack a mechanism for the target host to inspect or set the privacy rules that are applied to the URIs they distribute. This document extends the current location configuration protocols to provide hosts with a reference to the rules that are applied to a URI, so that the host can view or set these rules. Working Group Summary Was there anything in WG process that is worth noting? For example, was there controversy about particular points or were there decisions where the consensus was particularly rough? This document was uncontroversial. It fills a gap in the location configuration architecture. Document Quality Are there existing implementations of the protocol? Have a significant number of vendors indicated their plan to implement the specification? Are there any reviewers that merit special mention as having done a thorough review, e.g., one that resulted in important changes or a conclusion that the document had no substantive issues? If there was a MIB Doctor, Media Type or other expert review, what was its course (briefly)? In the case of a Media Type review, on what date was the request posted? At this time there are no known implementations, nor are there any reviewers or experts that merit a special mention. |
2011-10-07
|
04 | Cindy Morgan | Draft added in state Publication Requested |
2011-10-07
|
04 | Cindy Morgan | [Note]: 'Alissa Cooper (acooper@cdt.org) is the document shepherd.' added |
2011-10-04
|
02 | (System) | New version available: draft-ietf-geopriv-policy-uri-02.txt |
2011-06-20
|
01 | (System) | New version available: draft-ietf-geopriv-policy-uri-01.txt |
2011-01-12
|
00 | (System) | New version available: draft-ietf-geopriv-policy-uri-00.txt |