Peer-to-Peer Streaming Peer Protocol (PPSPP)
draft-ietf-ppsp-peer-protocol-12
Yes
No Objection
(Benoît Claise)
Note: This ballot was opened for revision 10 and is now closed.
Martin Stiemerling Former IESG member
(was Discuss, Yes)
Yes
Yes
(2014-07-09 for -10)
Unknown
The authors have an updated draft ready which addresses IANA's concerns. The updated draft will be posted after the 7/10 IESG telechat. Here is the text proposed by IANA: OLD: IANA is to create the new registries defined below for the extensibility of the protocol. For all registries, assignments consist of a name and its associated value. Also for all registries, the "Unassigned" ranges designated are governed by the policy 'IETF Review' as described in [RFC5226]. NEW: This document is to create a new top-level registry called "Peer-to-Peer Streaming Peer Protocol (PPSPP)", which will host the six new sub-registries defined below for the extensibility of the protocol. For all registries, assignments consist of a name and its associated value. Also for all registries, the "Unassigned" ranges designated are governed by the policy 'IETF Review' as described in [RFC5226].
Adrian Farrel Former IESG member
No Objection
No Objection
(2014-12-17)
Unknown
There are plenty of comments from other ADs and little more is left to be said. --- It all feels a bit Experimental to me, but I'll leave that to the judgement of the responsible AD. --- Section 3.4 is a bit mixed with respect to the transport. It talks about "if PPSPP is run over an unreliable transport protocol", but the only transport defined is UDP so the "if" is unnecessary and the subsequent clause is pointless. This is confirmed by the text later in the paragraph that confirms that LEDBAT is used and so implicitly confirms that UDP is used. Should be simple enough to tidy up.
Alia Atlas Former IESG member
No Objection
No Objection
(2014-07-09 for -10)
Unknown
In general, I found this draft very clear and understandable. I do understand Richard's discuss that the specific message send-responses aren't given concisely, but I think it is understandable. In Sec 4.2, section after Figure 2: Please s/chunk 0..3/chunk C0..C3 and s/chunks 0 and 1/s chunks C0 and C1 This is just because I had to read it 3 times to stop being confused between the bin numbers and the chunk numbers, so I'd ask for consistency. In Sec 5.2, first paragraph: Please change "For chunk C4 its uncles are nodes 13 and 3, marked with * in the figure." to "For chunk C4 its uncles are nodes 13 and 3 and its sibling is 10; all marked with a * in the figure." In Sec 7.8, the bit figure only goes to bit 12 instead of bit 16 - but the range of CAM and the length listed is 8. In Sec 7.9, can you please add a reference to Table 6 where appropriate? Sec 8.1: typo: mebibyte Sec 8.1: The paragraph on PLPMTUD is a bit confusing. Presumably this is between two peers - but the chunk sizes used by the swarm would be specified by the initial seeder. Thus I can see the PLPMTUD variant being useful to decide upon the PPSPP datagram size, but not the chunk size. Could you please clarify either what I'm missing? Sec 8.13: typo in first line: s/PEX_RES/PEX_RESv4
Alissa Cooper Former IESG member
(was Discuss)
No Objection
No Objection
(2014-12-16)
Unknown
Thanks for addressing my discuss and comment points.
Barry Leiba Former IESG member
No Objection
No Objection
(2014-07-09 for -10)
Unknown
Nice work. This is a well written document, and what looks like a solid protocol. General question on the chunking: Is it the case that a given piece of content is chunked in a specific way, with known chunk IDs, such that every peer that's serving that content up (at least in the same swarm) uses the same chunks with the same chunk IDs? One can guess that from the way things work, but shouldn't the document say that? Or does it, and I missed it? -- Section 3.7 -- When peer Q receives multiple REQUESTs from the same peer P, peer Q SHOULD process the REQUESTs in the order received. What happens if it doesn't? Is there an interoperability issue here? A performance issue? Or what? (That is, why is this a 2119 SHOULD?) -- Section 5.3 -- Thus, as a datagram carries zero or more messages, neither messages nor message interdependencies SHOULD span over multiple datagrams. The negatives in this sentence really make the SHOULD a hidden SHOULD NOT, and its meaning is unclear. I think it would be clearer if it were worded that way: NEW Thus, as a datagram carries zero or more messages, both messages and message interdependencies SHOULD NOT span multiple datagrams. END -- Section 12.1.1 -- Nit: "setup" is a noun; "set up" is a verb. In these two sentences, "setup" should be changed to "set up": A content provider wishing to use PPSPP to distribute content should setup at least one PPSPP server. In addition, a content provider should setup a tracking facility for the content by configuring, for example, a PPSP tracker
Benoît Claise Former IESG member
No Objection
No Objection
()
Unknown
Brian Haberman Former IESG member
No Objection
No Objection
(2014-12-15)
Unknown
I support Richard's discuss on the viability of this document as a protocol specification and Alissa's point on the use of LEDBAT.
Jari Arkko Former IESG member
No Objection
No Objection
(2014-07-08 for -10)
Unknown
There has not been a response to Christer Holmberg's Gen-ART review. Do the authors have a view on the questions he asked? For what it is worth, when I read sections 8.14 and 8.15 they do not give as precise instruction for the implementer about how to handle keepalives and dead peer detection as I’d personally like to see. Perhaps a sentence could be added to explain what a node does (or stops doing) when it declares a peer dead.
Kathleen Moriarty Former IESG member
(was Discuss)
No Objection
No Objection
(2015-02-26)
Unknown
Thanks for responding on the SecDir review and for the responses on integrity checking in particular.
Pete Resnick Former IESG member
No Objection
No Objection
(2014-12-18)
Unknown
2.2 - s/disjunct/disjoint 3.1.1 - OLD 2. The receiving peer Q checks the HANDSHAKE message from peer P. If any check by Q fails, Q MUST NOT send a HANDSHAKE (or any other) message back, as the message from P may have been spoofed (see Section 13.1). Only if P and Q are in the same swarm, and Q is interested in communicating with P, Q MUST a datagram to P that starts with a HANDSHAKE message. This reply HANDSHAKE MUST contain: NEW 2. The receiving peer Q checks the HANDSHAKE message from peer P. If any check by Q fails, or if P and Q are not in the same swarm, Q MUST NOT send a HANDSHAKE (or any other) message back, as the message from P may have been spoofed (see Section 13.1). Otherwise, if Q is interested in communicating with P, Q sends a datagram to P that starts with a HANDSHAKE message. This reply HANDSHAKE MUST contain: END 3.10.1 - "Physically"? I think you can strike that. 4.3.1 - s/MUST send/sends 5.2 - s/MUST receive/needs 5.3 - OLD In short, the sender MUST put into the datagram the hashes he believes are necessary for the receiver to verify the chunk. NEW In short, the sender MUST put into the datagram the hashes that are necessary for the receiver to verify the chunk. I don't understand what the sender's beliefs have to do with this. 1.1 says, "PPSPP is a generic protocol which can run directly on top of UDP, TCP, or other protocols." Section 8 says, "PPSPP implementations MUST use UDP as transport protocol and MUST use LEDBAT for congestion control [RFC6817].". One of those two statements is lying. 8.5-8.13 - I was really confused for a moment becuase the destination channel ID did not appear in any of these sections. Either show it, or say somewhere that it is left out of all of these sections.
Richard Barnes Former IESG member
(was Discuss)
No Objection
No Objection
(2015-03-19)
Unknown
"In general, no error codes or responses are used in the protocol; absence of any response indicates an error." -- This made me do a bit of a double-take. Obviously, the requesting peer should timeout if the responding peer doesn't respond, but are there really no cases where the responding peer knows there's a problem and wants to report it? It seems like the CHOKE message is an indication of this sort. I have cleared based on the text in 3.1.1, which at least defines how an initial connection is made. I would encourage the authors, however, to consider whether there are other protocol interactions for which similarly detailed instructions would be useful.
Spencer Dawkins Former IESG member
No Objection
No Objection
(2014-07-07 for -10)
Unknown
In this text: 3. Messages In general, no error codes or responses are used in the protocol; absence of any response indicates an error. Is there accurate qualifier more narrow than "in general" that you could substitute? In a quick scan, the only other instances of "error" are "ICMP error", so maybe you don't need a qualifier at all? In this text: 3.1. HANDSHAKE After the handshakes are exchanged, the initiator knows that the peer really responds. Hence, the second datagram the initiator sends MAY already contain some heavy payload, e.g. DATA messages. To minimize the number of initialization round-trips, the first two datagrams exchanged MAY also contain some minor payload, e.g. HAVE messages to indicate the current progress of a peer or a REQUEST (see Section 3.7), but MUST NOT include any DATA message. This was difficult for me to parse, and the words "heavy" and "minor" didn't help me understand. Is this saying something like "Peers don't include DATA messages in payloads they send unless they've akwa successfully exchanged messages"? If that's not what's meant, is there a list of "heavy" and "monor" messages? (Obviously, I don't think the MAYs are 2119 MAYs because they are so imprecise, but that's another story) I should also mention that "heavy" appears 10 times in the specification, and I don't think it's ever defined. Is this a term famliar with those schooled in the art? In this text: 3.2. HAVE In particular, whenever a receiving peer P has successfully checked the integrity of a chunk, or interval of chunks, it SHOULD send a ^^^^^^ HAVE message to all peers Q1..Qn it wants to interact with in the near future. A policy in peer P determines when the HAVE is sent. P may sent it directly, or peer P may wait until either it has other data to sent to Qi, or until it has received and checked multiple chunks. This wasn't clear to me. I'm not understanding why a SHOULD is appropriate, but I suspect I shouldn't be askig a 2119 question, because this is tangled between "send a HAVE to the peers you want to interact with in the near future" and "if you don't want to interact with a specific peer in the near future, you can wait to send a HAVE". Is that even close? In this text: 3.4. ACK ACK messages MUST be sent to acknowledge received chunks if PPSPP is run over an unreliable transport protocol. ACK messages MAY be sent if a reliable transport protocol is used. In the former case, a receiving peer that has successfully checked the integrity of a chunk, or interval of chunks C MUST send an ACK message containing a chunk specification for C. As LEDBAT is used, an ACK message MUST contain the one-way delay, computed from the peer's current system time received in the DATA message. A peer MAY delay sending ACK messages as defined in the LEDBAT specification. (I emphasize that this is a question, not even a comment) How hard did the working group fight to pick a single style of transport protocol for PPSPP, rather than support multiple styles that don't use the same state machine? If that decision got good discussion, fine, but I wanted to ask because support for both reliable and ureliable transport adds complexity, and I've seen working groups that tried to do transport-independent protocols only because they thought that's what the ADs expected. In this text: 5.3. The Atomic Datagram Principle As explained above, a datagram consists of a sequence of messages. Ideally, every datagram sent must be independent of other datagrams, so each datagram SHOULD be processed separately and a loss of one datagram must not disrupt the flow of datagrams between two peers. Thus, as a datagram carries zero or more messages, neither messages nor message interdependencies SHOULD span over multiple datagrams. This principle implies that as any chunk is verified using its uncle hashes the necessary hashes SHOULD be put into the same datagram as the chunk's data. If this is not possible because of a limitation on datagram size, the necessary hashes MUST be sent first in one or more datagrams. As a general rule, if some additional data is still missing to process a message within a datagram, the message SHOULD be dropped. With that many SHOULDs, I'd be worried that implementations using PPSPP can't count on much. If I receive a message that spans multiple datagrams (even though it shouldn't), that don't include the necessary hashes (even though it should), and I don't drop a message with missing data (even though I should), is that all fine? In this text: 5.4. INTEGRITY Messages Concretely, a peer that wants to send a chunk of content creates a datagram that MUST consist of a list of INTEGRITY messages followed by a DATA message. If the INTEGRITY messages and DATA message cannot be put into a single datagram because of a limitation on datagram size, the INTEGRITY messages MUST be sent first in one or more datagrams. Is this assuming that the path between peers will never reorder packets?
Stephen Farrell Former IESG member
(was Discuss)
No Objection
No Objection
(2014-12-17)
Unknown
Thanks for handling my various discuss points. I think you sorted them all, though I have to say I'm not clear whether or not point (6) was sorted or not, that's below.... "(6) 8.4: I don't see the swarm's metadata record in the ascii art diagram and you just say "look at section 7" so two questions: a) where is the "chunk size used" option in section 7? and b) do all the swarm metadata options have to be sent each time with no limit on ordering except as given in section 7 (which had one such order sensitive limit I think)?" However, I'm fine to make this a comment, on the basis that I don't remember whatever it was I meant by that:-) I'm also not so sure the s/ppsp:/file:/ URI scheme swap will really be a fine idea, but it certainly does get past my objection:-) --- OLD comments below here, I did not check these for -12, but am happy to chat about them if you want. - Kathleen has the secdir review point covered. - overall comment: This is too long. - The elephant is in the room, but not the intro:-) Surely some comparison with BT is needed in the intro? The first reference is in 3.7 on p13, which just seems wrong. If this is somehow inspired by BT (can't recall) then maybe say so and add a quick sketch (2-3 sentences) on how this differs from BT. Those would really help the reader IMO. Note that this could be done by reference. - 1.1: I really dislike the term self-certification as its quite misleading. I guess its probably too late to get rid of that but what (I think) is going on here is really naming chunks so that if you know the hash of the entire content you can verify that the chunk is from that. (CHECK!!!) - 1.3, 'content': s/asset/file/ would be better I think and less capitalist;-) The term asset is odd here anyway. Same elsewhere. (But note this is really nitty, no need to change unless you want to.) - 3: I don't get what is meant by this "an external storage mapping from the linear byte space of a single swarm to different files" I can sorta see what's meant, but am not sure. Maybe try clarify? - 5.3, last para: Is the 1st MUST there really implementable in general? I think the MUST might be to include those hashes that the sender thinks the receiver needs. - 6.1 - this defines two methods yet says "If the protocol operates in a benign environment the method MAY be used." Which is meant here? - 6.1.2.1: what if different folks think NCHUNKS_PER_SIG has different values? How do we all agree on a value? (BTW, the last sentence of this section is a cool thing.) - 7.4: "In other cases a peer MAY include a swarm identifier option, as an end-to-end check." That's not clear to me, what other cases? - 7.6: I don't get why you need so many options here. Do you really? SHA1 is probably only needed for legacy stuff (is there any of that?), and SHA256 should be fine for everything else. - 7.8: The width of the figure seems wrong. - 7.10: An example compressed encoding would be useful. - 8.16: "perfectly detected" - huh? what does that mean?