Address some items from httpdir early review #540
Conversation
Per httpdir early review of DAP ([1]), use "resource" or "server" as appropriate instead of "endpoint". [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
This comment was marked as outdated.
This comment was marked as outdated.
Per httpdir early review of DAP ([1]), make a clear distinction between
a client in the DAP protocol ("Client") and a client in the HTTP
protocol ("HTTP client"). Audit usage of "client" and "server"
throughout the document to disambiguate.
[1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), distinguish between the HTTP and HTTPS requirements, and add an explicit reference to RFC 8446 for TLS. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), Clients should be free to retry HTTP GETs on HPKE configs. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), be less prescriptive about Cache-Control in HPKE config responses. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), remove confusing term. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
tgeoghegan
changed the title
draft-ietf-ppm-dap.md
Outdated
| endpoints can be found. | ||
| * `helper_aggregator_endpoint`: A URL relative to which the Helper's API | ||
| endpoints can be found. | ||
| * `leader_aggregator_server`: A URL relative to which the Leader's API resources |
There was a problem hiding this comment.
I am not sure server is appropriate here (or for helper_aggregator_server below) -- I think either {leader,helper}_aggregator_endpoint or perhaps {leader,helper}_aggregator_url would be clearer. I'd expect a server to indicate a hostname, while this is a full URL including a protocol & path.
There was a problem hiding this comment.
(I'd go with "endpoint", but I think that an endpoint might also indicate a particular HTTP verb; if that's correct, I'd go with "URL.")
There was a problem hiding this comment.
_url seems better since that's what the text on the right of the colon says. I want to avoid "endpoint" as the httpdir review flagged that word.
draft-ietf-ppm-dap.md
Outdated
| @@ -316,14 +316,18 @@ Batch interval: | |||
| of the reports in the batch. | |||
|
|
|||
| Client: | |||
| : A party that uploads a report. | |||
| : DAP protocol role identifying a party that uploads a report. Note the | |||
There was a problem hiding this comment.
| : DAP protocol role identifying a party that uploads a report. Note the | |
| : A DAP protocol role identifying a party that uploads a report. Note the |
(editorial, matching structure of other items in this list)
There was a problem hiding this comment.
Sure. "The" feels a bit more natural than "A" to me.
draft-ietf-ppm-dap.md
Outdated
| possible by distributing the computation among the servers in such a way that, | ||
| as long as at least one of them executes the protocol honestly, no input is ever | ||
| seen in the clear by any server. | ||
| small set of aggregator servers. The aggregators' goal is to compute some |
There was a problem hiding this comment.
(This comment follows from off-PR discussion with/suggestion by @jbr.)
"small set of aggregator servers" is correct but perhaps imprecise -- nowadays, there are exactly two aggregator servers, the Leader & the Helper. Maybe "two aggregator servers, called the Leader & the Helper"?
There was a problem hiding this comment.
Makes sense! I left out the discussion of leader and helper because those terms aren't used again in the introduction and they get introduced properly in the glossary.
draft-ietf-ppm-dap.md
Outdated
| HTTPS provides server authentication and confidentiality. Use of HTTPS is | ||
| REQUIRED. | ||
| Communications between DAP participants are carried over HTTP {{!RFC9110}}. Use | ||
| of HTTPS {{!RFC8446}} is REQUIRED to provide server authentication and |
There was a problem hiding this comment.
Is this the correct reference? RFC8446 defines TLS, not HTTPS.
There was a problem hiding this comment.
Hmm, good point. RFC 9110 obsoletes RFC 2818 "HTTP Over TLS", so maybe the reference to 9110 suffices?
Mark Nottingham (@mnot) was kind enough to share early review feedback on DAP on behalf of httpdir (1). This PR addresses several of the items there. See individual commit messages for discussion.