-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Address some items from httpdir early review #540
Conversation
Per httpdir early review of DAP ([1]), use "resource" or "server" as appropriate instead of "endpoint". [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
This comment was marked as outdated.
This comment was marked as outdated.
Per httpdir early review of DAP ([1]), make a clear distinction between a client in the DAP protocol ("Client") and a client in the HTTP protocol ("HTTP client"). Audit usage of "client" and "server" throughout the document to disambiguate. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), distinguish between the HTTP and HTTPS requirements, and add an explicit reference to RFC 8446 for TLS. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), Clients should be free to retry HTTP GETs on HPKE configs. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), be less prescriptive about Cache-Control in HPKE config responses. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
Per httpdir early review of DAP ([1]), remove confusing term. [1]: https://datatracker.ietf.org/doc/review-ietf-ppm-dap-09-httpdir-early-nottingham-2023-12-29/
draft-ietf-ppm-dap.md
Outdated
endpoints can be found. | ||
* `helper_aggregator_endpoint`: A URL relative to which the Helper's API | ||
endpoints can be found. | ||
* `leader_aggregator_server`: A URL relative to which the Leader's API resources |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure server
is appropriate here (or for helper_aggregator_server
below) -- I think either {leader,helper}_aggregator_endpoint
or perhaps {leader,helper}_aggregator_url
would be clearer. I'd expect a server to indicate a hostname, while this is a full URL including a protocol & path.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(I'd go with "endpoint", but I think that an endpoint might also indicate a particular HTTP verb; if that's correct, I'd go with "URL.")
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
_url
seems better since that's what the text on the right of the colon says. I want to avoid "endpoint" as the httpdir review flagged that word.
draft-ietf-ppm-dap.md
Outdated
@@ -316,14 +316,18 @@ Batch interval: | |||
of the reports in the batch. | |||
|
|||
Client: | |||
: A party that uploads a report. | |||
: DAP protocol role identifying a party that uploads a report. Note the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
: DAP protocol role identifying a party that uploads a report. Note the | |
: A DAP protocol role identifying a party that uploads a report. Note the |
(editorial, matching structure of other items in this list)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. "The" feels a bit more natural than "A" to me.
draft-ietf-ppm-dap.md
Outdated
possible by distributing the computation among the servers in such a way that, | ||
as long as at least one of them executes the protocol honestly, no input is ever | ||
seen in the clear by any server. | ||
small set of aggregator servers. The aggregators' goal is to compute some |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(This comment follows from off-PR discussion with/suggestion by @jbr.)
"small set of aggregator servers" is correct but perhaps imprecise -- nowadays, there are exactly two aggregator servers, the Leader & the Helper. Maybe "two aggregator servers, called the Leader & the Helper"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense! I left out the discussion of leader and helper because those terms aren't used again in the introduction and they get introduced properly in the glossary.
draft-ietf-ppm-dap.md
Outdated
HTTPS provides server authentication and confidentiality. Use of HTTPS is | ||
REQUIRED. | ||
Communications between DAP participants are carried over HTTP {{!RFC9110}}. Use | ||
of HTTPS {{!RFC8446}} is REQUIRED to provide server authentication and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this the correct reference? RFC8446 defines TLS, not HTTPS.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, good point. RFC 9110 obsoletes RFC 2818 "HTTP Over TLS", so maybe the reference to 9110 suffices?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That makes sense to me.
Mark Nottingham (@mnot) was kind enough to share early review feedback on DAP on behalf of httpdir (1). This PR addresses several of the items there. See individual commit messages for discussion.