[AFS3-std] Re: Last Call: afs3-rxgk-04

Benjamin Kaduk kaduk@MIT.EDU
Tue, 30 Apr 2013 00:30:45 -0400 (EDT) 

On Mon, 29 Apr 2013, Andrew Deason wrote:

>>> 4.  Security Levels
> [...]
>>> This corresponds to the traditional 'clear' security level.
>
> I feel like I've said this before, but I can't find the reference.
> Mentioning "traditional" security levels doesn't make a lot of sense to
> me in this context; I wish these said something about rxkad, to provide
> an explicit reference for where to look to see what these are talking
> about.

I do think you have said it before, it sounds familiar.
I believe the problem is that there is not anything particularly useful to 
reference when talking about rxkad, so the text was not changed.

>>> 6.  Key Negotiation
> [...]
>>> This lifetime is advisory.
>
> I also feel like I've whined about this before, but I can't find where.
> This sentence by itself doesn't really seem to say anything. The
> definitions of "lifetime" and "bytelife" on page 7 I feel should just
> point to the definitions of "lifetime" and "bytelife" on 10 for details,
> and have them in one place.

There were concerns about the "advisory" statement expressed previously, 
yes.  There was also a proposed wording/description given, which we did 
take and put in.  I thought about trying to have one location refer to the 
other, but didn't have a good solution.

> Of course, that's kind of difficult when section 6 is 6 pages long
> without any subsections, but I also think that section 6 could use some
> subsections to make it more readable. It seems like this could at least
> be broken up into: GSSNegotiate argument/field definitions, the core
> GSSNegotiate loop algorithm, the RXGK_ClientInfo field definitions, and
> what the client does after the GSSNegotiate loop finishes. But if you're
> changing the GSSNegotiate loop text in general, maybe that section would
> look different.

I don't remember why I ended up not splitting into subsections like that. 
Maybe I was concerned about transitions between sections.
It's definitely longer than one would like a section to be...

Thanks for the comments,

Ben