Last Call Review of draft-ietf-mile-xmpp-grid-09
review-ietf-mile-xmpp-grid-09-genart-lc-holmberg-2019-01-04-00

Request Review of draft-ietf-mile-xmpp-grid
Requested rev. no specific revision (document currently at 11)
Type Last Call Review
Team General Area Review Team (Gen-ART) (genart)
Deadline 2019-01-14
Requested 2018-12-31
Draft last updated 2019-01-04
Completed reviews Secdir Last Call review of -09 by Matthew Miller (diff)
Genart Last Call review of -09 by Christer Holmberg (diff)
Assignment Reviewer Christer Holmberg
State Completed
Review review-ietf-mile-xmpp-grid-09-genart-lc-holmberg-2019-01-04
Reviewed rev. 09 (document currently at 11)
Review result Ready with Issues
Review completed: 2019-01-04

Review
review-ietf-mile-xmpp-grid-09-genart-lc-holmberg-2019-01-04

I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair.  Please treat these comments just
like any other last call comments.

For more information, please see the FAQ at

<https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.

Document: draft-ietf-mile-xmpp-grid-09
Reviewer: Christer Holmberg
Review Date: 2019-01-04
IETF LC End Date: 2019-01-14
IESG Telechat date: Not scheduled for a telechat

Summary: The document is well written, easy to read, and technically I have no issues. However, as shown below, I do have some questions for clarifications.

Major issues: None

Minor issues:

Q1: There is no explanation of what kind of security-related information is distributed. What kind of security? I assume it is some kind of application security, and not XMPP security.

Q2: Is there a reason why XMPP-Grid is only defined for security-related information? Isn’t XMPP-Grid a way of distributing ANY type on information in a secure manner?

Q3: It is not clear to me what XMPP-Grid provides that “normal” secure XMPP doesn’t. Is XMPP-Grid only an architecture, using standard XMPP components? If so, I think that should be made more clear. 

Q4: While section 8 does reference RFC 6120 for the usage of TLS, I can’t find any references to other security considerations in RFC 6120. Is everything in section 8 XMPP-Grid specific?

Q5: Section 4 talks about a “typical” workflow. I assume that means there could be others? 


Nits/editorial comments:

Q6: The document talks about using XMPP-Grid for distributing “security-relevant”/”security-related” information. I suggest using consistent terminology.