Document: draft-ietf-tsvwg-2960bis-04.txt Reviewer: Vijay K. Gurbani Review Date: 16 May 2007 IETF LC date: 17 May 2007 IESG Telechat date: 24 May 2007 Summary: This draft is ready for publication as a Proposed Standard RFC. I do have some comments, though. Overall, a very nicely written document given the rather staid subject matter that will appeal to the most pedantic of us protocol folks. Here are some nits, comments, and feedback in the order that I read the draft: 1) In the top-left boiler plate on the first page (where it says "Network Working Group"), you may want to consider inserting "Obsoletes: 2960 (if approved)" 2) In S1.3.1 consider: s/against security attacks/against synchronization attacks The term "security" is too broad, and I believe that you are trying to prevent the likelihood of TCP SYN attacks in SCTP here. 3) While reading S1.2, it would help if some more text was devoted to interpreting the concept of an association. In other words, in TCP we have a connection between a pair of hosts. We can have multiple connections between the same pair of hosts, each connection opened by a different process on the host. Typically, a connection opened by one process on host A to host B is not shared by another process oh host A. When I translate that to SCTP, does that mean that I can have multiple associations between hosts, each association opened up by a different process on the host? Or is the model that I have only one association between the hosts, but each pairing of a source process and destination process is represented as a pair of unidirectional streams within the one association? 4) S1.5: Please consider putting this section somewhere in the beginning. Since the sub-sections that preceeded S1.5 use the abbreciations quite a bit, introducing the user to the abbreviations first should help readability. 5) Nit: S3, page 16: s/Section 6.10for/Section 6.10 for 6) Nit: S3.3.2.1: the text under the figure for IPv6 address parameter - s/128 bit/128 bits 7) S3.3.5, second paragraph: the text says that the parameter field contains an opaque data structure understood only by the sender. I think it will add more clarity to insert the following text at the end of the last paragraph in the section: OLD: The Sender-specific Heartbeat Info field should normally include information about the sender's current time when this HEARTBEAT chunk is sent and the destination transport address to which this HEARTBEAT is sent (see Section 8.3). NEW: The Sender-specific Heartbeat Info field should normally include information about the sender's current time when this HEARTBEAT chunk is sent and the destination transport address to which this HEARTBEAT is sent (see Section 8.3). This information is simply reflected back by the receiver in the HEARTBEAT ACK message (see Section 3.3.6). 8) Nit: S4 - s/description of all special cases should be found in the text/ description of all special cases are found in the text. The phrase "should be" seems non-comittal; i.e., are all special cases mentioned in the document or not? I presume they are. 9) S5.1.2, in the IMPLEMENTATION NOTE, it says that "when the implementation does not control the source IP address that is used for transmitting" - do such cases arise at all? I thought that the IP layer, especially given rfc3484, will always know which source IP address to put in an outgoing IP datagram. Could it be that you meant "when the *ULP* does not control the source IP address that is used for transmitting"? Also, since I bring up rfc3484, I do not know if it has any bearing on the discussion in this section. If the author has reached a conclusion that it does not, then that is fine with me. 10) At various places, the suggested SCTP protocol parameter values defined in S15 are used (c.f. S5.1.{3,4} and look for 'Valid.Cookie.Life' and 'Max.Init.Retransmits'). It may be a good idea to either provide S15 at the beginning of the text, or to have a forward pointer to S15 on the first occurrence of the use of a protocol parameter defined in S15. This way, the reader is alerted where to find the default values for these parameters. 11) Nit - S7.1, first bullet item: s/upper layer otherwise/upper layer to do otherwise 12) S10.1, API defined in G): What happens when stream id is not provided in a RECEIVE? Is data for *all* streams retrieved? Or data from stream 0 only (following the sematics for SEND, where if stream id is not specified, then stream 0 is assumed.) I think this may have a bearing on S10.2 A). When data arrives at a SCTP layer on a host, the SCTP informs the ULP of the stream id that the data arrived on. I presume that the ULP then simply uses that stream id in the RECEIVE. Yes? 13) In S11.2.2, it is stated that "A widely implemented BSD Sockets API extension exists for applications to request IP security services..." Can you please provide a reference? Within the IETF archives, I was able to find two documents, one of which is an expired I-D: 1) http://tools.ietf.org/html/draft-mcdonald-simple-ipsec-api-01 2) http://tools.ietf.org/html/rfc2367 Any other reference beyond the above will be extremely helpful for implementers.