[IETF-IDRM] Re: [IDRM] draft-irtf-idrm-handle-system-00.txt

[Mark Baugher]

Here are the remaining questions and comments from the 
draft-irtf-idrm-handle-system-00.txt.  Regarding my previous comments,is it 
accurate to say that the Handle System protocols could in principle be used 
with a variety of different servers/resolvers including DDDS?

I have five points.

1)  Section 1, under "Secured Named Service" describes specific 
cryptographic mechanisms but "Distributed Administration Service" does 
not.  By briefly mentioning specific security and cryptographic mechanisms 
in this document, rather than in the later documents where they are 
specified, I think you raise more questions than you can answer in an 
Overview document.

2)  Section 2, para 2, suggests that a persistent name can never be moved 
between naming authorities.  If all rights to a content work were 
completely transferred from a corporation operating naming authority x, to 
one operating naming authority y, then the content work will still have x 
in its name.  This seems like a problem to me.  The DOI Handbook makes a 
point about handles being "dumb numbers," but these handles reveal 
information that will persist even when no longer valid.

3) Section 4, para 3, last sentence, defines an enormous PKI for a global 
namespace and I have some doubts about providing a security service for 
referencing potentially any content item in the world.  It is a scalability 
issue if the handle system is not designed for smaller-scale and private 
use or if the trust and security mechanisms cannot be tailored to the needs 
of individual organizations and national considerations.  There are large 
political issues here.  This is the main problem I have with the Handle 
System.  We may have an opportunity to consider this at length when 
discussing the next two drafts.

4) Section 4, para 5, should discuss the assets to be protected (e.g. 
handle metadata), the risks to those assets (e.g. corruption of handle 
metadata), and the sources of threats (e.g. hackers seeking fame or 
criminals seeking fortune).  I believe the sentence "To trust a Local 
Handle Service means to trust that it will correctly respond with data that 
was entered by the administrator" is a too general to be useful.

5) The document needs a security section and should follow the other 
guidelines for formatting and mandatory sections of RFC 2223.

At 11:05 PM 5/22/2001 -0700, Mark Baugher wrote:
>Oh, by the way, this note is commenting upon 
>draft-irtf-idrm-handle-system-00.txt and not 
>draft-irtf-idrm-handle-system-protocol-00.txt - I made a mistake in the 
>Subject line that I'll correct in subsequent responses.
>
>Mark
>At 10:26 PM 5/22/2001 -0700, Mark Baugher wrote:
>>I have a number of comments on this draft.  I also plan to post comments 
>>on the two other handle drafts, draft-irtf-idrm-handle-system-def-00.txt 
>>and draft-irtf-idrm-handle-system-protocol-00.txt.  I'll start with 
>>draft-irtf-idrm-handle-system-00.txt comments, a couple at a time since 
>>my other questions and comments may be resolved along the way.
>>
>>My first comment is that there does not seem to be name-resolution draft 
>>in the mix.  Is this not to be published?  I can see a lot of uses for a 
>>namespace that is not global, such as between a content provider 
>>(publisher) and service provider (distributor) that want to use the 
>>metadata facilities of handles to store rights information with the 
>>content work and to identify one or more "official repositories" for the 
>>content work.  If you're requiring a global namespace but not publishing 
>>the resolution mechanisms, then this seems to be an impediment to many 
>>business-to-business uses.
>>
>>Mark