muzixing
commented
3 weeks ago Sync up with zongpeng, he agreed that this issue can be closed.
Closed dzpzp closed 3 weeks ago
muzixing
commented
3 weeks ago Sync up with zongpeng, he agreed that this issue can be closed.
[1] 2. Terminology Old Service contact instance: a service contact instance is reachable via at least one Egress CATS Forwarder.¶ New a service contact instance-->A service contact instance
[2] 3.3. Framework Overview Old Starting from the bottom part of Figure 1 and moving to the upper part, the following planes are defined: New Starting from the upper part of Figure 1 and moving to the bottom part, the following planes are defined:
[3] 3.4. CATS Functional Components Old CATS nodes make forwarding decisions for a given service request that has been received from a client according to the capabilities and status information of both service contact instances and network. New CATS nodes make forwarding decisions for a given service request that has been received from a client according to the capabilities and status information of both service instances and network. Reason of suggestion: Sometimes, it is referred as status of service contact instance, and sometimes, it is referred as status of service instance. IMHO, it should be status of service instance.
[4] 3.4.7. Underlay Infrastructure Old The CATS paths that are computed by a P-CS will be distributed among the CATS-Forwarders (Section 3.4.6) New P-CS --> C-PS
[5] 4. CATS Framework Workflow Old The following subsections provide an overview of how the CATS workflow operates assuming a distributed CATS design. New The following subsections provide an overview of how the CATS workflow operates assuming a distributed CATS design by default.
[6] 5. Security Considerations Old The computing resource information changes over time very frequently, especially with the creation and termination of service contact instances. New The computing resource information changes over time very frequently, especially with the creation and termination of service instances.
Old This issue could be exploited by an attacker (e.g., by spawning and deleting service contact instances very rapidly). New This issue could be exploited by an attacker (e.g., by spawning and deleting service instances very rapidly).
[7] 6. Privacy Considerations Old Since the service will, in some cases, need to know about applications, clients, and even user identity, the C-PS computed path information should be encrypted if the client/service communication is not already encrypted. New Since the service will, in some cases, need to know about applications, clients, and even user identity, the C-PS computed path could be encrypted if the client/service communication is not already encrypted.
Reason of suggestion: It is confusing what need to be encrypted here, the path information or the overload of the path.