Hi all: I see that I'm a few days late with this review, sorry about that. I have performed an Operations Directorate review of draft-ietf-geopriv-res-gw-lis-discovery-07 "The residential gateway is a device that has become an integral part of home networking equipment. Discovering a Location Information Server (LIS) is a necessary part of acquiring location information for location-based services. However, discovering a LIS when a residential gateway is present poses a configuration challenge, requiring a method that is able to work around the obstacle presented by the gateway. This document describes a solution to this problem. The solution provides alternative domain names as input to the LIS discovery process based on the network addresses assigned to a Device." - - - - 1. Is the specification complete? Can multiple interoperable implementations be built based on the specification? This draft explains the problem clearly, points out that effective solutions to it have been standardised (DHCP, LIS Discovery [RFC 5986]), these will take a long time to deploy in home gateways. This draft proposes another approach as a shorter-term way around the problem. It describes that approach in reasonable detail, I believe there's enough there to allow it to be implemented. 2. Is the proposed specification deployable? If not, how could it be improved? Yes. 3. Does the proposed approach have any scaling issues that could affect usability for large scale operation? This approach is aimed at finding a Location Information Server (LIS) for residential networks, within a single ISP. As such, it doesn't have to scale up any further. 4. Are there any backward compatibility issues? No. 5. Do you anticipate any manageability issues with the specification? No. Except that ISPs will need to ensure that their residential customers systems find their correct LIS, and that LIS must not give away information about address ranges other than the one any particular customer is using. 6. Does the specification introduce new potential security risks or avenues for fraud? Yes, but these seem adequately covered in its sections on Scurity, Privacy and IAB Considerations. Just one tiny typo: - penultimate paragraph of section 7, s/even in the trusted source/even if the trusted source/ Cheers, Nevil Co-chair, IPFIX and EMAN WGs -- --------------------------------------------------------------------- Nevil Brownlee Computer Science Department Phone: +64 9 373 7599 x88941 The University of Auckland FAX: +64 9 373 7453 Private Bag 92019, Auckland 1142, New Zealand