I have reviewed this document as part of the Operational directorate’s ongoing effort to review all IETF documents being processed by the IESG.  These comments were written with the intent of improving the operational aspects of the IETF drafts. Comments that are not addressed in last call may be included in AD reviews during the IESG review.  Document editors and WG chairs should treat these comments just like any other last call comments. Document reviewed:  draft-sweet-rfc2910bis-07 Summary:  The abstract of the document says “ This document is one of a set of documents, which together describe all aspects of a new Internet Printing Protocol (IPP).  IPP is an application level protocol that can be used for distributed printing using Internet tools and technologies.  This document defines the rules for encoding IPP operations and IPP attributes into the Internet MIME media type called "application/ipp".  This document also defines the rules for transporting a message body whose Content-Type is "application/ipp" over HTTP. This document is on a standards track. It approved it will obsolete RFC 2910 and RFC 3382. Disclaimer: This document is a series of documents per the abstract. If operational and management considerations are covered in other documents, it needs to be called out and in that case most of the comments should be directed to that document. Operational Considerations Operations. The document does talk about the minimum transport protocol needed for IPP. When describing the operation layer, it could talk about default values or range of values that any of the fields can take “out-of-the-box”. If the fields can take any value, it needs to state that. Operations like these need to monitored and for root cause analysis. Identifying information that is consistent such as what gets put in any field is helpful.  It is not apparent from the document if this new protocol places any requirements on other protocols and components in the network. These could be restrictions or creating dependencies on existing protocols. If it does, the requirements need to be called out. The same is true for impact on operations of existing networks. If the impact is minimal, the document can just mention that. The impact should consider impact on servers performing auto-configuration for this protocol. Or impact on server or network if large print jobs are enqueued as a result of a spam. How would an operator know that the protocol is operating correctly? Are there tests that network operators can run (other than enqueuing a print job) to test that the protocol is working properly. Are there particular metrics that an operator should watch out for? Management Considerations: From a management consideration point of view, the document needs to identify how the protocol is installed, configured and monitored once it is installed. That should include not only what needs to be managed but how. An identification of the managed identities that are involved, what the architecture of these entities are (client, server etc.), what some of the management operations are (static vs dynamic configuration) and whether these operations are performed locally or remotely. Scale should be considered from a management perspective, specially for different scales. The document needs to consider the difference between a local management interface to manage a single device and how it would be different from a large network, remote management managed using a distributed management system. Auto configuration and default parameters might make more sense in the latter case. Techniques for debugging protocol interactions in a network must be part of the document. This should include interoperability between devices from different vendors, and across models and releases from the same vendor. Interoperability cannot be limited to protocol interaction. It has to extend to single syntax to do all the management on all the devices. This has to include both configuration and monitoring. The document needs to describe some basic fault and health monitoring indications that needs to be instrumented. These should include alarms or events, e.g. out of paper if that is appropriate.  When propagating fault information, has the protocol considered mechanisms to throttle notifications to prevent congestion and duplication of events? If there is a hierarchy of faults, is each fault reported at every level or only at the lowest level? Accounting Considerations Is it appropriate to collect usage information related to this protocol? If so, what usage information would be appropriate to collect? A run of idnits reveals a few errors, warnings and comments:   Checking nits according to http://www.ietf.org/id-info/checklist :   ----------------------------------------------------------------------------   -- The draft header indicates that this document obsoletes RFC3382, but the      abstract doesn't seem to mention this, which it should.   -- The draft header indicates that this document obsoletes RFC2910, but the      abstract doesn't seem to mention this, which it should.   Miscellaneous warnings:   ----------------------------------------------------------------------------   -- The document date (June 13, 2016) is 30 days in the past.  Is this      intentional?   Checking references for intended status: Proposed Standard   ----------------------------------------------------------------------------      (See RFCs 3967 and 4897 for information about using normative references      to lower-maturity documents in RFCs)   -- Looks like a reference, but probably isn't: '1' on line 1610      '[1] http://www.pwg.org/ ...'   == Missing Reference: 'RFC2910bis' is mentioned on line 1284, but not      defined      '(see [RFC2910bis]) or other transport protocol.  Messages of type...'   -- Possible downref: Non-RFC (?) normative reference: ref. 'ASCII'   ** Downref: Normative reference to an Informational RFC: RFC 2818      Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 5 comments (--). Thanks Mahesh Jethanandani mjethanandani at gmail.com