Re: [6lo] Iotdir last call review of draft-ietf-6lo-minimal-fragment-04
"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 26 November 2019 13:12 UTC
Return-Path: <pthubert@cisco.com>
X-Original-To: 6lo@ietfa.amsl.com
Delivered-To: 6lo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36F151208C1; Tue, 26 Nov 2019 05:12:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=KhqoIQ6n; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=lPRh7rpa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Lh8u8sR3TFIc; Tue, 26 Nov 2019 05:12:34 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58631120115; Tue, 26 Nov 2019 05:12:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2514; q=dns/txt; s=iport; t=1574773954; x=1575983554; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=Z/AlbHR0lYDZ2eUAvljtBWzolHu+oMdYwlKcMkvmBag=; b=KhqoIQ6nhe05E5GjMeFy8MlBWVAHyIgNfIcStmUuoKHB++WfCp9zdOaN r2+vOudPV7zNq0A3aPBUi6t9YNn2e128P5gN0Zi24owng38QnYKFWSCYr 9lyvbdnbkn3yTIYkbq4Ew6OAth4JLBT8Ts1lQ2gNqykOM1HSWgKpE8rHC 0=;
IronPort-PHdr: 9a23:KPhHCRTqlyDtY4AZrAUn2GsPpdpsv++ubAcI9poqja5Pea2//pPkeVbS/uhpkESXBNfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH15g640NmhA4RsuMCEn1NvnvOjQmHNlIWUV513q6KkNSXs35Yg6arw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0B0AACPI91d/51dJa1kHAEBAQEBBwEBEQEEBAEBgWsGAQELAYFKUAWBRCAECyqEK4NGA4pugl+YBIEugSQDVAkBAQEMAQEtAgEBhEACF4FfJDUIDgIDDQEBBAEBAQIBBQRthTcMhVIBAQEBAgESEREMAQE3AQQLAgEIDgwCJgICAjAVEAIEAQ0NGoVHAw4gAQKnWQKBOIhgdYEygn4BAQWFGRiCFwmBDigBjBUagUA/gRFHgU5+PoRLgw4ygiyQF48SjiBvCoIsjESJLYI/l16OSIFCmFACBAIEBQIOAQEFgVQBNoFYcBU7gmxQERSGSINzilN0gSiOOAEB
X-IronPort-AV: E=Sophos;i="5.69,245,1571702400"; d="scan'208";a="583844254"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 26 Nov 2019 13:12:33 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id xAQDCXWN019782 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 26 Nov 2019 13:12:33 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 26 Nov 2019 07:12:32 -0600
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 26 Nov 2019 07:12:31 -0600
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 26 Nov 2019 07:12:31 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n1gPlXd0WCPkf27z6YkHeDf/oMmJECsGrUiCtqzLEAXswTgMzDwrj9kmT2dwUKSNKEw9PnFYakidQS1hUxE8D51zIyYNLwFJn1j+GIoAaoeyUEG72bHnX6bdpagAZ35bIVHPGO+Zcv6+5HAm4wD1ikchhKKy6eGC1HOU8/3vwK5CLm2o2Lu3/YXxVRxk+rb1U03LeimAG0pjyFlWX7zWj51WC6OSB40SMeYPrxCZPX0uBYWhuS7SW5BeYNh9gQGSQmssgzKZILUUYdr0bLdvNcOq36wyws91gNdiq+7B1vo21kdb/AoivolZno9Ip/xDa3FCZh9ay8CmJyP63lZS5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z/AlbHR0lYDZ2eUAvljtBWzolHu+oMdYwlKcMkvmBag=; b=B9lA/PD4xjFhJW4cQ6Lnc9u3SD3wTrRuGxJ27fnAVo7/CR0G45rx/6ng+9lhF+4M7iO0LC+r44NfYpAGMOA9U+cG+QQ3E/IKwUuPLCnVQ6bhizMYMIYbfCamOnaIvTz9YjPghbEARXHFOVw6/kZI801vsAJHpxYGWGAfG/kM/SPHsoJVghE5zW8PNU086QI5dDQGI8+0Uzy0H1iJi7mwyUrAvg8v4AYAVysmHNwfg1DqS51V2xnU39xAnXWhbOP4Re3BgN8wv7gKRp7dqNYUIErfpwnLoUTT250eJSvWMSX3YNGFdnMlawl91PLy01XNLO+Gqx4/tRvp6ifI/tu+UA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z/AlbHR0lYDZ2eUAvljtBWzolHu+oMdYwlKcMkvmBag=; b=lPRh7rpaJaJnYgL/m0MKo6UviGbLB5ttGg8qMGzEv6Y2TV+34Pm+2JfsgPaGOiHRUVJkgU/uNNxTtVUBCe3AQz3dUnoN2kbFFwTsdmO22oDypirJ5xF/wk5Uh9BG14MZdHhMtrMgSwBLD+58iWYZZKCglwHx/AgDp8RhAxZIu80=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4128.namprd11.prod.outlook.com (20.179.150.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.23; Tue, 26 Nov 2019 13:12:30 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::3037:66f1:dc79:b564]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::3037:66f1:dc79:b564%7]) with mapi id 15.20.2474.023; Tue, 26 Nov 2019 13:12:30 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Ines Robles <mariainesrobles@googlemail.com>, "Iot-dir@ietf.org" <Iot-dir@ietf.org>
CC: "draft-ietf-6lo-minimal-fragment.all@ietf.org" <draft-ietf-6lo-minimal-fragment.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, "6lo@ietf.org" <6lo@ietf.org>
Thread-Topic: Iotdir last call review of draft-ietf-6lo-minimal-fragment-04
Thread-Index: AQHVpFUIy8ZfwTmG7UqQ+H4Hk2fjGKedZnQA
Date: Tue, 26 Nov 2019 13:11:50 +0000
Deferred-Delivery: Tue, 26 Nov 2019 13:11:24 +0000
Message-ID: <MN2PR11MB3565B3E1C6C4819300132E0BD8450@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <157477128880.13735.1639586563134012090@ietfa.amsl.com>
In-Reply-To: <157477128880.13735.1639586563134012090@ietfa.amsl.com>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:319a:d677:8020:aa76]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ca8caee4-ddf4-47cd-1a32-08d772724b10
x-ms-traffictypediagnostic: MN2PR11MB4128:
x-microsoft-antispam-prvs: <MN2PR11MB4128FAD994D786006910536DD8450@MN2PR11MB4128.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0233768B38
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(396003)(366004)(39860400002)(346002)(136003)(189003)(199004)(81156014)(446003)(11346002)(316002)(9686003)(256004)(478600001)(66446008)(81166006)(6246003)(6436002)(229853002)(25786009)(2501003)(8676002)(71190400001)(76176011)(110136005)(66946007)(66476007)(71200400001)(7736002)(305945005)(55016002)(74316002)(8936002)(186003)(54906003)(6506007)(66556008)(6116002)(99286004)(86362001)(102836004)(64756008)(33656002)(14444005)(5660300002)(14454004)(6666004)(52536014)(76116006)(7696005)(46003)(2906002)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4128; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: TgSh+QQVPVj134O80ke2j3IOC/XWu3tF247EoiUJPeS6fesguP7Ab48gM/rUG4AUsPltMvPMZZGYez2I1Beq9eWaNhdz7Kqu7sLt1uIO19BR0xHp5da+7AlN1RC+lWj9D0V4E4y9IgOJ0SFe9+iOvwCEcIuqZ5Dw5TDWKwkY6wMf/nxmpIvQU8z4WyCrFhI83fo0ANXyqUBSxsShS/p7KdT146FQpDzxTbhoEmJioR3CdKzL9Q6rimhZYYP7x8QHqkzU6xinxcXGwKeKHB60ZK5WACYpEw7DhxJenA8s5mHWVACWDyiy4i44GYe1DGftmrrG3wlebZXq4ChDIzu9SWj78IO0D/YwdYPTcbwag0zSn3nOkk3qEbMZTMlbUwQ9hZOBsh7vo/ktsCIFX6DxbtALhVEq5IILhUGRazX75TEpq3LCRWOQP/eliZR+N7gi
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: ca8caee4-ddf4-47cd-1a32-08d772724b10
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Nov 2019 13:12:30.5800 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 47RtgbAuW2nPTsdDyvOFxaT2Taw+Mc6hhktkmgcgkK7aGyW8NN+Rs1wA+l2iPJhkTd2xiij1gPB9TlVF/8xqCg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4128
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6lo/EYHTHHoT86CmF_K6oOErSd5mIo0>
Subject: Re: [6lo] Iotdir last call review of draft-ietf-6lo-minimal-fragment-04
X-BeenThere: 6lo@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Mailing list for the 6lo WG for Internet Area issues in IPv6 over constrained node networks." <6lo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6lo>, <mailto:6lo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6lo/>
List-Post: <mailto:6lo@ietf.org>
List-Help: <mailto:6lo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6lo>, <mailto:6lo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Nov 2019 13:12:36 -0000
Many thanks Ines! > Questions: > > 1- In Section 1 that list the components of the reassembly buffer in node B, > should it contains the datagram_offset as well? Well each fragment has a offset and a length but there's only one datagram size. Fragments are normally received in order but that's only a MUST for the first fragment. So say fragments are received in any order. You'd need to remember all the offsets. Whether the fragments are kept as received with their meta including the offset or just pasted at the right place is implementation dependent. > > 2- In Section 1, where states: "...the actual packet data from the fragments > received so far, in a form that makes it possible to detect...", I think it might be > nice to add an example referring in which form, I mean: "...in a form (e.g. ....) > that makes it possible....", what do you think? If an implementation wishes to check that it gets is all and that's there's no overlap it can remember all the offsets and sizes. Or make a linked list of the fragments as received. Or paste in a space that is big enough and in a way that allows to scan for gaps. But we do not mandate exactly if and how that's done. If we indicate one we seem to favor it and I'm concerned that people would come up with a better idea and complain. This is an internal of the implementation after all. > 3- draft-ietf-intarea-frag-fragile-17, section 3.7 states some security > vulnerabilities for IP fragmentation (The mentioned document as well defines > virtual reassembly). Do you think that some of these vulnerabilities can be > applied to 6LOWPAN fragments? For example, attacks based on predictable > 6LOWPAN fragment identification values. You're certainly right, Ines. Let me visit that and come back with an update. All the best; Pascal
- [6lo] Iotdir last call review of draft-ietf-6lo-m… Ines Robles via Datatracker
- Re: [6lo] Iotdir last call review of draft-ietf-6… Pascal Thubert (pthubert)
- Re: [6lo] Iotdir last call review of draft-ietf-6… Ines Robles
- Re: [6lo] Iotdir last call review of draft-ietf-6… Pascal Thubert (pthubert)
- Re: [6lo] Iotdir last call review of draft-ietf-6… Ines Robles