Re: [6tisch] Mirja Kühlewind's Discuss on draft-ietf-6tisch-minimal-security-13: (with DISCUSS and COMMENT)

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Thu, 05 December 2019 12:20 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D31012004A; Thu, 5 Dec 2019 04:20:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.002
X-Spam-Level:
X-Spam-Status: No, score=-14.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, PDS_BTC_ID=0.499, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=aQWNnXg3; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ODOtsWgv
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id crJYkQQT_7MP; Thu, 5 Dec 2019 04:19:55 -0800 (PST)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com [173.37.86.80]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 044C9120047; Thu, 5 Dec 2019 04:19:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10318; q=dns/txt; s=iport; t=1575548394; x=1576757994; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=xUIyY9SvMSqpzySLc3+u/AX6vKdD00wX+g/MbrSLuwE=; b=aQWNnXg3qoV/sNTyiAv139zzsocnv3fbUqDKwlXf+IqM+yuFW2pr/o9J I6Of1W0aUjITt4rADfjwv0yrsG47XobniRbdmo1RQm+OsorDHmtmMnzMY hALe92Q2MOk4/VLIGqZRXl4QzC1j3UfnhxiWSJEIct3xWRqZRcZ5WMz+v o=;
IronPort-PHdr: =?us-ascii?q?9a23=3AscfldhVF1JCo8+bv6VoBH9t+h23V8LGuZFwc94?= =?us-ascii?q?YnhrRSc6+q45XlOgnF6O5wiEPSA9yJ8OpK3uzRta2oGXcN55qMqjgjSNRNTF?= =?us-ascii?q?dE7KdehAk8GIiAAEz/IuTtankiAMRfXlJ/41mwMFNeH4D1YFiB6nA=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0DnAACZ9ehd/4oNJK1lGgEBAQEBAQE?= =?us-ascii?q?BAQMBAQEBEQEBAQICAQEBAYF+gUspJwWBPAggBAsqCoQhg0YDinqCOiWBAZc?= =?us-ascii?q?DglIDVAkBAQEMAQEtAgEBgUyCdAIXgXskOBMCAw0BAQQBAQECAQUEbYU3DIV?= =?us-ascii?q?SAQEBAQIBEhERDAEBNwEECwIBCA4KAgIfBwICAjAVBQsCBA4FIoMAgkcDDiA?= =?us-ascii?q?BAqNyAoE4iGB1gTKCfgEBBYUJGIIXCYEOKIwXGoFBP4ERJwwUgU5JNT6EIya?= =?us-ascii?q?DEDKCLI0QJIJtni0Kgi6RQ4QXFAeCQYduizmEPoNGjEmYXgIEAgQFAg4BAQW?= =?us-ascii?q?BaSKBWHAVGksBgkFQERSMZgwXFW8BCYJCilN0gSiOAIEwAYEPAQE?=
X-IronPort-AV: E=Sophos;i="5.69,281,1571702400"; d="scan'208";a="589289664"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-9.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 05 Dec 2019 12:19:29 +0000
Received: from XCH-ALN-013.cisco.com (xch-aln-013.cisco.com [173.36.7.23]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id xB5CJTYc028850 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 5 Dec 2019 12:19:29 GMT
Received: from xhs-aln-003.cisco.com (173.37.135.120) by XCH-ALN-013.cisco.com (173.36.7.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 5 Dec 2019 06:19:29 -0600
Received: from xhs-aln-003.cisco.com (173.37.135.120) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 5 Dec 2019 06:19:27 -0600
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-003.cisco.com (173.37.135.120) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 5 Dec 2019 06:19:26 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Af4NYZDGVzgl/MQAERWwJYP5oIsWBadabLmstJEguNSlCRVl9jT4EjPqM8iAMmkcc3qVsWOPGAGuabJQm97T/fzaEKFxcNNiCLcP7AgqJguSr8EhB8MfnqPyOn6BCu26t4AoGmpXdiTCiOVNn2rvPuPO42Jl1O7msfVImnWX2UouEbfCmL3o/e5l6HVBEi5RlC1ZGfCd4mhyoBc8OEuckU+FbXF37HVrcHF1JtElH/xbwkqByUXhWHPDYFFcqe0XoppJ8217qRnhYEiSNZRZ270+SPkuZe6E+SLfV24we8Iry9tkx33+ePUXbVEcMk7Lxs46hukdxp8hjUusFA4kzA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xUIyY9SvMSqpzySLc3+u/AX6vKdD00wX+g/MbrSLuwE=; b=DYapci+xhp3cGOiwBYVYmgjUlyey5+8rIVsf36a1JJnYwqO+iaNlMNGVRpd4GJs6za/1FQKeWUU56QX8Z8uk+s0MJoiTRIGZSPHjBvyRB8JhavEqn0h6yK7NrFs26BO99skqC9RAQ3oiq24TX/AMn/h6fygTF78WU1NH5anWUoJnEEeedvSUGs3huyxfm9rlU7TPciNqFtoUqsKHaso98AxerwIxpz3Z1lDpoxUyoc/5dHTp9wrA1drp9tJJuTpT5V9UK5+08o/WZ8pSvPThq69nqXah+t0DOuj4YUkOq8w4/CF8JoXplko/wtuKvDLCgFsoEMqt+/3D0M9cawB+Uw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xUIyY9SvMSqpzySLc3+u/AX6vKdD00wX+g/MbrSLuwE=; b=ODOtsWgv7PlJxPldPzXcm7cZw0IMmfIoVXq+YD860c27cpIGkKr6L6rbvbkacOIhI8jAcCm8gbBtUKcZKpTI/j+RTzHBcTN/jdFJG020nPNx4hHJsxTLqXMTQHFq32b2swH/6aLht58eDy57CVnSJKEriaW8jpeZoZtdYtyy4oM=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4142.namprd11.prod.outlook.com (20.179.149.157) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.13; Thu, 5 Dec 2019 12:19:24 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::3037:66f1:dc79:b564]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::3037:66f1:dc79:b564%7]) with mapi id 15.20.2495.014; Thu, 5 Dec 2019 12:19:24 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Mirja Kuehlewind <ietf@kuehlewind.net>
CC: Michael Richardson <mcr+ietf@sandelman.ca>, "6tisch@ietf.org" <6tisch@ietf.org>, "draft-ietf-6tisch-minimal-security@ietf.org" <draft-ietf-6tisch-minimal-security@ietf.org>, "6tisch-chairs@ietf.org" <6tisch-chairs@ietf.org>, The IESG <iesg@ietf.org>
Thread-Topic: =?utf-8?B?WzZ0aXNjaF0gTWlyamEgS8O8aGxld2luZCdzIERpc2N1c3Mgb24gZHJhZnQt?= =?utf-8?B?aWV0Zi02dGlzY2gtbWluaW1hbC1zZWN1cml0eS0xMzogKHdpdGggRElTQ1VT?= =?utf-8?Q?S_and_COMMENT)?=
Thread-Index: AQHVjyvSyUO1vc39lEyh2oGRi+UNvKd21KwAgDTVoYCAAAPRNA==
Date: Thu, 5 Dec 2019 12:19:24 +0000
Message-ID: <EF39A5F5-249E-4565-81A3-56FB89015C64@cisco.com>
References: <157244462862.32472.6918190621522301464.idtracker@ietfa.amsl.com> <14289.1572642938@localhost>, <3C7830D8-59C5-4F78-8986-91391EF464D6@kuehlewind.net>
In-Reply-To: <3C7830D8-59C5-4F78-8986-91391EF464D6@kuehlewind.net>
Accept-Language: fr-FR, en-US
Content-Language: fr-FR
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [12.208.164.130]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bff2abed-cf18-4407-0165-08d7797d5dc8
x-ms-traffictypediagnostic: MN2PR11MB4142:
x-microsoft-antispam-prvs: <MN2PR11MB4142BD7C7930DEA8A20AE9EED85C0@MN2PR11MB4142.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 02426D11FE
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(346002)(39860400002)(376002)(136003)(366004)(396003)(189003)(199004)(51444003)(305945005)(76176011)(14454004)(478600001)(76116006)(229853002)(86362001)(6486002)(224303003)(2906002)(14444005)(6512007)(316002)(36756003)(6506007)(66574012)(11346002)(25786009)(99286004)(186003)(102836004)(26005)(66556008)(66446008)(66476007)(64756008)(71200400001)(71190400001)(2616005)(54906003)(66946007)(5660300002)(6916009)(15650500001)(91956017)(4326008)(33656002)(8936002)(81156014)(81166006); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4142; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: w/ieRGZEVIFGUms46tTbX70NOTy0lrhtyhvI6kL6TFdTPdDbUhAbxQgHIDSD2KJAcrAbqyZbSPIH9+pWZa9CgVHa4zzxprWNHc8WFVtF3AQ0R3al0Kd0pUaGO32Pd/+iFNA8qyQ545odLJSawrKzLm31vL08Ewpm82TQ6BYsPl6HFJvPWssKaBavCnQxkidFo7vhEiEqRYNVp96dKoBjw0ZS30eA+4hT7sACIsT7/xJGy1Kz93zpxRa8KHt7PiCbvw/0AKhJ8OUPevRkDNr5kR5CQjOBAor6pthW0D8LKkQ/RkcSHjfFuCelN+8miiAzlpBYbEiYt4kFfR4Vmc37Qh9Jj9XdNn/JXKVdVRUmQEu/mVEatAFCQUFhsPtk1HanhO/hCvV0IuzhbEPcJsNHfbEDr+IdBCb4faRclmsvjGxxJ1yNgpksEiIf7uUQ/Ti0FBY9SFJu4J6ZOuh1FVgrea+EZqUBJ5hkE7otX+bssTUUVGWQXFbOlScyRMgv4Xf5
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: bff2abed-cf18-4407-0165-08d7797d5dc8
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Dec 2019 12:19:24.6336 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ELp7mI1KqoHldN9xMw9nWyVAeLi5e9xF8GVbyCgNgTh7lWnKp7PNDTJVxm/iCbtW/p2xNuhG72XCy0CUDZp4nQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4142
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.23, xch-aln-013.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/TuV-yO-lNCN9qpRSqtjmi_wyKKs>
Subject: Re: [6tisch] =?utf-8?q?Mirja_K=C3=BChlewind=27s_Discuss_on_draft-iet?= =?utf-8?q?f-6tisch-minimal-security-13=3A_=28with_DISCUSS_and_COMMENT=29?=
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Dec 2019 12:20:01 -0000



Regards,

Pascal

> Le 5 déc. 2019 à 04:06, Mirja Kuehlewind <ietf@kuehlewind.net> a écrit :
> 
> Hi Michael,
> 
> Sorry for my late reply (but I guess you could have just went ahead and push a new version anyway…). Please see below.
> 
>>> On 1. Nov 2019, at 22:15, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>>> 
>>> 
>>> <#secure method=pgpmime mode=sign>
>>> 
>>> Mirja Kühlewind via Datatracker <noreply@ietf.org> wrote:
>>> 1) I hope this point can be resolved quickly as it seems to only need a
>>> bit more specifics but I think this part is not sufficient:
>> 
>>> Sec 6.1: "The Join Proxy implements a data cap on outgoing join traffic
>>> through CoAP's congestion control mechanism."
>> 
>>> I think this needs an normative requirement here. Congestion control is
>>> supposed to avoid network overload but also to make use available
>>> resources.  The congestion control as currently defined for CoAP would
>>> probably limit the join traffic appropriately (to something like one
>>> packet per RTT likely) but CoAP could in theory use any time a
>>> different more aggrieve congestion and therefore just relying on
>>> congestion control generically doesn't seem to be sufficient.
>> 
>>> I
>>> recommend to define a hard limit, e.g. 1 packet per RTT or 1 packet per
>>> 3 seconds if RTT is unknown (as recommended in RFC8085) and say that
>>> this can be achieved by congestion control as specified in the base
>>> CoAP spec.
>> 
>> okay, how about:
>> 
>> + The Join Proxy implements a data cap on outgoing join traffic by implementing
>> + the <xref target="RFC8085" /> section 3.1.3 recommendation of 1 packet per 3
>> + seconds.
>> + This can be achieved with the congestion control mechanism specified
>> + in <xref target="RFC7252" /> section 4.7.
> 
> Great! Thanks!
> 
>> 
>> 
>>> Further on there seems to be an implicit requirement that
>>> the JP MUST implement rate limit using the PROBING_RATE parameter,
>>> however, that is never explicitly spelled out as a normative
>>> requirement. However, if this rate is not provided by the JRC, it
>>> doesn't seem that any rate limiting has to be enforced. So maybe it
>>> would be good to be more strict here.
>> 
>> I think you are saying that we should have a default PROBING_RATE, if the JRC
>> does not specify one.  I think that we assumed that the RFC7257 section 4.8
>> value of 1 byte/second would apply. please confirm?
> 
> Yes, stating this explicitly would be good!
> 
>> 
>>> 2) Also, not sure if this editorial or a real issue but I'm not sure I
>>> fully understand this sentence:
>> 
>>> Sec 6.1.1: "A Join Proxy that does not set the DSCP on traffic
>>> forwarded should set it to zero so that it is compressed out."  If the
>>> proxy does NOT SET DSCP, why should it SET it to zero?
>> 
>> Because RFC6282 (and friends) has specific encoding to omit DSCP if it is zero.
> 
> I understand what you want to do but saying “does not set” but “should set” seems to be contracting. I think this is only a wording issue though. I guess it could be something like this:
> 
> "A Join Proxy that does not require a specific DSCP value on traffic
> forwarded should set it to zero so that it is compressed out.”
> 
> 
>> 
>>> I would think it
>>> either sets it to AF43 or it does nothing about it because DSCP is not
>>> really used in that network.
>> 
>> In 6tisch networks, different DSCP points can be used to get different
>> behaviours, see .... UHM. Let me get back to you on this, because the
>> reference has evaporated.
> 
> A reference would be good (in the draft) :-)
> 
>> 
>>> 3) This may also be mostly editorial but just to be sure: Section 7.2
>>> provides default values for some of the CoAP transport parameter (where
>>> 2 of 3 are the same as defined in RFC7252) but not for all. Why is
>>> that?
>> 
>> We got pushback about relying on 7252 defaults, because what if they changed.
> 
> That’s fine but the you need to add all values!
> 
>> 
>>> 4 ) And then finally on references (again): Given that use of
>>> I-D.ietf-core-stateless is recommend, I believe it should be normative
>>> (and wait for publication of that doc).
>> 
>> I guess since it's a MUST for the JRC, we need to do that.
> 
> Good. Thanks!
> 
> 
>> 
>>> ----------------------------------------------------------------------
>>> COMMENT:
>>> ----------------------------------------------------------------------
>> 
>>> I'm putting this one question in the comments section because there is
>>> no concern that it does not work as specified but I wonder about the
>>> design of the Parameter Update Response Message. Given the Parameter
>>> Update Message is a confirmable CoAP message that is transmitted
>>> reliable and the content of the Parameter Update Response Message is
>>> empty, why do you need to send the Parameter Update Response Message at
>>> all?
>> 
>>> And some minor comments (mostly editorial proposals):
>> 
>>> 0) I'd recommend to "Constrained Join Protocol (CoJP)" in the document
>>> title to make clear that this is a protocol spec and not "only" and
>>> abstract framework or something...
>> 
>> so like:
>>  title: Constrained Join Protocol for 6TiSCH
> 
> Do you propose to get rid of the “Minimal Security Framework” part and only call the document "Constrained Join Protocol (CoJP) for 6TiSCH”. I think this would be a more appropriate title, but maybe confirm with the rest of the group.
> 
> Thanks!
> Mirja
> 


I’m happy with the renaming. We had a trend to call everything minimal just like there was a trend to call thing simple. That’s fine to remember what we are after during the development phase of the protocol but useless and hard to prove afterwards.

The Minimal fragments draft  was already renamed by the way...


> 
>> 
>>> 1) Sec 3: Maybe I'm missing something but this seems contradictory:
>>> "Provisioning the network identifier is RECOMMENDED."  And then at the
>>> end of that paragraph: "This parameter MUST be provisioned to the 6LBR
>>> pledge."+
>> 
>> You are right. The last sentence does not belong.
>> During the join process, the network identifer, returned in the CoJP response
>> is a MUST (8.4.1)
>> 
>>> 2) Sec 4.3.2: Not sure I fully understand the context of this sentence:
>>> "The JP operates as the application-layer proxy."  Maybe "... operates
>>> as an application-layer proxy" or probably even better "operates as
>>> application-layer proxy" ? Also at this part of the document it is not
>>> clear that the proxy actually interprets the CoAP message. I recommend
>>> to mention this earlier in the doc and maybe add a forward reference to
>>> section 7.
>> 
>> reference added.
>> 
>>> 3) Sec 5: Maybe just to be absolutely clear: OLD: "When sending frames
>>> during the join process, the pledge sends unencrypted and
>>> unauthenticated frames."  NEW: "When sending frames during the join
>>> process, the pledge sends unencrypted and unauthenticated frames at the
>>> link layer."
>> 
>> done.
>> 
>>> 4) Sec 6: "As a special case, the 6LBR pledge is expected to have an
>>> additional network interface ..."  MAYBE: "As a special case, the 6LBR
>>> pledge may have an additional network interface ..." ?
>> 
>> done.
>> 
>> 
>> --
>> Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works
>> -= IPv6 IoT consulting =-
>> 
>> 
>> 
>> 
>