Re: [Anima-signaling] Comments needed: issues in draft-ietf-anima-grasp-09

Michael Richardson <> Thu, 02 March 2017 14:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BD138129577 for <>; Thu, 2 Mar 2017 06:15:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id e8FX8n3u51iX for <>; Thu, 2 Mar 2017 06:15:48 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2AC031294E9 for <>; Thu, 2 Mar 2017 06:15:48 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 957622009E for <>; Thu, 2 Mar 2017 09:38:08 -0500 (EST)
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id 5CCF1636BB for <>; Thu, 2 Mar 2017 09:15:47 -0500 (EST)
From: Michael Richardson <>
To: Anima signaling DT <>
In-Reply-To: <>
References: <>
X-Mailer: MH-E 8.6; nmh 1.6+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Date: Thu, 02 Mar 2017 09:15:47 -0500
Message-ID: <>
Archived-At: <>
Subject: Re: [Anima-signaling] Comments needed: issues in draft-ietf-anima-grasp-09
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 02 Mar 2017 14:15:49 -0000

Brian E Carpenter <> wrote:
    > - Split the document? [Charlie Perkins]

    > "parts of the document seem more philosophical than
    > prescriptive... It should be considered to break the document
    > into a Requirements document and a more rigorously defined
    > protocol solution document."

    > Proposed resolution: writing a separate requirements document
    > was essentially excluded when the WG was chartered. Unless the
    > WG and AD want to backtrack on that, the proposed resolution
    > is to *not* do this. Of course, all the specific review comments
    > about non-rigorous text will be actioned.

Mark the parts of the document which are requirements.
not having seperate documents doesn't mean that we can't be clear.

    > - Clarify security [Charlie Perkins]

    > "In some
    > places, ACP seems to be mandated, and in other places that is relaxed
    > to mean "a sufficient security mechanism".  It would be better to
    > identify the security requirements, and put them unmistakably in the
    > Security Considerations section, which deserves to have teeth."

    > (and various detailed comments in the text)

    > Of course we will deal with the detailed comments. The larger
    > issue is whether we should move most of the security discussion
    > to the Security Considerations section.

    > Proposed resolution: *Waiting for WG Chair and AD guidance.*

I think I already expressed my opinion:  "must be secured by ACP".
I would like no other exceptions or allusions to DTLS, etc.

    > - Text on circular dependencies [Joel Halpern]

    > Proposed resolution: We should be more explicit that this is a complex
    > issue that is simply not handled by the GRASP layer and that must be
    > considered by ASA designers.


    > Proposed resolution: No change.

    > "3.8.13.  No Operation Message

    > In fragmentary CDDL, a No Operation message follows the pattern:

    > noop-message = [M_NOOP]

    > This message MAY be sent by an implementation that for practical
    > reasons needs to activate a socket.  It MUST be silently ignored by a
    > recipient.

    > CEP: ?? what does it mean to "activate" a socket?  Is there something
    > about
    > how long a socket may remain open but not used?"

    > Not that I know of. But I discovered that to find out the port number
    > assigned to a socket, you pretty much have to perform sendto() and
    > getsockname(), so the ability to send a no-op during initialisation
    > seemed reasonable. I could have just sent a zero, but a well-defined
    > message seemed better.

Also, we may need traffic to keep ACP links alive, or discovery that they are
in fact dead.  Or just for debugging.  It just seems useful to have to me.

Michael Richardson <>ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-