[Anima-signaling] On Charlie's comments on draft-ietf-anima-grasp-10
Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 05 March 2017 02:29 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima-signaling@ietfa.amsl.com
Delivered-To: anima-signaling@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A6941293D6 for <anima-signaling@ietfa.amsl.com>; Sat, 4 Mar 2017 18:29:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hPlI-nG3-cwR for <anima-signaling@ietfa.amsl.com>; Sat, 4 Mar 2017 18:29:15 -0800 (PST)
Received: from mail-pg0-x22a.google.com (mail-pg0-x22a.google.com [IPv6:2607:f8b0:400e:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E9CAF126B6D for <anima-signaling@ietf.org>; Sat, 4 Mar 2017 18:29:14 -0800 (PST)
Received: by mail-pg0-x22a.google.com with SMTP id 77so11260765pgc.1 for <anima-signaling@ietf.org>; Sat, 04 Mar 2017 18:29:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:organization:message-id:date:user-agent :mime-version:content-transfer-encoding; bh=BNjUGqB9A//QMrmmKbp/jXAzhd95nN7bkt11mHX2Ce8=; b=clJf4OhW0MtUP1zezPYzvY1Qt5Vj/+J19fbIVDrOQXi3PgczL84O4wIMFCThYKEOKd IHE068o+DnfeuSwJeQiuPKQRQcwi/LH8RyVO8UhIOlL0Up2aXm6B1D8VNcM+BwaWajg8 y+Bs0hO9vJZQJphYjGO2D90ITrNmaoIoZ8AEF+1DozaVd7znCBoL1GJnaoQpj7Y7UI5S 5FtbfO0zPVRE0/an55AN2TMkTxsSxKG0sbsXRP6CXDINwas9zKy70KAAEYPoKkuZFn+g FMtgaQRF2ngWKlvmDJSWUQVlr+ztjHcvu0BTwc0BEoS1xUiER3L60kNlQTpZUpWNj+WO JYvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:organization:message-id:date :user-agent:mime-version:content-transfer-encoding; bh=BNjUGqB9A//QMrmmKbp/jXAzhd95nN7bkt11mHX2Ce8=; b=MGMYMS2UMtjY9iu2jaMMh7JOnaTNYKI+eOfIlIjg61gDvwJNEU4PXQBTvfQ+8bKIhS gZZgCpCM9EKH0JhPCTh0eTQ8UvCCNh5AVmYdDiJFpUoNdqy2wJdl1D58z/fRIRAFpg4Z UrjGHQeVg2hYVFlf8iJNv1IuP976LVmBsrWCsGGR3wuCUqUmWyZLLjfzT8qDWq6N/Ncl AvZDCQ/TOaWCDySWG+o/TuJYJR/IXDC45J2bBAy7gSDErOshTMH6JWfhlpD23RvBVt49 stlRaFG4v7JUNon1IYhU99JgZIrzMTgHd/x2NmgH3+JubvsGhYjGg8O6LXbGKg9ziVA3 REnw==
X-Gm-Message-State: AMke39kwBcqDnJFi9PaTfXT9CS/8+Dt5IWm0888PhCyQFsOqgCI5wHte8WcWlD/cFZ1FSw==
X-Received: by 10.84.173.228 with SMTP id p91mr15520488plb.121.1488680954456; Sat, 04 Mar 2017 18:29:14 -0800 (PST)
Received: from ?IPv6:2406:e007:7204:1:28cc:dc4c:9703:6781? ([2406:e007:7204:1:28cc:dc4c:9703:6781]) by smtp.gmail.com with ESMTPSA id 19sm31312057pfo.50.2017.03.04.18.29.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 04 Mar 2017 18:29:14 -0800 (PST)
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
To: Anima signaling DT <anima-signaling@ietf.org>, Charlie Perkins <charles.perkins@earthlink.net>, "Joel M. Halpern" <jmh@joelhalpern.com>
Organization: University of Auckland
Message-ID: <c7d2feb0-ed51-76fe-13bf-b8c6f8c99b15@gmail.com>
Date: Sun, 05 Mar 2017 15:29:10 +1300
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-signaling/oaUj7W-TkpIh8mJjPFu_ZFg3nLQ>
Subject: [Anima-signaling] On Charlie's comments on draft-ietf-anima-grasp-10
X-BeenThere: anima-signaling@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the signaling design team of the ANIMA WG <anima-signaling.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-signaling/>
List-Post: <mailto:anima-signaling@ietf.org>
List-Help: <mailto:anima-signaling-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-signaling>, <mailto:anima-signaling-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Mar 2017 02:29:16 -0000
Here's a stream of consciousness about some of Charlie's comments - mainly ones where I didn't just say "yes, he's right" and make the suggested change. Some of them are matters of taste, of course. Brian > D6. Some objectives may only be significant on the local link,... > CEP: Can GRASP *require* on-link? We have made that an API feature, and the issue is covered in the "Constrained Instances" section. > T1. It should be convenient for ASA designers to define... > CEP: This means: understanding of GRASP depends on choice of operating system. > --> is GRASP "off-limits" for implementation on kernel-only devices? Not intentionally, phrasing adjusted accordingly. > T2. The protocol should be easily extensible... > CEP: This doesn't really say anything... Well, it helped to determine the MESSAGE_TYPE mechanism. > T9. The protocol needs to be fully secured... > CEP: It seems this is NOT a requirement for GRASP. It should be relocated > to the Security Considerations. The requirement is that protocol exchanges are secure; the phrasing was inaccurate. As a *requirement* it seems to belong here. > It is expected that GRASP will access the ACP by using a > typical socket interface. > CEP: The last sentence doesn't really belong here. It needs to be said; it was very unclear during earlier WG discussions. > o Convergence of negotiation procedures ... > CEP: Not clear why any such multi-step iterative negotiation would exist. This is fairly basic in autonomics, when assigning resources from a limited pool, with a tree structure of allocators. > 3.5.3. Transport Layer Usage > ...MUST NOT be fragmented > CEP: What about 802.15.4 with IPv6 addresses and objective parameters? The RFC4944 adaptation layer provides a 1280 byte MTU. So I guess that sets the limit. Added to the section on Message Size: <t>The maximum size of multicast messages (M_DISCOVERY and M_FLOOD) depends on the link layer technology or link adaptation layer in use.</t> > CEP: Previous IESG guidance has required MUST for exponential backoff. > (and exponent MUST be 2). (I don't necessarily agree with this) It might be the wrong semantic. If you are waiting for another node to come up, a waiting time that tends to infinity is not what you want at all. Something less than exponential may be perfectly fine. So SHOULD seems appropriate (in all places where this issue comes up). > o GRASP_DEF_TIMEOUT (60000 milliseconds) > CEP: That's a long, long time... True. That's somewhat intentional, since we have no idea what might be appropriate for an arbitrary application of GRASP. During debugging, I found it quite useful (enough time to notice that something was stuck, and investigate a little before the timeout occurs). > 3.7. Session Identifier (Session ID) > This is an up to 32-bit opaque value used to distinguish multiple > [CEP deleted 'up to'] Actually, it *is* 'up to'. In CBOR, an integer <65536 is encoded in 16 bits, and <256 in 8 bits. OLD: > The embedded Locator Option(s) (Section 3.9.5) point to diverted > destination target(s) in response to a Discovery message. NEW from CEP: > The embedded Locator Option(s) (Section 3.9.5) points to diverted > destination target(s) in response to a Discovery message. Both seem wrong. Let the RFC Editor decide :-) > Since GRASP is intended to be deployed in a single administrative > domain operating its own trust anchor and CA, there is no need for > a trusted public third party. In a network requiring "air gap" > security, such a dependency would be unacceptable. > CEP: More explanation is needed for this. Actually I think less, much less, is needed in *this* document. Since we are requiring an external security mechanism, this whole point belongs there (the ACP draft). So my draft has shortened this text considerably. > The GRASP protocol is agnostic about the role of individual ASAs > CEP: the concept of "role" does not seem to be well-defined. ... > CEP: Not clear what is the value of this text. Yes, the WG has punted on roles and authorization - left for a possible rechartering. So we have no definition beyond the dictionary meaning. But the text is intended to guide implmenters in the meantime. (ends)
- [Anima-signaling] On Charlie's comments on draft-… Brian E Carpenter