IETF Logo Mail Archive

Re: [Anima] Opsdir last call review of draft-ietf-anima-constrained-join-proxy-09

Michael Richardson <mcr+ietf@sandelman.ca> Sat, 02 April 2022 17:08 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 635323A0910; Sat, 2 Apr 2022 10:08:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uEWICHZ4KI5Z; Sat, 2 Apr 2022 10:08:44 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A70413A076E; Sat, 2 Apr 2022 10:08:42 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 8E86D38DD0; Sat, 2 Apr 2022 13:19:37 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id h__E9UpmBchf; Sat, 2 Apr 2022 13:19:36 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 56C8538DC9; Sat, 2 Apr 2022 13:19:36 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1648919976; bh=A5zGjaKivVLa1+UukYVx9Bi9P1P7IMj66EedQBuH/5E=; h=From:To:cc:Subject:In-Reply-To:References:Date:From; b=FHoAW/jBFfGRlpfk4n1Z5Xntys/jY55moRDY81fe4+WI6a81WkXDdCX787TOvA7jB +9IH/FSoHE1QZaDuTo1Ehb0ZyunRBp0e8pQKiK85sIWi1xGG//QLZe/WaOt02+0Gcc SfHs2cPRYA6qNESxCbtvLPeuu1G32IHNeFT4MHWYM5M6zmRo8xGQQ9NcX8l2Fq+ijv DAfcV4GctinL9UPf2QtVeVVKhOTDx+tVdhyXCdECTHIXw4dy9XAVJEJXsFzIRRaGzo +E1+OogV6UM7jLGZtiH6Wh/FQxF5p319DOAOSQU8qjz/3B+mxWc5Vm+yq4+nEMIkOt Q0m9cbUgwl3JQ==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 2BA413E9; Sat, 2 Apr 2022 13:08:39 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: =?utf-8?b?SsO8cmdlbiBTY2jDtm53w6RsZGVy?= <j.schoenwaelder@jacobs-university.de>
cc: ops-dir@ietf.org, last-call@ietf.org, draft-ietf-anima-constrained-join-proxy.all@ietf.org, anima@ietf.org
In-Reply-To: <164883335420.24992.11762904207626092789@ietfa.amsl.com>
References: <164883335420.24992.11762904207626092789@ietfa.amsl.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sat, 02 Apr 2022 13:08:39 -0400
Message-ID: <26980.1648919319@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/eDrL7JKs5eGzaoHn3vekhK1psM4>
Subject: Re: [Anima] Opsdir last call review of draft-ietf-anima-constrained-join-proxy-09
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Apr 2022 17:08:50 -0000

Jürgen Schönwälder via Datatracker wrote:
    > Let me start with a disclaimer: I am not familiar with BRSKI and ANIMA

...
Maybe reading RFC9030 and RFC9031 is really needed, and maybe we need more
references to that kind of architecture.

Note that RFC9031 uses OSCORE with PSKs, while this document uses DTLS with
full RFC8995 IDevIDs.  It is unclear to what extent stronger references would
confuse more than they help.

I think that we regularly have the problem in the IETF where we make a small
extension in a small document to a larger situation, and then it is
surprising when external reviewers are unable to see the big picture.
(I've been there with many routing area extensions to OSPF or BGP as well)

    > - Third, as an ops-dir reviewer, I am lacking information how this
    > will be operationally deployed, i.e., how a shared link will be
    > properly configured that may have multiple mechanisms to bootstrap
    > routable IP addresses. How do I force pledges to go through this
    > procedure before I hand out or let them discover a routable IP
    > address?

... the short is that they can't see any shared link, it is encrypted.

    > I also wonder whether alternatives been considered. Is it really
    > necessary to introduce proxies that rewrite IP addresses?  Could it be
    > easier to let Pledges discover special temporary addresses that can be

There isn't a a shared link.
There is a mesh over (RPL, RFC6550) or equivalent system.

There is no broadcast domain.

The mesh links are encrypted.
The join proxies exists on both the encrypted and unencrypted sides.
The existing RFC8995 mechanism is basically stateful NAT66, and this is a
version that is stateless.

    > used to reach (without going through a Join Proxy) the Registrar and
    > once a Pledge gets enrolled, it can pick up a more general address? Or
    > is the stateful solution not simply the more robust solution?

The stateful solution is subject to exhaustion of state by attackers.

    > I skimmed through draft-richardson-anima-state-for-joinrouter-03,
    > which has more alternatives. While properties of various solutions are
    > discussed, no clear conclusions are drawn.

Yes, because different situations calls for different engineering tradeoffs.

    > Back to this document,
    > perhaps I am missing also an applicability statement for the Join
    > Proxy solution.

more later.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [


--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email