IETF Logo Mail Archive

Re: [Anima] 2nd WGLC for draft-ietf-anima-constrained-join-proxy-12, ends September 20th 2022

Michael Richardson <mcr+ietf@sandelman.ca> Thu, 03 November 2022 10:34 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 133DEC14F73B for <anima@ietfa.amsl.com>; Thu, 3 Nov 2022 03:34:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.705
X-Spam-Level:
X-Spam-Status: No, score=-1.705 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (bad RSA signature)" header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O6tOChExukgp for <anima@ietfa.amsl.com>; Thu, 3 Nov 2022 03:34:26 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FF71C14F739 for <anima@ietf.org>; Thu, 3 Nov 2022 03:34:24 -0700 (PDT)
Received: from dyas.sandelman.ca (ipv6.dooku.sandelman.ca [IPv6:2607:f0b0:f:6::1]) by relay.sandelman.ca (Postfix) with ESMTPS id EFD041F45D; Thu, 3 Nov 2022 10:34:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=sandelman.ca; s=mail; t=1667471662; bh=oK8kUYRjJ8O9u600ZcvUp09vLj8EvWEJWZ62/JN0Rxw=; h=From:To:Subject:In-reply-to:References:Date:From; b=CEhYXvRUaAC338e5WkTbsaSJFn5FQrlJzazpUqp/ChaXq1bcg+f4BMBUy2XBO/sfx fXnhCKBQGTg8wJx7KPP8WCRov60z5VGGcI9cNgasjopBIIlY3cIGG3/MoZ3sU8PrC4 EIPQQERSea16YJ11aNOnHb0iOmmX/Ia4XXdm7z0DPlQrewXv8Os+C5q6txmf20gvzi /e/VgwZFnPDwInFPEE0HbVh4xzW5L5qx3SD3My2VzJmQ6DibGfVY25DxdaK0iFPcEA zImGSuqJgXofYceDMqq4LyWuNGGdwYxLgKuETIWieEWmWyNVIGJTPAxf9JGlRH5vWv pi2mdCSlg3hqQ==
Received: by dyas.sandelman.ca (Postfix, from userid 1000) id CC016A0C73; Thu, 3 Nov 2022 11:33:47 +0100 (CET)
Received: from dyas (localhost [127.0.0.1]) by dyas.sandelman.ca (Postfix) with ESMTP id C9A8DA0C43; Thu, 3 Nov 2022 10:33:47 +0000 (GMT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Toerless Eckert <tte@cs.fau.de>, Esko Dijk <esko.dijk@iotconsultancy.nl>, Anima WG <anima@ietf.org>
In-reply-to: <Y2NlC2iCgtyn3T2I@faui48e.informatik.uni-erlangen.de>
References: <Yxd/oBl0dmbmUI8L@faui48e.informatik.uni-erlangen.de> <DU0P190MB1978F420D478B93CE29F36D3FD4C9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <46723.1663756262@dooku> <DU0P190MB1978AC04BBB22272B360984DFD4F9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <YzH8R88OY/kNDLxz@faui48e.informatik.uni-erlangen.de> <DU0P190MB1978A4C862C2DE321FD8680EFD229@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <Y2NlC2iCgtyn3T2I@faui48e.informatik.uni-erlangen.de>
Comments: In-reply-to Toerless Eckert <tte@cs.fau.de> message dated "Thu, 03 Nov 2022 07:51:55 +0100."
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.3
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Thu, 03 Nov 2022 10:33:47 +0000
Message-ID: <841584.1667471627@dyas>
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/rLo6lGrw7a5Udvu96ZBIldvk8uo>
Subject: Re: [Anima] 2nd WGLC for draft-ietf-anima-constrained-join-proxy-12, ends September 20th 2022
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2022 10:34:30 -0000

Toerless Eckert <tte@cs.fau.de> wrote:
    > On Wed, Oct 12, 2022 at 07:49:06AM +0000, Esko Dijk wrote:
    >> For the stateless proxy, it is hard to determine a good rate limit number. 1% is not good because it would slow down the joining process of a genuine Pledge to a crawl. Some strategies that could work better:

    > What is the typical lowest-bitrate that you are worried about,
    > and what is the total amount of data of an enrolment process ?

Onboarding with a certificate takes around ~3kbytes of data, particularly DTLS overhead.

    > How would you deal with proxies that are on frequencies where the duty cycle
    > is limited by law. For example devices on my 868 home automation network needs to maintain
    > a 1%/hour duty cycle.

"by law" or by regulation or by protocol?
Your 868 system might be unable to complete onboarding, or maybe it will take
an hour.

    > The problem to me seems that under those regulations, badly behaving nodes
    > can force proxy and registrar into exhausting their regulatory limit as
    > well unless either proxy and/or registar do something against that.

Yes, that's true, and why we want to be able to switch onboarding on/off.

    > It almost feels as if radio networks where there are strict duty-cycle
    > limits are requring per-pledge state on the proxy if the proxy wants to
    > defend itself against the attacking pledge exhausting the proxies own
    > duty-cycle. Unless the proxy function itself stricly operates
    > independent of pledge on a cycle that is below the overal permitted
    > duty-cycle for the proxy.

Yes, if one has ram and power, a stateful proxy can do a better job of
defending the network against attacks.  A mains-powered PLC gateway between
power and 802.15.4 could/should do exactly that.
(Mind: I saw PLC systems that do Gb/s at networkX two weeks ago...)

    > Proxy operations as described in this document are not necessarily sufficient
    > to protect proxy and/or registrar against misbehaving pledges that attack
    > proxy/registar with too much data, especially when using (radio) networks
    > with regulatory limitations on the volume permitted per sender (such as
    > 1% duty-cycle per hour limitatios).

Yes.  But, let's not boil the ocean.
It's a PS.  We need to finish it so that we can deploy it so that we can
learn.  Perfect is the enemy of good enough.


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email