Re: [aqm] Review of draft-ietf-aqm-codel-07

Jana Iyengar <jri@google.com> Wed, 22 March 2017 05:10 UTC

Return-Path: <jri@google.com>
X-Original-To: aqm@ietfa.amsl.com
Delivered-To: aqm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ADA412945A for <aqm@ietfa.amsl.com>; Tue, 21 Mar 2017 22:10:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VanYPBYgSjf8 for <aqm@ietfa.amsl.com>; Tue, 21 Mar 2017 22:10:15 -0700 (PDT)
Received: from mail-vk0-x230.google.com (mail-vk0-x230.google.com [IPv6:2607:f8b0:400c:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1F40129459 for <aqm@ietf.org>; Tue, 21 Mar 2017 22:10:15 -0700 (PDT)
Received: by mail-vk0-x230.google.com with SMTP id r69so5253765vke.2 for <aqm@ietf.org>; Tue, 21 Mar 2017 22:10:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5Gm2jlSTFBRw+QETQ1oGEA0bzyEcP/oREwyeO7z1t+8=; b=F6RYfmt29GLe7A+S6p/TrlVfpFhHPQXRBdVkmylwAhymusm9jgzEinFjv1+8rZCXTX lGakX67QZAWi+oCaaKnxZu2v/1lLzHHBS0D4JsL6Au8Vf9CYMy1poS9WaPCF8rwInnOu kl4KeEDOSjHDJX+IhCyZNOJ/EPo7iNKes2Ct02G3fONzFXUIvV8d3CYLiw3JfEuIPQrJ s4zROaP1myX+Mm3x1VcmxavW5IBtKbMg09g2oJHeDo1zE+Qzu3Qqh0zBD8BM6zaz4Ccu sBf07zI/pZOTez17jRWjHTGFHvEdzCfAk+NwFSvZpKAAwzWtZSI3BkqInb4jZviwAxj9 BGmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5Gm2jlSTFBRw+QETQ1oGEA0bzyEcP/oREwyeO7z1t+8=; b=FBWdoCmZCIo1s3sukNsX/w1cCTiECvBgi4AePQEnp0M/61BSH55lDc+8O6kImHnRIa VBKAHLOaZBxoayPFa7IwRfgFAjPXBoracCE7Xr/DR9QQTkfgkZUhZ3A0JFdE3JR+qyqE TULYmTkQ+myeG83kkzvHALLB4ClppNnFQG/xXVvusgj+yB2qiqHF9kRrAYFdiYB9Lb7b SQWZ02GCj9OkM3fpwvys5A2SQoaidQ6Q/NsRxgb1fPmfq966w45oE1eB4MQCRyWRUR3X dx1MpUDX4YgcYVNsPGor8X1H0yEP+xs2/iG4RissMaHF5vlSxbXEzGuiXaV99Tk94DtS +qJg==
X-Gm-Message-State: AFeK/H3eeHbhxqC5C9mW6dTw2x6lByF0gUuculh/TqBQn40BfVXijMleuwCmrwyjPzs4IdYv6Mzb9I1Tgk9hoE1d
X-Received: by 10.176.74.155 with SMTP id s27mr14109789uae.143.1490159414417; Tue, 21 Mar 2017 22:10:14 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.15.6 with HTTP; Tue, 21 Mar 2017 22:10:13 -0700 (PDT)
In-Reply-To: <F1C1D5B02EA3FA4A8AF54C86BA4F325CEB8479@DGGEMA501-MBS.china.huawei.com>
References: <149008338604.24977.6083947817909590331@ietfa.amsl.com> <F1C1D5B02EA3FA4A8AF54C86BA4F325CEB8479@DGGEMA501-MBS.china.huawei.com>
From: Jana Iyengar <jri@google.com>
Date: Tue, 21 Mar 2017 22:10:13 -0700
Message-ID: <CAGD1bZZQYU7opPhVt6o_=h5Q7rYMKe159m50V=9NGaQjFgYAxA@mail.gmail.com>
To: "Gengxuesong (Geng Xuesong)" <gengxuesong@huawei.com>
Cc: Yoav Nir <ynir.ietf@gmail.com>, "secdir@ietf.org" <secdir@ietf.org>, "draft-ietf-aqm-codel.all@ietf.org" <draft-ietf-aqm-codel.all@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "aqm@ietf.org" <aqm@ietf.org>
Content-Type: multipart/alternative; boundary=f403045ef6548e677b054b4ac607
Archived-At: <https://mailarchive.ietf.org/arch/msg/aqm/6ODF_4dxxYQovoFtMGC-P4eNlG4>
Subject: Re: [aqm] Review of draft-ietf-aqm-codel-07
X-BeenThere: aqm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussion list for active queue management and flow isolation." <aqm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/aqm>, <mailto:aqm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/aqm/>
List-Post: <mailto:aqm@ietf.org>
List-Help: <mailto:aqm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/aqm>, <mailto:aqm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Mar 2017 05:10:18 -0000

Thanks Yoav, Emma. I can try to move Sec 5 before Sec 3, if that helps.
Yoav: What do you suggest we add for security considerations?

Thanks for the reviews!
- jana


On Tue, Mar 21, 2017 at 7:04 PM, Gengxuesong (Geng Xuesong) <
gengxuesong@huawei.com> wrote:

> Hi,
>
> I can not agree more on this.
> It is well written, but I really think I can get the point of the draft
> faster if I can read the section 5 before section 3.
>
>
> Best Regards,
> Emma (Xuesong)
>
> -----Original Message-----
> From: aqm [mailto:aqm-bounces@ietf.org] On Behalf Of Yoav Nir
> Sent: Tuesday, March 21, 2017 4:03 PM
> To: secdir@ietf.org
> Cc: draft-ietf-aqm-codel.all@ietf.org; ietf@ietf.org; aqm@ietf.org
> Subject: [aqm] Review of draft-ietf-aqm-codel-07
>
> Reviewer: Yoav Nir
> Review result: Has Nits
>
> Hi,
>
> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the IESG.
> These comments were written primarily for the benefit of the security area
> directors.  Document editors and WG chairs should treat these comments just
> like any other last call comments.
>
> The document describes the CoDel (controlled delay) framework for reducing
> bufferbloat. It does a good job of describing the problem, outlining the
> solution and providing both a description of the algorithm (including
> pseudo-code) and linking to real world implementations.
>
> Two nits:
>
> 1. A lot of terms are used long before they are explained, such as
> Estimator, Sojourn time, Interval (BTW: if this is a moving interval the
> spec should probably say so). When reading sections 3 I concluded that the
> document was aimed at peopel who already knew all these terms and didn't
> need definitions, but then reading section 5 gave me a lot of a-ha moments
> about what I had read previously.
>
> 2. The security considerations section says "There are no specific
> security exposures associated with CoDel."  CoDel is about dropping
> packets, so immediately I have to think how I could subvert a router
> running CoDel to drop other people's packets. Perhaps it is fine to say
> that there are no known attacks on CoDel and no steps necessary to mitigate
> such, but I think it's tempting fate and hackers to say that CoDel has no
> security exposures.
>
> _______________________________________________
> aqm mailing list
> aqm@ietf.org
> https://www.ietf.org/mailman/listinfo/aqm
>