Re: [art] Artart last call review of draft-ietf-anima-constrained-join-proxy-10
Peter van der Stok <stokcons@bbhmail.nl> Fri, 20 May 2022 12:53 UTC
Return-Path: <stokcons@bbhmail.nl>
X-Original-To: art@ietfa.amsl.com
Delivered-To: art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E76AC15949B; Fri, 20 May 2022 05:53:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bbhmail.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wtfvSKu3hBJB; Fri, 20 May 2022 05:53:35 -0700 (PDT)
Received: from relay4.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04864C15948A; Fri, 20 May 2022 05:53:34 -0700 (PDT)
Received: from omf01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 09F016196E; Fri, 20 May 2022 12:53:32 +0000 (UTC)
Received: from [HIDDEN] (Authenticated sender: stokcons@bbhmail.nl) by omf01.hostedemail.com (Postfix) with ESMTPA id 62ECE6000C; Fri, 20 May 2022 12:53:32 +0000 (UTC)
MIME-Version: 1.0
Date: Fri, 20 May 2022 14:53:32 +0200
From: Peter van der Stok <stokcons@bbhmail.nl>
To: Rich Salz <rsalz@akamai.com>
Cc: art@ietf.org, anima@ietf.org, draft-ietf-anima-constrained-join-proxy.all@ietf.org, last-call@ietf.org
Reply-To: stokcons@bbhmail.nl
Mail-Reply-To: stokcons@bbhmail.nl
In-Reply-To: <165289586535.62014.2505614272779220900@ietfa.amsl.com>
References: <165289586535.62014.2505614272779220900@ietfa.amsl.com>
Message-ID: <6e3f0c019bf4f46549a9a8337e9a82ae@bbhmail.nl>
X-Sender: stokcons@bbhmail.nl
Organization: vanderstok consultancy
Content-Type: multipart/alternative; boundary="=_569ecaeadacad95cc6eafd7ba0c2fa12"
X-Stat-Signature: cfhobxkmuhcnpozrr4yb9553z6qr3bp1
X-Rspamd-Server: rspamout04
X-Rspamd-Queue-Id: 62ECE6000C
X-Session-Marker: 73746F6B636F6E73406262686D61696C2E6E6C
X-Session-ID: U2FsdGVkX191fNGzIjxgkkhBO9c5avHT5XVOY+X29EM=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bbhmail.nl; h=mime-version:date:from:to:cc:subject:reply-to:in-reply-to:references:message-id:content-type; s=key; bh=/nxQ0qf7Eg4YKVGxlwcP7zjCVFeZTKvxQqR57h8riMc=; b=QCf74IKueNBNZk8Dfq0gi85ju5i7ZkvFNp+3LxVbwUozXGD6OGLdCorixbTPYSXjF9OVJbKapEdWe0N0n9MeZBsZM/2/gv4vfgMeQ78+Si1rqODLa1jUy7BzMulD4mjkG5CUhluZse05uDVXqIwmVep4C6nG3mbxfkwJaWRed8g=
X-HE-Tag: 1653051212-995985
Archived-At: <https://mailarchive.ietf.org/arch/msg/art/rkEQ_70SqV__nJ4agcpIArw_ErY>
Subject: Re: [art] Artart last call review of draft-ietf-anima-constrained-join-proxy-10
X-BeenThere: art@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Applications and Real-Time Area Discussion <art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/art>, <mailto:art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/art/>
List-Post: <mailto:art@ietf.org>
List-Help: <mailto:art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/art>, <mailto:art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 May 2022 12:53:39 -0000
Hi Rich, many thanks for the useful suggestions. Below my reactions. Most of your suggestions have been taken over. Greetings, Peter Rich Salz via Datatracker schreef op 2022-05-18 19:44: > Reviewer: Rich Salz > Review result: Ready with Nits > > A block diagram that show the participants and the protocols (like DTLS > or > RFC4944, etc) would be very helpful to someone new to this field. Like > me. > > ==>pvds > A forward pointer to figure 1 has been added to the introduction. > ==> > > Sec 1. > "Once a Pledge is enrolled, it can act as constrained Join Proxy > between other > Pledges and the enrolling Registrar." Is that a special function of > JP-based > enrollment, or could anyone in the mesh be a JP? > > ==>pvds > NEW > An enrolled Pledge can act as constrained Join Proxy between other > Pledges and the enrolling Registrar. > ==> > > The 1,2 item list has a > spurious "that" in the second entry. > ==>pvds > removed > ==> > > The "Similar to..." part in the last > paragraph is a sentence fragment. > > ==>pvds > NEW > Similar to the difference between storing and non_storing Modes of > Operations (MOP) in RPL [RFC6550], the stateful and stateless modes > differ in the way that they store the state required to forward the > return packet to the pledge. > ==> > > Sec 4. > Oh, you have a diagram here. Spread out the distance between R and J > so that > "multi-hop" fits on one line maybe. Consider adding to it and moving it > to Sec > 1. Or at least in Sec 1 have a forward pointer. > ==>pvds > This is the diagram proposed by my co-author > > ++++ multi-hop mesh > |R |---- +---+ +--+ +--+ > | | \ |6 |----|J |........|P | > ++++ \--+ LR| | | | | > +---+ +--+ +--+ > Registrar Join Proxy Pledge > > ==> > Repeating "(P)" and "(J)" > after the first instance is distracting. > ==>pvds > removed > ==> > Type "untill" in last paragraph. > ==>pvds > don't understand > ==> > Why is "legal" in quotes? > > ==>pvds > legal is removed > ==> > > "An enrolled device can..." same question as above: ANY > enrolled device could? > ==>pvds > Yes, any enrolled devices was a pledge beforehand > ==> > > Sec 5.1 > Maybe "such as by" instead of "for example" The parenthetical about > "Discovery > can also" and the sentence about DNS-SD probably belong in section 6. > ==>pvds > sentence about DNS-SD is removed > ==> > > ==>pvds > NEW > The Join Proxy has been enrolled via the > Registrar and learns the IP address and port of the Registrar, by > using a discovery mechanism such as described in Section 6. > ==> > In > Figure 2, I was briefly confused by the label "Src_IP" and the content > having > "IP_p" etc. > ==>pvds > NEW > > The columns "SRc_IP:port" and > "Dst_IP:port" show the IP address and port values for the source and > destination of the message. > ==> > Sec 5.2 > The phrase "but may also reduce" maybe "and may also reduce"? > ==>pvds > followed your suggestion > ==> > Is are paragraphs > 2 and 3 redundant? Why use JPY and not, say, SJP? > ==>pvds > JPY is inherited from earlier draft; and we authors are all used to it. > ==> > "The registrar should not > assume..." KEY POINT. > ==>pvds > Don't understand > ==> > > Sec 5.3 > Why does the text say "ifindex" but the Figure 4 CDDL says "index"? > > ==>pvds > ifindex it is. thanks > ==> > > Since there > can be more than five elements, what is the meaning of extra elements? > Ignore > them? Maybe MUST send only five? "Completely opaque to the receiver" > really > means the receiving Registrar, right? > ==>pvds > completely opaque for the values. > The CBOR array is visible. > ==> > > Sec 6 > I was confused about "near" and "remote" Maybe "near and far" or > "local and > remote" ? The rest of Sec 6, describing the different discovery methods > seems > reasonable. (I am not well-qualified to say more than that) > ==>pvds > near and far, it is now > ==> > > Sec 7 > This could be moved into 5 as a new subsection. If not, sec 5 should > have a > forward pointer to the comparison. > ==>pvds > Forward pointer added > ==> > > Sec 8 > I like the list of possibilities for evil, and why they're not new. The > "enroll > itself" item should have the last two sentence fragments merged "With > ..., the > chance ..." Next item "Also this is assumed" maybe "This, too, is > assumed" > > ==>pvds > "This, too," is now used. > ==> > > I > think you could bundle all of the items which require having the > private key, > for example, and point out that you depend on the security of DTLS to > prevent > these things, rather than say "unlikely" > ==>pvds > I personally like the unlikely. It is always possible with a given > probability to decrypt DTLS encryption > ==>
- [art] Artart last call review of draft-ietf-anima… Rich Salz via Datatracker
- Re: [art] Artart last call review of draft-ietf-a… Peter van der Stok
- Re: [art] Artart last call review of draft-ietf-a… Salz, Rich