IETF Logo Mail Archive

Re: [babel] WG Last Call for draft-ietf-babel-dtls-03

David Schinazi <dschinazi.ietf@gmail.com> Wed, 09 January 2019 21:47 UTC

Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64A0C12DD85; Wed, 9 Jan 2019 13:47:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gElS4ycuahyN; Wed, 9 Jan 2019 13:47:03 -0800 (PST)
Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CB8B130FCB; Wed, 9 Jan 2019 13:47:03 -0800 (PST)
Received: by mail-pg1-x533.google.com with SMTP id g189so3876324pgc.5; Wed, 09 Jan 2019 13:47:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JEjJ6TSbvz7xf9uCGwxrjAj4/qoRgS0bWkv5NqOWTC8=; b=m6/EEDFFHRtMMs9xqgszCAjgWRJ91zebEmAp+U8TDrpNQ1hPFvgN31wHL8JWha9Pz5 VNQg9+N4zrgs+sodr3U00uZgXBrKAPy/MBqJ/dj2zHLcSe1/OjAAmuqxsjHNiIWFddmW 4pGd4t24iZQzbot2X5eSQzrSXTEhoAf4vaO+Kzcbr1iEjU0dYEjb3y46km7kFYeDCaLH U3o0pEerEq6cMP1R5QdxKiUJI7uF+I4I4tiVdEJW/40cTSUuTjU6vFcH7kMh+AtMXN5b EWMNSVdBeRIGFhCi39asoU53z29DQU/JDp4562u2kYGHZq15i5abAdGZFe3mHF8nQy90 Ao/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JEjJ6TSbvz7xf9uCGwxrjAj4/qoRgS0bWkv5NqOWTC8=; b=s5oB0miqIeNSsogHQQMSHTPbipWuNDXRQwQSwR4M2zide3MJxpTFf8brExzPXqC04x vwJ3aP5hb3pZ7xvsaq5vNKzQya6u6RWzauoDO3Da+E8b/Q3oXwUv1eiNrvsdA8jsSLjj rRPHePPjtTEh+qiqIRq0DjHERR0PP+f+LNF0Mv49bSWJrf11g6Xzhr0VTR5zhZHVuto1 ah4lEdPbvGheXa06CLmMfGEMXxauu3XPxVuA4xtAviIs5xM+efY/LxhkJp++lp5o9kR8 6sSergQv52z9gDGn+V33qmytllp/a/3aHpQYBDZzDtfRhP67x9nxRvMIPY/JEklNNBPV dX/w==
X-Gm-Message-State: AJcUukdPRZF8uIetRTvNOQWHzep343tRzN78wv9dQf7buYxRBl+FSWh7 xvy0FaTzHAtOqrYFhvh4Nob5Tnk3mKyzYR3a+ps=
X-Google-Smtp-Source: ALg8bN5kG2oxPnOokZiwOQpKoAxkyfHCZYRWnkYPZC+BmafwucUPtdNixvSVANACi3zX3dc58dZxc03NaQdef4QWWTQ=
X-Received: by 2002:a63:7e1a:: with SMTP id z26mr6786374pgc.216.1547070422541; Wed, 09 Jan 2019 13:47:02 -0800 (PST)
MIME-Version: 1.0
References: <CAF4+nEGcA11WSLQw9K9q2TskgkNdVFsCmGWdB99QLiquJ2cKog@mail.gmail.com> <CAC=54BLM3dHP--xnhc05k-FQBr56Rkb-G-PQXRV-xgH6XZPHRg@mail.gmail.com> <CAPDSy+4FgOE0GD=UZoO-HJv3DP4xPVXxUc6LeN9PmtrABviQ_Q@mail.gmail.com> <CAA93jw4FAevFhRrqf8igoCudZt6+HKVxxBrGEaVLtRis3cNRxg@mail.gmail.com>
In-Reply-To: <CAA93jw4FAevFhRrqf8igoCudZt6+HKVxxBrGEaVLtRis3cNRxg@mail.gmail.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 09 Jan 2019 13:46:51 -0800
Message-ID: <CAPDSy+5EKgFzj8AL=mty-6fst18hvDQeYvOT+OXs281Wt6Kqyw@mail.gmail.com>
To: Dave Taht <dave.taht@gmail.com>
Cc: Antonin Décimo <antonin.decimo@gmail.com>, Donald Eastlake <d3e3e3@gmail.com>, draft-ietf-babel-dtls@ietf.org, babel-chairs <babel-chairs@ietf.org>, Babel at IETF <babel@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fa6d27057f0d66db"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/9aR4VAOXmncf7s3DEnJ-7S9LKIg>
Subject: Re: [babel] WG Last Call for draft-ietf-babel-dtls-03
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jan 2019 21:47:05 -0000

Hi Dave,

The questions you ask are answered in different sections of the draft.
If you have suggestions on how to clarify the document, please let us know
we'd love to make it as clear as possible.

David

On Wed, Jan 9, 2019 at 1:40 PM Dave Taht <dave.taht@gmail.com> wrote:

> well, I've been playing catchup on these drafts for a while and had
> barely looked at this before now.
>
> * As usual, I like having two interoperable implementations before
> committing to a draft.
>
> To me, this is unclear:
>
> " When a Babel node
>    discovers a new neighbor (generally by receiving an unencrypted
>    multicast Babel packet), it compares the neighbour's IPv6 link-local
>    address with its own, using network byte ordering.  If a node's
>    address is lower than the recently discovered neighbor's address, it
>    acts as a client and connects to the neighbor.  In other words, the
>    node with the lowest address is the DTLS client for this pairwise
>    relationship.  As an example, fe80::1:2 is considered lower than
>    fe80::2:1."
>
> A DTLS enabled node receiving that unencrypted multicast hello packet
> (on the main babel port? on the dtls port?), is then supposed to try
> contacting the other router on the DTLS port?
>
> Recieving a hello from a lower numbered fe80 address means you wait
> for the lower numbered fe80 address to initiate (so you send a hello
> with or without an ihu?)
>
> So a DOS attack is merely lots of hellos and a very slow DTLS
> exchange? (what are the timeouts associated with a DTLS negotiation?)
>
> In the HMAC draft there was a 300ms timeout suggested for some things.
>
>
> On Wed, Jan 9, 2019 at 11:33 AM David Schinazi <dschinazi.ietf@gmail.com>
> wrote:
> >
> > (Stating the obvious, as co-author) I support publication.
> >
> > On Wed, Jan 9, 2019 at 10:30 AM Antonin Décimo <antonin.decimo@gmail.com>
> wrote:
> >>
> >> Hello Donald,
> >>
> >> I support publication.
> >>
> >> -- Antonin
> >
> > _______________________________________________
> > babel mailing list
> > babel@ietf.org
> > https://www.ietf.org/mailman/listinfo/babel
>
>
>
> --
>
> Dave Täht
> CTO, TekLibre, LLC
> http://www.teklibre.com
> Tel: 1-831-205-9740
>

v2.23.0 | Report a Bug | By Email