Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
David Schinazi <dschinazi.ietf@gmail.com> Wed, 07 August 2019 18:09 UTC
Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49C081205D4; Wed, 7 Aug 2019 11:09:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HLMPfq_fW_nb; Wed, 7 Aug 2019 11:09:20 -0700 (PDT)
Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42E491202E1; Wed, 7 Aug 2019 11:09:20 -0700 (PDT)
Received: by mail-lf1-x135.google.com with SMTP id c9so64664671lfh.4; Wed, 07 Aug 2019 11:09:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ipieD2NF4WtCrtLvBV5qIIoxe3ivVWDMQDz8VERsGoc=; b=CRd3Lp28mt5gM2q1IOgggMoffaKbOfAG1rBX5xxTPoxzwouC/KtU7VI4Rd7ieWm1Xi uCBlzrGQmbWT6eTfkdqeqy87yZ1HATq9YNVorarOJqDa7JNSPT2/YUiWb/YuhUs2kx5w wOA3PSn7LkY1hU6+5To1UP2lJTEDkZ/VCmzol0lNW1JScHH+VDOuAX8oxGZk7JfOKnfz ryEHp/5UYcVnwayQdOixNjxpyboTvYIQjkiYZ54xFhhxZS6trj/2Xm0wo7sp4QHVmtu5 9ZEKT17f/ihrMNRgaJ7BKV7QhLOzLpdm8OChJqJNEkK6lj3L8LTY4ZZ2NzaF1yqff58V TMOQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ipieD2NF4WtCrtLvBV5qIIoxe3ivVWDMQDz8VERsGoc=; b=q+3OMXC89XPO/9unTXf1SyfAMzfGUkqRaapzzCehz6yDCVKGyfiBkqJqiQpIuMuvYH BLoOd1f9KMZDFOGB/5iMiqfWdawtsYDav+9LW7EduWAjoiiesmdswcqFAY/Qx62bYRXK HNiyOI0anOjSjBsw8bRNz9zFvH779JeVlRvYdMZuexmkI1ty4xkVTotJf1MY+6F4J66Q npiR7NFsP6S5esl1PlQhR2gvFTh9oDwTZOfdNiBa/iXKVFYPXm9hoiv0HBc7fi6LcMY3 oJlQqZfOfGElVNV8BLjGE2J9VS8ALqx/e1Qwx+rIIcj0BVCU6sGmIaREh+7EjnKFELym 37OA==
X-Gm-Message-State: APjAAAU/re9gyEnDmYKD9fqx2jpFQOivM5RQBEBiZJqrmtBzVuoi6KjQ IygWN3PoUAplWOym7V9NhQdxXBcBP3/b4cg2/Wc=
X-Google-Smtp-Source: APXvYqzma+VoVxE81cyUTrKSOG1axQvHCUbwv+GPbT9qrCe1z+EoMCZGu0r0PNHciCWr/9FUqncr2LnRcNfHa5k9hQg=
X-Received: by 2002:a05:6512:403:: with SMTP id u3mr6712891lfk.10.1565201358345; Wed, 07 Aug 2019 11:09:18 -0700 (PDT)
MIME-Version: 1.0
References: <156518163926.8337.14198016212015161206.idtracker@ietfa.amsl.com>
In-Reply-To: <156518163926.8337.14198016212015161206.idtracker@ietfa.amsl.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 07 Aug 2019 11:09:07 -0700
Message-ID: <CAPDSy+5mjQOj7qvvW+L-tYiP=Oet-QKf=FqjxzgxFw7YgabgtA@mail.gmail.com>
To: Mirja Kühlewind <ietf@kuehlewind.net>
Cc: The IESG <iesg@ietf.org>, draft-ietf-babel-dtls@ietf.org, Donald Eastlake <d3e3e3@gmail.com>, babel-chairs <babel-chairs@ietf.org>, Babel at IETF <babel@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f75bd8058f8ad624"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/HkpQ7-6mA4VpxJejjZe_jna_r0Y>
Subject: Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2019 18:09:22 -0000
Hello Mirja, and thank you for your review. (1) Discuss - port number Using an ephemeral port that is discovered at runtime would add a failure mode to the protocol and make it less robust. Implementors in the working group felt strongly that a separate port is simpler, safer and more reliable. (2) Comment on IPv4/IPv6 Thanks for catching this! We've allowed IPv4 in this commit: https://github.com/jech/babel-drafts/commit/335e3edf06ac58853e33475e32f2d452022e04e0 It'll be included in the next revision of the draft. Thanks, David On Wed, Aug 7, 2019 at 5:40 AM Mirja Kühlewind via Datatracker < noreply@ietf.org> wrote: > Mirja Kühlewind has entered the following ballot position for > draft-ietf-babel-dtls-07: Discuss > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > for more information about IESG DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-babel-dtls/ > > > > ---------------------------------------------------------------------- > DISCUSS: > ---------------------------------------------------------------------- > > Unfortunately I need to discuss the port request again. > > First of all I would like to comment on the shepherd write-up which says: > "The document requires only the allocation of a port number for Babel > over DTLS. Having such a second port for the secured version of a > protocol is a fairly common practice. This is shown in the IANA > Considerations section." > This is not correct. Having a second port for the secured version of a > protocol > WAS common practice. However RFC6335 say now "The use of separate > service name or port number assignments for secure and insecure > variants of the same service is to be avoided in order to discourage > the deployment of insecure services." > > Anyway, in this case I understand that a different port is desired because > unencrypted HELLO messages are still received over the default babel port. > However, it is not clear to me why a fixed/default port is needed. The > neighbour needs to be discovered in some why, no matter what, before a DTLS > connection can be established and this discovery procedure could indicate a > dynamic port number that the peer is listening on for babel over DTLS. > E.g. the > multicast HELLO could have a new TLV with this port information. Please > clarify > why this option is not suitable! Thanks! > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > This specification seems to only support babel over DTLS for IPv6. This > should > be stated clearly in the introduction. > > >
- [babel] Mirja Kühlewind's Discuss on draft-ietf-b… Mirja Kühlewind via Datatracker
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… David Schinazi
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… David Schinazi
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Benjamin Kaduk