IETF Logo Mail Archive

Re: [babel] minor DTLS comment

"STARK, BARBARA H" <bs7652@att.com> Mon, 07 January 2019 20:58 UTC

Return-Path: <bs7652@att.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 998B712D84C for <babel@ietfa.amsl.com>; Mon, 7 Jan 2019 12:58:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.611
X-Spam-Level:
X-Spam-Status: No, score=-0.611 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c6ACuPtuWDdi for <babel@ietfa.amsl.com>; Mon, 7 Jan 2019 12:57:57 -0800 (PST)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7949B124D68 for <babel@ietf.org>; Mon, 7 Jan 2019 12:57:57 -0800 (PST)
Received: from pps.filterd (m0053301.ppops.net [127.0.0.1]) by mx0a-00191d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id x07Ktpb8014154; Mon, 7 Jan 2019 15:57:57 -0500
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by mx0a-00191d01.pphosted.com with ESMTP id 2pve0j8fvk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 07 Jan 2019 15:57:56 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id x07Kvskh029488; Mon, 7 Jan 2019 15:57:55 -0500
Received: from zlp30485.vci.att.com (zlp30485.vci.att.com [135.47.91.178]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id x07Kvn3s029384; Mon, 7 Jan 2019 15:57:49 -0500
Received: from zlp30485.vci.att.com (zlp30485.vci.att.com [127.0.0.1]) by zlp30485.vci.att.com (Service) with ESMTP id 4829D4048C2F; Mon, 7 Jan 2019 20:57:49 +0000 (GMT)
Received: from GAALPA1MSGHUBAE.ITServices.sbc.com (unknown [130.8.218.154]) by zlp30485.vci.att.com (Service) with ESMTPS id 31A284048C1E; Mon, 7 Jan 2019 20:57:49 +0000 (GMT)
Received: from GAALPA1MSGUSRBF.ITServices.sbc.com ([169.254.5.5]) by GAALPA1MSGHUBAE.ITServices.sbc.com ([130.8.218.154]) with mapi id 14.03.0415.000; Mon, 7 Jan 2019 15:57:49 -0500
From: "STARK, BARBARA H" <bs7652@att.com>
To: 'David Schinazi' <dschinazi.ietf@gmail.com>, Dave Taht <dave.taht@gmail.com>
CC: Babel at IETF <babel@ietf.org>
Thread-Topic: [babel] minor DTLS comment
Thread-Index: AdSkL1vol8xv1+2PTJSCJUACYAMkywAX+64AAAnjvdD//72TAIAEv1cAgABTWtA=
Date: Mon, 07 Jan 2019 20:57:48 +0000
Message-ID: <2D09D61DDFA73D4C884805CC7865E6114DF86D80@GAALPA1MSGUSRBF.ITServices.sbc.com>
References: <2D09D61DDFA73D4C884805CC7865E6114DF82DC1@GAALPA1MSGUSRBF.ITServices.sbc.com> <CAPDSy+4jxWmQ611mfQiiPrFfG3P1m7w8RNA4HNuTrJU6NQ0y_Q@mail.gmail.com> <2D09D61DDFA73D4C884805CC7865E6114DF8360C@GAALPA1MSGUSRBF.ITServices.sbc.com> <CAA93jw7f+yG88CqoiN1UvSRs1AEtOVU_bonQGAa6gmGQjuwKYg@mail.gmail.com> <CAPDSy+766Gxpu0=B6NVVoO=dSCY-9m-Cq2A7+FkZ4pP=0=J_iw@mail.gmail.com>
In-Reply-To: <CAPDSy+766Gxpu0=B6NVVoO=dSCY-9m-Cq2A7+FkZ4pP=0=J_iw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.70.202.237]
Content-Type: multipart/alternative; boundary="_000_2D09D61DDFA73D4C884805CC7865E6114DF86D80GAALPA1MSGUSRBF_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-07_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1901070173
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/O3ex4pki_QqSPGs-Q-fXD6mom-o>
Subject: Re: [babel] minor DTLS comment
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jan 2019 20:58:01 -0000

WFM
Barbara

From: babel <babel-bounces@ietf.org> On Behalf Of David Schinazi
Sent: Monday, January 07, 2019 3:56 PM
To: Dave Taht <dave.taht@gmail.com>
Cc: STARK, BARBARA H <bs7652@att.com>; Babel at IETF <babel@ietf.org>
Subject: Re: [babel] minor DTLS comment

Thanks Barbara, how about this slightly more pedantic option?

Babel over DTLS operates on a different port than unencrypted Babel.
All Babel over DTLS nodes MUST act as DTLS servers on a DTLS port, and MUST
listen for unencrypted Babel traffic on an unencrypted port, which MUST be
distinct from the DTLS port.  The default port for Babel over DTLS is
registered with IANA as the "babel-dtls" port (UDP port TBD), and the
unencrypted port is registered as the "babel" port (UDP port 6696).
Nodes SHOULD use these default ports.

https://github.com/jech/babel-drafts/commit/c90cc8204691254e7051405acf6a10088d42cdfd<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jech_babel-2Ddrafts_commit_c90cc8204691254e7051405acf6a10088d42cdfd&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=LoGzhC-8sc8SY8Tq4vrfog&m=TpHSwsdW292xnnT9CFhkZFwbPP5Qj8WM3Cp9NZVkyNQ&s=dmB9wDzFnjfwLmkHq-4xmMbD1HyQkbd0vyMJN-R2ap0&e=>

(Dave, running Babel over alternate transport protocols sounds like interesting future work outside the scope of this draft)

Thanks,
David

On Fri, Jan 4, 2019 at 12:26 PM Dave Taht <dave.taht@gmail.com<mailto:dave.taht@gmail.com>> wrote:
On Fri, Jan 4, 2019 at 12:07 PM STARK, BARBARA H <bs7652@att.com<mailto:bs7652@att.com>> wrote:
>
> Hmm.
>
> " Babel over DTLS operates on a different port than unencrypted Babel.
>
> All Babel over DTLS nodes MUST act as DTLS servers on a configured port, and
>
> MUST listen for unencrypted Babel traffic on a distinct configured port.”
>
>
>
> An implementation doesn’t have to allow for configuration of ports. They could just be hard-coded.
>
> I don’t like that I need the context of the first sentence to understand unambiguously what the second port is “distinct” from (i.e., distinct from the unencrypted Babel port).
>
>
>
> How about just “ Babel over DTLS MUST operate on a different port than unencrypted Babel.” ?
>

Sure.

(I had proposed at one point that the dtls version operate over
udp_lite or even dccp, on the same port number, but have since
discovered osx doesn't support either)
>
> Barbara
>
>
>
> From: David Schinazi <dschinazi.ietf@gmail.com<mailto:dschinazi.ietf@gmail.com>>
> Sent: Friday, January 04, 2019 2:41 PM
> To: STARK, BARBARA H <bs7652@att.com<mailto:bs7652@att.com>>
> Cc: Babel at IETF <babel@ietf.org<mailto:babel@ietf.org>>
> Subject: Re: [babel] minor DTLS comment
>
>
>
> Thanks for your comment, Barbara. I agree with you, and have added the following text:
>
> https://github.com/jech/babel-drafts/commit/a5a372a942ebc7951b2847d88123d75ab8169f2f<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_jech_babel-2Ddrafts_commit_a5a372a942ebc7951b2847d88123d75ab8169f2f&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=LoGzhC-8sc8SY8Tq4vrfog&m=TpHSwsdW292xnnT9CFhkZFwbPP5Qj8WM3Cp9NZVkyNQ&s=P1U-tt7OEd-QCmRudu3BDkSA7_fYNDQn8CviLqyMjuA&e=>
>
>
>
> Please let us know if you feel it addresses your comment.
>
>
>
> Thanks,
>
> David
>
>
>
> On Fri, Jan 4, 2019 at 5:35 AM STARK, BARBARA H <bs7652@att.com<mailto:bs7652@att.com>> wrote:
>
> Since the DTLS draft is still open for comments, I do have a small one about how the UDP ports are characterized.
> The IANA assigned ports are default values, and need to be portrayed as such. It's allowed (or should be) for deployed instances to use other values. This is pretty much true of all protocols. Certainly the base babel protocol allows other values to be used (which is why the homenet babel profile mandated use of 6696).
>
> Maybe instead of
>    All Babel over DTLS nodes MUST act as DTLS servers on the "babel-
>    dtls" port (UDP port TBD), and MUST listen for traffic on the
>    unencrypted "babel" port (UDP port 6696).
>
> say
>    All Babel over DTLS nodes MUST act as DTLS servers on the "babel-
>    dtls" port, and MUST listen for traffic on the
>    unencrypted "babel" port.
>    The IANA-assigned values of 6696 for the "babel" port and
>    TBD for the "babel-dtls" port SHOULD be used.
>
> Barbara
>
>
> _______________________________________________
> babel mailing list
> babel@ietf.org<mailto:babel@ietf.org>
> https://www.ietf.org/mailman/listinfo/babel<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_babel&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=LoGzhC-8sc8SY8Tq4vrfog&m=TpHSwsdW292xnnT9CFhkZFwbPP5Qj8WM3Cp9NZVkyNQ&s=LF-O3kvWyaujEUCJSiJHAF2H5kM2FhPNxAcf59J74Fw&e=>
>
> _______________________________________________
> babel mailing list
> babel@ietf.org<mailto:babel@ietf.org>
> https://www.ietf.org/mailman/listinfo/babel<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_babel&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=LoGzhC-8sc8SY8Tq4vrfog&m=TpHSwsdW292xnnT9CFhkZFwbPP5Qj8WM3Cp9NZVkyNQ&s=LF-O3kvWyaujEUCJSiJHAF2H5kM2FhPNxAcf59J74Fw&e=>



--

Dave Täht
CTO, TekLibre, LLC
http://www.teklibre.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.teklibre.com&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=LoGzhC-8sc8SY8Tq4vrfog&m=TpHSwsdW292xnnT9CFhkZFwbPP5Qj8WM3Cp9NZVkyNQ&s=eDO08A7Z1JXYWbQa77-WahX5yDeV_QOXt3gDUV2bfCQ&e=>
Tel: 1-831-205-9740

v2.23.0 | Report a Bug | By Email