[babel] Paul Wouters' Discuss on draft-ietf-babel-rtt-extension-05: (with DISCUSS and COMMENT)
Paul Wouters via Datatracker <noreply@ietf.org> Tue, 13 February 2024 17:00 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: babel@ietf.org
Delivered-To: babel@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A79A5C14F610; Tue, 13 Feb 2024 09:00:41 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Paul Wouters via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-babel-rtt-extension@ietf.org, babel-chairs@ietf.org, babel@ietf.org, Donald Eastlake <d3e3e3@gmail.com>, d3e3e3@gmail.com
X-Test-IDTracker: no
X-IETF-IDTracker: 12.5.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Paul Wouters <paul.wouters@aiven.io>
Message-ID: <170784364166.47495.16308239157765755257@ietfa.amsl.com>
Date: Tue, 13 Feb 2024 09:00:41 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/wVaMe8QY2MO-fgNpK7toKjgoKoM>
Subject: [babel] Paul Wouters' Discuss on draft-ietf-babel-rtt-extension-05: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Feb 2024 17:00:41 -0000
Paul Wouters has entered the following ballot position for draft-ietf-babel-rtt-extension-05: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-babel-rtt-extension/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Thanks to Shivan Sahib for the SecDir review. I agree with Shivan's concern about privacy here. Perhaps something more can be said in the document? Maybe a Privacy Considerations section? Should a client using a VPN add some random range delay for privacy? Should it just say/act with something very slow to "opt out" of this entirely so the only information leaked is "not local"? eg cause it to be like 1000ms ? Is there another way to opt-out? Eg by refusing to answer as per this draft that could be recommended ? I'm also worried about malicious clients sending pre-emptive IHUs and lying about the RTT, and thus making themselves the preferred gateway. This could be avoided by adding a random COOKIE in the RTT timer request. Is there a reason why not to take this extra security step? (I'm not a Babel expert, so it is possible my envisioned scenario is not possible) ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- nit: expand IHU on first use (maybe with exact reference)
- [babel] Paul Wouters' Discuss on draft-ietf-babel… Paul Wouters via Datatracker
- Re: [babel] Paul Wouters' Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Paul Wouters' Discuss on draft-ietf-b… Juliusz Chroboczek
- Re: [babel] Paul Wouters' Discuss on draft-ietf-b… Paul Wouters
- Re: [babel] Paul Wouters' Discuss on draft-ietf-b… Gunter van de Velde (Nokia)