IETF Logo Mail Archive

Re: [babel] Tsvart last call review of draft-ietf-babel-mac-relaxed-04

Kyle Rose <krose@krose.org> Fri, 14 April 2023 17:48 UTC

Return-Path: <krose@krose.org>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4D15C072E67 for <babel@ietfa.amsl.com>; Fri, 14 Apr 2023 10:48:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=krose.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YU62RWbcbwaz for <babel@ietfa.amsl.com>; Fri, 14 Apr 2023 10:48:50 -0700 (PDT)
Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD9A9C151B09 for <babel@ietf.org>; Fri, 14 Apr 2023 10:48:45 -0700 (PDT)
Received: by mail-ej1-x633.google.com with SMTP id si1so17419447ejb.10 for <babel@ietf.org>; Fri, 14 Apr 2023 10:48:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=krose.org; s=google; t=1681494523; x=1684086523; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=f9AsLncZJ883iuJmtprwDfTW8/bmrHAxJFLAONLLruk=; b=XPzgT/8WQzk2pocNgPzDH/4qngEuBOk0U+aAZjuiioEmOtYN4zamgLhOFknV3m+gJv Pa+ABi07l1C3gJ8lgIqgTgDCNU9qvfXViYdBpfrTyeNhH0e+mtc6jAsTqxEjz61Tm64o ZotnCjQfCJ3sSeugIUpAEEoQNRVooDVdErBvw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681494523; x=1684086523; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=f9AsLncZJ883iuJmtprwDfTW8/bmrHAxJFLAONLLruk=; b=CMzIArGhiOB6ChQvIj/qZSfqxc2QZnKdQgxQLWh1gcE/j+m1y9g7amU61lFXLPXYtK ln5N/cdXc+KFnWDDUD0oVlRwfpsGZpO70wrGkQ1MRsX9s3C1e5jP2bBMPbPUK6N3EOFk qTuvyVQCm52uhHfZdffExbtd8HSW4MKvSaSJb0t2vPaSlXhZdiXMTLr+0/5vBCL9mbzg WgmrHGrSyxpUE6vxFxII2ypCJdZS3IokCi/Mv/kw3V7l2E1arb66CHzWXiOdhVLjaTlb y6ZIMJzRD7XED+w2jWzSmOFqwuq9D48Si5GPsk2Y7ySM93HjKzTZst/4uWnyXLHnDvDY S3Wg==
X-Gm-Message-State: AAQBX9f6Hkbq/4M/4Fsor4TYbZ/q1B35WQ94kIWxbhmiOdmrG+YfTohd D3h7HA3GzHzG1Gab/i3GSFv9uUU6Z+L1yaDMcPHLUxZ85dN2MjfU
X-Google-Smtp-Source: AKy350YeJ8uoP6ZuLylk79wqAXO81BDmyPksS53jKIwLU81jNtY2NbTCZNbPt2sXBaePSzU2lFiEp3aaLP1jDxA2CFs=
X-Received: by 2002:a17:906:37cd:b0:93d:1b82:3c13 with SMTP id o13-20020a17090637cd00b0093d1b823c13mr3457050ejc.7.1681494523606; Fri, 14 Apr 2023 10:48:43 -0700 (PDT)
MIME-Version: 1.0
References: <168148347371.47309.16234400313355691909@ietfa.amsl.com> <CAPDSy+5ehHyZj9LNuWirEmx8ZtM=2B4vaUk5oZWrRmMK2kL4MQ@mail.gmail.com>
In-Reply-To: <CAPDSy+5ehHyZj9LNuWirEmx8ZtM=2B4vaUk5oZWrRmMK2kL4MQ@mail.gmail.com>
From: Kyle Rose <krose@krose.org>
Date: Fri, 14 Apr 2023 13:48:32 -0400
Message-ID: <CAJU8_nX2aH=NRYpgv517ujfxsa9pp99EetAKN6WAagBA3QQ2DA@mail.gmail.com>
To: David Schinazi <dschinazi.ietf@gmail.com>
Cc: tsv-art@ietf.org, babel@ietf.org, draft-ietf-babel-mac-relaxed.all@ietf.org, last-call@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c58d5805f94f7371"
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/xXx1NPicOwGvgrWXHRYvIbpWJsI>
Subject: Re: [babel] Tsvart last call review of draft-ietf-babel-mac-relaxed-04
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Apr 2023 17:48:55 -0000

On Fri, Apr 14, 2023 at 1:14 PM David Schinazi <dschinazi.ietf@gmail.com>
wrote:

> To respond to your comment about "insufficient prior outreach to subject
> matter experts", you're missing an important bit of context. When RFC 7298
> was written, Babel was RFC 6126 and that only supported sending packets
> over link-local multicast. As you know, there is negligible amount of
> reordering there, for either Wi-Fi or Ethernet, or even overlays for that
> matter.
>

I actually don't know that. If I were designing or implementing something
at the network layer, I would probably try to minimize reordering; but I
don't actually know what is implemented in real world devices. Which is why
I would engage someone with SME in that area if it really mattered to my
design.

> However, when we rewrote Babel in RFC 8966, we added the ability to also
> send packets over link-local unicast. This feature did get implemented, and
> so did HMAC - however no one deployed both simultaneously in production.
> When that was done, we realized that there was indeed an oversight because
> unicast and multicast do get significantly reordered on Wi-Fi. The document
> that you reviewed fixes that oversight. All that to say, we're not
> completely clueless over here in Babel land. We made a mistake not
> foreseeing how two separate features interact, but please don't assume
> incompetence.
>

My review does not assume incompetence, unless one regards not being an
expert in absolutely everything as incompetence (which I don't). I'm
suggesting that something like the assumption that queueing behavior is
basically FIFO over all packets, or that it wouldn't differ based on
destination address, might have been obviously wrong to someone who works
in that area, and that the ADs should make sure document authors are
engaging the right set of expertise. It's not like this was unforeseeable:
it is well known that UDP and IP guarantee nothing about packet delivery
ordering, so any assumption about ordering should immediately prompt
additional scrutiny.


> Back to your first point, yes the document does assume that, when treated
> independently, link-local unicast and link-local multicast are generally
> not reordered much in known deployed link layers.
>

Can you provide a reference for this claim? I don't doubt it's actually
true, but a reference to some research actually verifying it would make a
fine addition to this document and any future 8967bis.


> Maybe making that assumption explicit to help explain why the reordering
> window is optional sounds like a reasonable enhancement. That way if
> someone deploys Babel HMAC later over a new future link layer that
> reorders, they'll know to implement the window.
>

I was making a more general point there that the design choice, reasonable
as it might have been at the time, was not explained anywhere I could find.
That kind of context, even if just in an appendix, is helpful to people
asking "why?" in the future.


> To your other note about adding a protected field, the intent in this doc
> was to build something backwards compatible - but maybe we should note that
> to help explain the design choices.
>

Agreed, thanks.

Kyle

v2.23.0 | Report a Bug | By Email