[core] draft-hartke-core-stateless
Jim Schaad <ietf@augustcellars.com> Mon, 10 September 2018 23:08 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66EDB130F8A; Mon, 10 Sep 2018 16:08:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.794
X-Spam-Level:
X-Spam-Status: No, score=-0.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, LOCALPART_IN_SUBJECT=1.107, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m43Rf2F1GCMp; Mon, 10 Sep 2018 16:08:00 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4470130E0F; Mon, 10 Sep 2018 16:07:56 -0700 (PDT)
Received: from Jude (73.180.8.170) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Mon, 10 Sep 2018 16:03:54 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-hartke-core-stateless@ietf.org
CC: 'Core' <core@ietf.org>
Date: Mon, 10 Sep 2018 16:07:48 -0700
Message-ID: <009901d4495b$194c4f30$4be4ed90$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdRJSZxEFVxiHpnJRYejIUsSOODSiw==
Content-Language: en-us
X-Originating-IP: [73.180.8.170]
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/4_Z3pRhK9OrYsROvyoqB9XbMQ1U>
Subject: [core] draft-hartke-core-stateless
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Sep 2018 23:08:01 -0000
Section 2.2.2 - Depending on circumstances, I think you might get a Gateway time out error response as well for some types of proxies. Section 2.2.2 - Should there be a special indicator that a server cannot deal with tokens of longer than n bytes? Otherwise this would seem to be a good way to exhaust resources on the server/proxy. Section 3.1 - I would think that repeatable would be better for the option as then multiple proxies could just insert a new option rather than attempting to extend or wrap the current value. Section 3.1 - I am not sure that I agree that the option should be unsafe to forward. As long as a client and a server agree to deal with the option then it does not matter what any intermediate proxies might do. Changing this modifies 3.2.2 as well Section 3.1 - above two arguments would change the values of critical as well. I still think that it would be part of the cache key for a proxy that did not understand the option, it might be noted that a proxy which understands the option would be in its right to exclude the option from computing the cache key. Section 3.1 - The last sentence may need to have some additional text added about the length of the Token field when splitting the value. Also needs to have a note about the interactions messages in those cases where the portion placed in the token field does not change. This seems quite possible if one uses a prefix. Section 4 - What happens for interactions w/ the observe option? Section 4.1 - I don't see how paragraph 3 follows from the use of this option. This is merely a tree statement for all intermediaries that don't bother caching. Note that if the intermediary does cache responses, but does not cache this option then the entire paragraph does not seem to be correct. It could respond from the cache, but not worry about keeping this value in the cache and trying to figure out when and how to ignore. Security Considerations - Need additional text someplace about swapping of tokens which might be more consequential than would normally be the case. Someplace - Interactions between OSCORE and this new option. Freshness indicator may need to be dealt with on a per server basis or using the same type of window that DTLS uses. If a client sends out two different messages to two different servers, the order of responses should not control if a response is processed. Jim
- [core] draft-hartke-core-stateless Jim Schaad
- Re: [core] draft-hartke-core-stateless Christian Amsüss
- Re: [core] draft-hartke-core-stateless Klaus Hartke
- Re: [core] draft-hartke-core-stateless Christian Amsüss
- Re: [core] draft-hartke-core-stateless Jim Schaad
- Re: [core] draft-hartke-core-stateless Klaus Hartke
- Re: [core] draft-hartke-core-stateless Jim Schaad
- Re: [core] draft-hartke-core-stateless Klaus Hartke
- Re: [core] draft-hartke-core-stateless Klaus Hartke