Re: [core] I-D Action: draft-ietf-core-new-block-06.txt
Christian Amsüss <christian@amsuess.com> Wed, 17 February 2021 00:26 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9234C3A1388; Tue, 16 Feb 2021 16:26:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E94TTHjxuUYc; Tue, 16 Feb 2021 16:26:18 -0800 (PST)
Received: from prometheus.amsuess.com (prometheus.amsuess.com [5.9.147.112]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDB663A13A7; Tue, 16 Feb 2021 16:26:15 -0800 (PST)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by prometheus.amsuess.com (Postfix) with ESMTPS id 1CF0340887; Wed, 17 Feb 2021 01:26:14 +0100 (CET)
Received: from poseidon-mailbox.amsuess.com (poseidon-mailbox.amsuess.com [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id D2DDAFD; Wed, 17 Feb 2021 01:26:12 +0100 (CET)
Received: from hephaistos.amsuess.com (hephaistos.amsuess.com [IPv6:2a02:b18:c13b:8010::aa6]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id 9BAD644; Wed, 17 Feb 2021 01:26:12 +0100 (CET)
Received: (nullmailer pid 613621 invoked by uid 1000); Wed, 17 Feb 2021 00:26:12 -0000
Date: Wed, 17 Feb 2021 01:26:12 +0100
From: Christian Amsüss <christian@amsuess.com>
To: core@ietf.org, draft-ietf-core-new-block@ietf.org
Message-ID: <YCxipG22MUfjRiRH@hephaistos.amsuess.com>
References: <161106954627.30354.11510619547642306741@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="T9YApoBcqYkLdOQh"
Content-Disposition: inline
In-Reply-To: <161106954627.30354.11510619547642306741@ietfa.amsl.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/BKXW9da55y8dN3TTItcNyFBr1Xg>
Subject: Re: [core] I-D Action: draft-ietf-core-new-block-06.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2021 00:26:25 -0000
Hello new-block authors,
here a few notes that I didn't see fitting any of the previous
threads (or so I hope):
* "can fall back to using Block1 and Block2 Options, respectively": Even
though the rest says (as agreed on) that it's both-or-none, the
"respectively" seems to imply otherwise -- maybe just drop the word.
* CSM option: "There is little, if any, benefit of using these options
with [reliable transports]" ... and reliable transports are the only
thing CSMs are defined for. So why define a CSM if it's not expected
to be useful?
* Ad Class E/U: It may be worth stating that it *is* allowed to mix
Block and Q-Block when one is inner and the other is outer -- for the
simple reason that there'd be no way to enforce anything else, for
proxies along the path can perform outer-blockwise transfers in
ignorance of the content.
(Then, at a receiver, an outer Block option could arrive, and when
that's done, it should still process the inner Q-Block without erring
just because the two worlds met).
* 3.3 Use of the QB1 option:
The rules for the final message are different between 2.04 Changed
("token SHOULD be from the last received payload") and 2.05 Content
(~"MUST be the one in the final block"). Any reason for that? The
former sounds more sensible. (I originally favored the latter, but
then when a 4.08 comes back on the last-block request, the same token
would need to be used for the final successful response too, and
that'd be awkward -- and I'd prefer to avoid it if we can pick the one
rule set ("SHOULD from the last received") that allows having only one
response per token unless there are actually multiple blocks
transported on it).
* 3.5 Block + Observation: Has this been implemented and tested? The
combination of Block1(!)+Block2+Observer is already tricky with
regular blocks, and made harder by the semi-noresponse blocks here.
Unless you have a use case for it, I'd ask to see this implmeneted
before it is published, or else to leave this as "interactions are up
to further specification" (with a corresponding note in the
ups-and-downs list) in the interest of getting this on speedily (given
this document's purpose is to get the DOTS use case running).
* The 2.31 Continue rules: Why not send it with CON? A 2.31 Continue is
just as compact as an ACK, and can convey to the client that all
packages up to that point have been received, so it doesn't need to
retransmit the earlier ones even though the corresponding ACK may have
gotten lost.
* The new QB2 M-bit rules depend on MAX_PAYLOADS to be agreed. But that
agreement is SHOULD only, and even that's already stretching what I'd
expect of a configurable CoAP parameter.
It's also rather complicated. How is this better than a simple "M=1
means this block plus as many as you can comfortably send, where M=0
is for this one only"?
* "is meant to prevent amplification attacks": Could you elaborate? A
client permitted the use of QB2 has already some leverag on the server
to start attacks, and would in any case (overlaps or not) only be
permitted MAX_PAYLOADS on a single request by the server, no matter
how it requests more than that.
* "then the body response SHOULD be restarted with a different ETag
Option value": That behavior sounds like a recipe for endless running
requests when CON is involed (which, granted, are under flow control,
but still don't do anything useful). Given there is also a
recommendation to keep the being-transmitted version alive, why not
just stop the transmission? Or send just one final block of the new
value -- and then it's up to the client to decide whether that's a
representation it already knows (and just got a freshness statement
for) or needs to get it as a whole again?
* 3.6 Size1/2: These options MUST be used per 3rd paragraph, so the "If"
in the 4th is odd.
* (General wording: It's "A comprise X and Y" or "A is comprised of X
and Y"; https://en.wiktionary.org/wiki/comprise#Usage_notes "in the
passive voice")
* 4 the new 4.08 format: Since this is a CBOR sequence, the
implementation note on telling the array length in advance does not
apply. As for the CDDL, I don't know whether the array format is OK to
use for the sequence, or whether the CBOR
* 5. Use of Tokens: The MUST on the unique tokens misrepresents
echo-request-tag. There are rules there about when a token can or can
not be reused, and they depend on factors immaterial to the present
specification.
In particular, when used with CoAP-over-TLS or with OSCORE, using
non-unique tokens is quite alright.
I recmomend not making a normative statement where none is required;
eg.
"Each new request generally uses a new Token (and sometimes must, see
Section 4 of ERT). Additional responses to a request all use the
token of the request they respond to".
* "Implementation Note: To minimize": I'd prefer to go with "it is
suggested" rather than "recommended", but as long as it's not in
normative language, I don't care too much.
* "Servers continue to treat": While not factually incorrect considering
the above recommendation, the reference to the 32 bits in the
paragraph about the server is confusing. Last prenthized expression
could read "(i.e., is sent on the token of the request that caused
its retransmission)".
* (I skipped through the congestion contol section for the time being;
it's probably best read by someone with some experience in congestion
control which I lack).
* "When the next client completes building the body, any existing
partial body transmission to the CoAP server is terminated": Just a
note, you're already using Request-Tag, so you could leave it up to
the proxy to try to run them simultaneously (it obviously can, as it
already got to the point of having both request bodies loaded in
full). The server can then still cancel one or postpone the other.
* Figure 6: The first line says "for RT=11", that's probably a remnant
from when the Request-Tag was copied into the payload. (Same for later
'[for RT=...]' items
Best regards
Christian
--
To use raw power is to make yourself infinitely vulnerable to greater powers.
-- Bene Gesserit axiom
- [core] I-D Action: draft-ietf-core-new-block-06.t… internet-drafts
- Re: [core] I-D Action: draft-ietf-core-new-block-… Christian Amsüss