Re: [core] discovery of Registrar by stateless Join-Proxy (was Re: Join-proxy information in the RD (Re: CoRE WG Virtual Interim 2022-09-14))
Christian Amsüss <christian@amsuess.com> Wed, 14 September 2022 20:15 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C84C6C14F720; Wed, 14 Sep 2022 13:15:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pYtoVY_lH54h; Wed, 14 Sep 2022 13:15:46 -0700 (PDT)
Received: from smtp.akis.at (smtp.akis.at [IPv6:2a02:b18:500:a515::f455]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F78CC14F6EC; Wed, 14 Sep 2022 13:15:39 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com ([IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bd]) by smtp.akis.at (8.17.1/8.17.1) with ESMTPS id 28EKFZ90002685 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 14 Sep 2022 22:15:35 +0200 (CEST) (envelope-from christian@amsuess.com)
X-Authentication-Warning: smtp.akis.at: Host [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bd] claimed to be poseidon-mailhub.amsuess.com
Received: from poseidon-mailbox.amsuess.com (hermes.amsuess.com [10.13.13.254]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 8829AF6FC; Wed, 14 Sep 2022 22:15:34 +0200 (CEST)
Received: from hephaistos.amsuess.com (hephaistos.amsuess.com [IPv6:2a02:b18:c13b:8010::907]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id 5CFE211C49; Wed, 14 Sep 2022 22:15:34 +0200 (CEST)
Received: (nullmailer pid 3495750 invoked by uid 1000); Wed, 14 Sep 2022 20:15:34 -0000
Date: Wed, 14 Sep 2022 22:15:34 +0200
From: Christian Amsüss <christian@amsuess.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: "core@ietf.org WG (core@ietf.org)" <core@ietf.org>, anima@ietf.org, draft-ietf-anima-constrained-join-proxy@ietf.org
Message-ID: <YyI2ZrrqczQrPLwC@hephaistos.amsuess.com>
References: <91614672-0629-f10f-9bcc-ad922d4045be@ri.se> <483507C3-9E25-4450-99D4-6FE7FA56266E@tzi.org> <22189.1663100544@dooku> <YyH8C73McJ/DHKRy@hephaistos.amsuess.com> <25726.1663174400@dooku>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="1mOslQLlKvm3ydsU"
Content-Disposition: inline
In-Reply-To: <25726.1663174400@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/FhK9HaW0_BaD5sC0X3nd9JyZw_A>
Subject: Re: [core] discovery of Registrar by stateless Join-Proxy (was Re: Join-proxy information in the RD (Re: CoRE WG Virtual Interim 2022-09-14))
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2022 20:15:50 -0000
Hello Michael, > It's not unidirectional! > I'm not able to parse "semi-" here, but I suspect that is what you are trying > to get at. What I meant was "duplex, but one side can only reply to traffic initiated by the other"; I think we're in agreement here. > > Given that this only works locally (if it were run > > separately, that separte entity would need to keep state, whereas the > > I'm not sure what you mean, "only works locally" > Do you mean it only works on the localhost, on the link-local, or in the > local (autonomous) network? What I meant by "working locally" was that the UDP endpoint that is the server in the JPY protocol typically resides on the same host as the one UDP endpoint that server in CoAPS -- in figures 2 and 3, this is the case by both being IP_R:something. While in theory these might be separate services (with the process serving IP_R:p_Ra forwarding requests through some mechanism to IP_R:5684), my impression is that this is most efficiently implemented as one, and in particular that it is expected that only p_Ra (and not a separate address) needs to be advertised. > > local service can take shortcus and only keep state after DTLS got > > established), might it not be a better option to just advertise that > > the CoAPS port has a an additional way in, say, > > `<coaps://[2001:db8:0:abcd::52]/>;jpy-port=7634` (abbreviated as > > `</>;jpy-port=7634`)? > > We looked at ways which would allow us to insert the state information into > the DTLS framing, like we can when CoAP is on the outside, but that couldn't > be done in a way that didn't violate the crypto context of DTLS. All the suggestions I've made purely relate to how this is discovered, not any changes on the wire outside of discovery. > The join-proxy is the thing looking for this resource, not the (pledge) end node. > The pledge can tunnel a RD through the COAPS to get a list of things. Outside of all the .jp and .rjp proxy addresses, can you give an example of the concrete resources the pledge would want to discover at/through the join proxy? In section 6.2.1 it discovers transport, but I suppose at a later step it will want to discover a path for a concrete resources (dunno, maybe an rt=brski.es or brski.rv), where would it currently learn that? These lines might be a good starting point to work out a more concrete example with a `;jpy-port=...` option. BR c -- We are dreamers, shapers, singers, and makers. -- Elric
- [core] CoRE WG Virtual Interim 2022-09-14 Marco Tiloca
- [core] Join-proxy information in the RD (Re: CoRE… Carsten Bormann
- Re: [core] Join-proxy information in the RD (Re: … Carsten Bormann
- Re: [core] Join-proxy information in the RD (Re: … Michael Richardson
- Re: [core] Join-proxy information in the RD (Re: … Christian Amsüss
- [core] discovery of Registrar by stateless Join-P… Michael Richardson
- Re: [core] discovery of Registrar by stateless Jo… Christian Amsüss
- [core] discovery of Join-Proxy/Registrar by pledg… Michael Richardson
- Re: [core] discovery of Registrar by stateless Jo… Michael Richardson
- Re: [core] Join-proxy information in the RD (Re: … Esko Dijk