Re: [core] [Technical Errata Reported] RFC7252 (5429)
Christian Amsüss <christian@amsuess.com> Thu, 19 July 2018 16:02 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E593D13110B for <core@ietfa.amsl.com>; Thu, 19 Jul 2018 09:02:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Y2NK5h06x1k for <core@ietfa.amsl.com>; Thu, 19 Jul 2018 09:02:26 -0700 (PDT)
Received: from prometheus.amsuess.com (prometheus.amsuess.com [5.9.147.112]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 38D6B1310FF for <core@ietf.org>; Thu, 19 Jul 2018 09:02:26 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by prometheus.amsuess.com (Postfix) with ESMTPS id 388F740213; Thu, 19 Jul 2018 18:02:24 +0200 (CEST)
Received: from poseidon-mailbox.amsuess.com (hermes.amsuess.com [10.13.13.254]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 2099A26; Thu, 19 Jul 2018 18:02:23 +0200 (CEST)
Received: from hephaistos.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:4c8c:d7dc:98e5:d86]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id D080A2E; Thu, 19 Jul 2018 18:02:22 +0200 (CEST)
Received: (nullmailer pid 22689 invoked by uid 1000); Thu, 19 Jul 2018 16:02:22 -0000
Date: Thu, 19 Jul 2018 18:02:22 +0200
From: Christian Amsüss <christian@amsuess.com>
To: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: ben@nostrum.com, aamelnikov@fastmail.fm, adam@nostrum.com, jaime.jimenez@ericsson.com, marian.buschsieweke@ovgu.de, core@ietf.org
Message-ID: <20180719160221.GB22079@hephaistos.amsuess.com>
References: <20180718144754.8CFA2B810BB@rfc-editor.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="OwLcNYc0lM97+oe1"
Content-Disposition: inline
In-Reply-To: <20180718144754.8CFA2B810BB@rfc-editor.org>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/URhV_zvGYm4-gbkuylGhSptZOhs>
Subject: Re: [core] [Technical Errata Reported] RFC7252 (5429)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jul 2018 16:02:36 -0000
Hello Marian, hello CoRE WG, (CC list stripped expecting that the authors are subscribed to CoRE) On Wed, Jul 18, 2018 at 07:47:54AM -0700, RFC Errata System wrote: > [...] Message IDs of subsequence messages send to the > same endpoint within EXCHANGE_LIFETIME MUST be strictly ascending > (wrapping around at a value of 65535). Additionally, two > subsequently send Message IDs to the same endpoint SHOULD have a > difference of at most 16. > [...] > > Notes > ----- > Without any restrictions on how Message IDs are generated, an > implementation of CoAP duplication detection must be prepared to > receive a random sequence of Message IDs. > > One simple implementation strategy would be to store the received > Message IDs along with a timestamp when they were received. > > If a 16 bit time stamp would be used, 4 Bytes per tracked Message ID > would be required. > > If additionaly a CoAP server expects requests to be received at a rate > of 1 message per second, at least 247 * 4 Byte or approximately 1 KiB > have to be allocated per client. > > A class 1 (see RFC 7228 Section 3) server could handle at most 10 > clients in parallel, if anything apart duplicate detection could be > implemented without using any memory at all. > > If instead Message IDs have to be generated by incrementing a (global > or per endpoint/network prefix/...) counter variable, duplicate > detection can be implemented in a time and memory efficient way > without limiting the rate of the message exchange between to nodes. The memory requirements may have their point, but I think that this change would be far too severe for an erratum. If servers started relying on this change, that would easily invalidate duplicate message detection with existing implementations that use a single increasing message ID counter for all their peers. That aside, I'm not sure the overhead estimations work that way. Duplicate message detection not only means that the message ID and the timestamp must be stored (your 4 bytes), but also the often much larger response message. As that is costly and should be avoided, constrained implementations will look into whether they need to deduplicate at all: * For safe or idempotent request messages, message deduplication can be skipped. (You'd build the response to a GET once again when a duplicate hits you rather than storing the old response. For PUT, you'll set the resource's state anew, and if that's part of a race condition, so would a delayed package have been). Even some cases of POST can be treated like that (the application would need to let the library know that). * For observe notifications, the recipient would silently disregard the apparently out-of-order package. * For non-observe non-piggy-backed responses, the client would RST the duplicate response rather than ACK it, which is just as good. (There are no "The client received the response" semantics to the ACK). Constrained implementations should avoid keeping MIDs and timestamps around for any of those. Only non-idempotent (POST; which most applications will try to avoid) requests actually need the duplicate detection -- and then, there is also a response message to store, and then the overhead of actually storing the MID becomes far less significant. I'd be happy to be shown wrong, so please let's have the discussion if I am, but this is not something that should easily go into the errata. Best regards Christian -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
- [core] [Technical Errata Reported] RFC7252 (5429) RFC Errata System
- Re: [core] [Technical Errata Reported] RFC7252 (5… Christian Amsüss
- Re: [core] [Technical Errata Reported] RFC7252 (5… Marian Buschsieweke
- Re: [core] [Technical Errata Reported] RFC7252 (5… Carsten Bormann
- Re: [core] [Technical Errata Reported] RFC7252 (5… Achim Kraus