IETF Logo Mail Archive

Re: [core] Benjamin Kaduk's Discuss on draft-ietf-core-stateless-06: (with DISCUSS and COMMENT)

Klaus Hartke <klaus.hartke@ericsson.com> Tue, 21 April 2020 10:31 UTC

Return-Path: <klaus.hartke@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DE193A05A6; Tue, 21 Apr 2020 03:31:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8Z8ArdeqRQyR; Tue, 21 Apr 2020 03:31:26 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70072.outbound.protection.outlook.com [40.107.7.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB1B73A05A4; Tue, 21 Apr 2020 03:31:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A56y5ijDVlayrFWjniVEXNVE3bOzDOc+RcJWe+GyW/ObpfN0SGccIf4hzePBTQnHGx2GYMThkOCjStQnF+AyzVBpyWSIWj4BNa0YZptoZEALyxCZYrhGnzD1WqyeeFCYt0d86G8GYHGFfhc90ufl5ClQVP5HiApqese5k24t/1YyZ4LGmEL7nGaCN22KeVUDNNZDtsrIhyrqFgKJqbFJQmoJMD0eaCuzGlCfxDV+KT/+ZbKV3LoDeyRdxM2eUeBjoqb6+fxkl948reJmXu4xnwaFnQmChmRgmAdVxq44A1NwIGR40AidTUSIA9fm1nCetJSOIHu0wc8HWMrhV/0WhA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QKS7EazqY2JLzsyaSnANGtWeDuT5Eu+zUk6d0MGzxF8=; b=Fc4McHou3eZJrjBFXJAZCtMAwCdo5O1giidxYA+mhwzxHLLvoQ3pkItQeACWkwnIHDmzINuZRHrnCEoYqovclqBE/rohQfAr7Sinu7WajhoIBoHwCdEiRHNv46LKy6AwQd4rVuLg9SWW179CSIG2faeKh718iGp9wldTU+poj8U3V8ZgCYPWqN6B2Hrh4idznl7QIDszQvmZmQ1iBKn9J5ItaA6TNT2ZK0qkyyr1Y4futgT9FRBJ6RxOgg9bA51TS11Ky85Fa1z4tReS/M5z4EobsW6oSuLRLCdgsHN82R11oGO3/Zrq0KgPGZEODzVuozI3zVKzOrJ4rMy4KB0lxA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QKS7EazqY2JLzsyaSnANGtWeDuT5Eu+zUk6d0MGzxF8=; b=Ic1sSJd49FMea86GzG34LwdRKrBjTuwYg3aUz/w39z5MwQ2dB/dypMzsC5lO3yWvYjz1rYHmmuTEYdOeSlZRVS5tIKXU/oNLNYK81oG/FmZEnTzUbQiuiY6BedkNYwoLUqUQ9qbL4qSpUzo4Yz8PaB02BLIG6jBhHP8EK/u99Vk=
Received: from HE1PR07MB4346.eurprd07.prod.outlook.com (2603:10a6:7:97::10) by HE1PR07MB4281.eurprd07.prod.outlook.com (2603:10a6:7:95::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.11; Tue, 21 Apr 2020 10:31:22 +0000
Received: from HE1PR07MB4346.eurprd07.prod.outlook.com ([fe80::dd30:592:4d33:3f46]) by HE1PR07MB4346.eurprd07.prod.outlook.com ([fe80::dd30:592:4d33:3f46%5]) with mapi id 15.20.2937.012; Tue, 21 Apr 2020 10:31:21 +0000
From: Klaus Hartke <klaus.hartke@ericsson.com>
To: Benjamin Kaduk <kaduk@mit.edu>, The IESG <iesg@ietf.org>
CC: "draft-ietf-core-stateless@ietf.org" <draft-ietf-core-stateless@ietf.org>, "core-chairs@ietf.org" <core-chairs@ietf.org>, "core@ietf.org" <core@ietf.org>, Carsten Bormann <cabo@tzi.org>
Thread-Topic: Benjamin Kaduk's Discuss on draft-ietf-core-stateless-06: (with DISCUSS and COMMENT)
Thread-Index: AQHWF1ecNL1pVDebdkuqG/IPLt9TZKiDV+wg
Date: Tue, 21 Apr 2020 10:31:21 +0000
Message-ID: <HE1PR07MB4346E18C08F8C14E91CF0ED4E6D50@HE1PR07MB4346.eurprd07.prod.outlook.com>
References: <158741679923.20291.1071401061463555301@ietfa.amsl.com>
In-Reply-To: <158741679923.20291.1071401061463555301@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=klaus.hartke@ericsson.com;
x-originating-ip: [145.14.112.90]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 00e3cf2b-cbbd-4168-f920-08d7e5df22c2
x-ms-traffictypediagnostic: HE1PR07MB4281:
x-microsoft-antispam-prvs: <HE1PR07MB4281293BB62855B8EEE2B6EEE6D50@HE1PR07MB4281.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 038002787A
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB4346.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(376002)(39860400002)(396003)(346002)(366004)(52536014)(81156014)(66946007)(44832011)(33656002)(64756008)(8676002)(186003)(2906002)(71200400001)(86362001)(5660300002)(8936002)(76116006)(7696005)(966005)(110136005)(54906003)(26005)(6506007)(316002)(9686003)(66446008)(66556008)(66476007)(55016002)(4326008)(478600001); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: tZmEsdEoH4HAFHGJMbOWb2c3ZWYuRLsf3ic0QkDikjZ5qZt00lNgvuK5EfDLgACLCrIlXJp3j2xGN/Rkzj5ufzzCCvBuh+jHfbaAZVR5pbRiKcWQcgior1E6eFQ6oSp31lV+vJ5VumdoG1CsDZpcY9DRhvG2LnW/jZ+Y0ebvJnLYmMaP9+vQ3PnzIls3R5/TZQTAKzz3k68qM2rpoZkMR4mCPchdaXIleZwBMi9kupjW/jU8ZQM7QT3KX8w3qljGz84zvSyBHDZ/mD3j2wl8+0gPvOc7VVxvchPa5w8OekWIfSe9yDn8QwYQWweqNz+vHAVtQyByuPXcbPAj4bZEAWwaPHSEdiFQZMYIl2+CU2n91gKlLH6Lg4kuKeHo9Y6xPa+xgiyjkZHPgWyAjLFBHXxYs6ppvk5Nj5ewsOT9lO0AuGeQD+X0ZjrIfEnnw20NBNIVxvjJegouCbfAdpGMmslizNSxlVUjMSv4pnb0dBeMB8MyMWmcK/CHAbQeBJxB+qJbCsoy+uKm0zurRy+ePw==
x-ms-exchange-antispam-messagedata: jgzqOnK3/L1IhFvQEUfUR9b+f/eWbo+WbJFgQ+qxsKw9gyfiC38Kfl6SLBRuDBmH+yR0sy08olY6ooscYux8VhGoK4yo7OjRWDcuGK3R8pqdYuIPHFUuUw72+rTmM/ZO7VYHQa62iyM41M6nixHIYD7AlW+iiix1r10T6lOchczzWWeZId/WeVhYm7Fo2U6mBKlEV3NZWQik26LaMkkEMChono+Uv5QrUBRSzSDne1GkEWLPwVTMZ8HFE15sZLsZG0YbCnd2rm96EIFLijHIFkLlKzOSTY+K/2Bo4HHfxkR5/7c5Gl4VssjK+EGnIeZHDPTlAONgNdC47iaCgBKZ1Icld9cz3HwHBsR5+VZnbpTR2OG6LTfm4oH6wZOXnKBIO7wEoAL4noGef6hGzt+hlsydKIipvmGoO7/uBXjzJtog8LV13H7weondu3Avh1SeyjHYbc1PcmtU5hfu5RwMQjadin4oZ7k7d/i0TpbiFXvhpDlmV7YXEJKCSo8ozk5bIi/h+vms2wYJzGYu3SjlFpA+/beGnJeLuZfBWS9i3EG11Ui1WlcHrVhJhCEttfMkhOJy9jR/UDlorTOuoIlQcE/H/ZZ4KKUzzqyE7aD/50xMmJ3ivaWGc9a2jOhyeRsXa4Pm9BHSrbh5pedoOCm/g1ThZRDpUHMsyqDecxNkHeUbOBLI8KBbQi88eASOxcWfGofiNsR0BqhGnbY4DtZ+IjEqROA80RJwk3M8q4Rr8H4BcT3NSDXjWjCsy8lUIDB2Q2Oh94fC84LbAaZZTC/Th1khoqzGksTuyWl33D6ORdI=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 00e3cf2b-cbbd-4168-f920-08d7e5df22c2
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Apr 2020 10:31:21.8815 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Yh89LEJc/FM5kjs5oDqn3pPH/Iz5bgdD10L0zREtWVl3cS60QeRXj/MnpqAwhwEIr4goNSE0O4p81kZTkwVzvA91ztyDZo66nR9VcZXayps=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4281
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/4UOui544DQA58RYCn4YS-Txj9ko>
Subject: Re: [core] Benjamin Kaduk's Discuss on draft-ietf-core-stateless-06: (with DISCUSS and COMMENT)
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2020 10:31:29 -0000

Hi Ben,

thanks a lot for your detailed review. I'll respond in batches; please see the first batch (some low hanging fruits) below.

One question: Where did you see that "Len (extended)" is 0-4 bytes instead of 0-2 bytes as shown in the appendix?

Best regards,
Klaus


Benjamin Kaduk wrote:
> Section 2.1
>
>    The new definition of the TKL field increases the maximum token
>    length that can be represented in a message to 65804 bytes.  However,
>    the maximum token length that sender and recipient implementations
>    support may be shorter.  For example, a constrained node of Class 1
>    [RFC7228] might support extended token lengths only up to 32 bytes.
>
> Is there anything to say about IP MTU here?

IMHO, nothing that is not already been said in RFC 7252.

>    Since network addresses may change, a client SHOULD NOT assume that
>    extended token lengths are supported by a server later than 60
>    minutes after receiving a response with an extended token length.
>
> nit: maybe "after receiving the most-recent response with [...]"?

Done.

> Section 3
>
>    As servers are just expected to return any token verbatim to the
>    client, this implementation strategy for clients does impact the
>    interoperability of client and server implementations.  However,
>
> nit: is this intended to be "does not impact"?

Yes. Fixed.

> Given the subsequent sentence I might suggest "does not substantially
> impact" instead, though.

Hmm... no, there is really no interoperability issue between some client and some server. Just between the client that sends the token and its future self that receives the token.

> Section 3.2
>
>    A client that depends on support for extended token lengths
>    (Section 2) from the server to avoid keeping request state SHOULD
>    perform a discovery of support (Section 2.2) before it can be
>    stateless.
>
> This feels like a descriptive "needs to" rather than normative "SHOULD".
> Stateless operation just isn't going to work if the server doesn't support
> extended token lengths and the client needs it.

Fixed.

> Section 3.3
>
>    Reset messages, however.  Non-confirmable messages are therefore
>    better suited.  In any case, a client still needs to keep congestion
>
> nit: better suited for what?

Changed to "Non-confirmable messages are therefore better suited for avoiding state."

> Section 4.3
>
> RFC 7252 doesn't really suggest that there's a protocol element that would be
> set to "infinite" here; perhaps we should just say that "in this case, the
> gateway cannot return such a response and as such cannot implement such a
> timeout".

Done.

>    guarantees are voided.  Devices with low-entropy sources -- as is
>    typical with constrained devices, which incidentally happen to be a
>    natural candidate for the stateless mechanism described in this
>
> nit: "low-entropy sources" is a weird phrasing; "low-quality entropy sources"
> would feel more natural to me.

Fixed.

> Also, draft-irtf-cfrg-randomness-improvements may be of interest to at least
> some such devices.

Yes, this is in general interest to such devices.

> Section 6.1
>
> Should the table formatting be consistent between here and Section 2.2.1?

I chose the same formatting as in RFC 8323; see, e.g., https://tools.ietf.org/html/rfc8323#section-5.3.1 and https://tools.ietf.org/html/rfc8323#section-11.2

v2.23.0 | Report a Bug | By Email