Re: [core] Review of draft-dijk-core-groupcomm-bis-02
Esko Dijk <esko.dijk@iotconsultancy.nl> Tue, 17 March 2020 15:10 UTC
Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE0473A03EA; Tue, 17 Mar 2020 08:10:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.889
X-Spam-Level:
X-Spam-Status: No, score=-1.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancynl.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 78mk4qdQN3-t; Tue, 17 Mar 2020 08:10:10 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-db5eur03on0731.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0a::731]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D955E3A0365; Tue, 17 Mar 2020 08:10:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=f41/GYA3uvPwVubnJOywqRWPR9zXS06TwfB1rlYvF5TKYfVtzVBV9IWd+qX4sTbUvk6feXEIg6xQW6Mw8q4+/roYTdGkGUwcbExbZ45MZA2dh6nTkpoRrQbQhphI3UZXClPI/ezOaYXi1WEM2lP0QnvqyparNv3ReVqDV5vNml4zlXcL3feuT1awJ2ZbQNoWuWw9LBCpsyBKbomeXdP93kWYFNuGwJXeWhtlK4jjShdDoj7GUVdzWzgNK8nE6DiIDDaVNSvVr5UfmN4GLranNoxYAZMlc7wfPhAyJufB3W4yMlJYn3Bd9IRc4WUN1gvrVSdCWoUiP04gAMO2AYUDdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=bkatJ9GoBy9qBhx4xhFryEbLTyeS4R9gttm/v4dRr+U=; b=XwpQRcRmWiSFsWNwhLOH476ry7xtYB/zBIcaDqc/e43P5LdzlgmVt7YcMJAh+dKIDGNAcNdsaNq2zQ/orZv7KZTyk4551sYlj5qk4y3RVpo0aK97aCiP724H6CsqEkie39Yt9C9FWtXnPniOkNGxE5EyNWEFMjswu9S3788rZX9ndLMvikv7mEnKCFc/xkk6xlNTqSHp2eeNoPId9gMKFXTm+2CLffIbpSmI5a1PLlDq0E2/qImHiuYVZ+zPSje4jBdvEzq5oc3Xb9Mn8Qhwk8KvNIwZ3UviEmPk5BxgvNtgtGpCYRc9LxMw68330Eh8sK8BLZPF4bCgGgjGuQyAvg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=iotconsultancy.nl; dmarc=pass action=none header.from=iotconsultancy.nl; dkim=pass header.d=iotconsultancy.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancynl.onmicrosoft.com; s=selector2-iotconsultancynl-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;bh=bkatJ9GoBy9qBhx4xhFryEbLTyeS4R9gttm/v4dRr+U=; b=QbpLRmSGpz4Uvyy4w71LkQy4wboIstKRNleSqPOpygACU5iuiMrn/V6v36qLvGa107ElTZJvx5FqCP6Z3xGjjSvjMTxqH11UWBTgSV5EVExNy11DNFUlF5b/KEBUviU5F5qCwLOOTq/wtXeRGSGRf5RAm732gIA0u5vktXTrrA4=
Received: from AM5P190MB0275.EURP190.PROD.OUTLOOK.COM (10.161.62.28) by AM5P190MB0561.EURP190.PROD.OUTLOOK.COM (10.161.66.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2814.22; Tue, 17 Mar 2020 15:09:57 +0000
Received: from AM5P190MB0275.EURP190.PROD.OUTLOOK.COM ([fe80::8c96:a66b:e170:bf8f]) by AM5P190MB0275.EURP190.PROD.OUTLOOK.COM ([fe80::8c96:a66b:e170:bf8f%3]) with mapi id 15.20.2814.021; Tue, 17 Mar 2020 15:09:57 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: Jim Schaad <ietf@augustcellars.com>, "draft-dijk-core-groupcomm-bis@ietf.org" <draft-dijk-core-groupcomm-bis@ietf.org>
CC: 'Core WG mailing list' <core@ietf.org>
Thread-Topic: Review of draft-dijk-core-groupcomm-bis-02
Thread-Index: AdWYOY3vmCyjz4VYRmuWEjaTvSz+EBkM4CPQ
Date: Tue, 17 Mar 2020 15:09:57 +0000
Message-ID: <AM5P190MB02757F301F49A2BCD6579CE6FDF60@AM5P190MB0275.EURP190.PROD.OUTLOOK.COM>
References: <004501d598e6$34bd7830$9e386890$@augustcellars.com>
In-Reply-To: <004501d598e6$34bd7830$9e386890$@augustcellars.com>
Accept-Language: en-US, nl-NL
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=esko.dijk@iotconsultancy.nl;
x-originating-ip: [85.147.167.236]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: feeddca1-5314-4ba4-2859-08d7ca8541a2
x-ms-traffictypediagnostic: AM5P190MB0561:
x-microsoft-antispam-prvs: <AM5P190MB0561EE16BCCE4BE4C87F07F9FDF60@AM5P190MB0561.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0345CFD558
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(39830400003)(366004)(376002)(346002)(396003)(199004)(66446008)(64756008)(966005)(66556008)(53546011)(6506007)(66946007)(66476007)(71200400001)(5660300002)(52536014)(4326008)(76116006)(7696005)(508600001)(186003)(9686003)(33656002)(2906002)(55016002)(26005)(110136005)(81156014)(81166006)(316002)(44832011)(8936002)(86362001)(8676002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM5P190MB0561; H:AM5P190MB0275.EURP190.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1;
received-spf: None (protection.outlook.com: iotconsultancy.nl does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Q6t57qtQGgnPwLMNPoS0APJC9ACKil+XBMM7NqhmDz9r0HuJDvhqy9kJb/vW+unkVfXsfsxCO7e/gUIURYphZRoVuLr1ODumNCQenfDP9BmyoITfYInHeE4VZsKai9XIG7sUqStnialT3XyoFIK5gKjrKsmNnPyYLyuzrGKJpfAwHQ88MSiuhR9rjvLV8RkqlsNbEOHtSIPpf5JaRFQTutKg904PE8jI/ARddTxxE3yMA/VEg725+NHIT9F+CrVznjjvBc1WkXj9gWj8ZzpMU7ItJWtjQElfsv+NSmeQNm60mPUiqLez2H1ZUXjR4y1W+PHc7FFprCxkmwi4yWxzSecfoCpVkbcxw4Wj8UYHnEnGUEqH2ayow2yH0s1n0FTIlF8JOAnxQpCXLrTG8ajI+tQzFrGxbOwCEPtDHli0LT0aPtNlbTfv9Hh1EhF724F9iXtHaX9gVXWjuoQkj1IewwFIM4No2MuhdoVFKuvIys4ZwaOMSbvmFPxlFNMvVybcW+osaNt2XAMSA+V+ns8gtQ==
x-ms-exchange-antispam-messagedata: HUf83AGd2apmm3CQEnDoQhrEgMReCGVZbB25GexvQ858Dg9DrZv8jYdCEQiBabG2DlvYnrArujOc3qg7Dy6H4VxxRsZUQfdrmLs2CbHUjw31Aw8buUTKvTTra/4pmStgqdaf054Pc1XQi+KiA62nGQ==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-Network-Message-Id: feeddca1-5314-4ba4-2859-08d7ca8541a2
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2020 15:09:57.6252 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: xtrk6c8CW1j2egSDXHcZAFztkTfbFv6i8ZS9su7IEpIBCxcmbo8WKdo3l8acbpP5+/u/OIHjIV74P87kKowLTV1iZvulXggf+BgtAs1M6uw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5P190MB0561
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/3UNC2ruuem9mjjNV-VmXFQRzo-s>
Subject: Re: [core] Review of draft-dijk-core-groupcomm-bis-02
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2020 15:10:16 -0000
Hello Jim, Thanks again for your review. Below inline I have included the authors' responses to your comments, marked [GC]. All items have been addressed in the -03 version. Esko > -----Original Message----- > From: Jim Schaad <ietf@augustcellars.com> > Sent: Tuesday, November 12, 2019 00:18 > To: draft-dijk-core-groupcomm-bis@ietf.org > Cc: 'Core WG mailing list' <core@ietf.org> > Subject: Review of draft-dijk-core-groupcomm-bis-02 > > Here is a fast read through of the document. Overall it looks to be a good > document. > > Jim > > > 1. Abstract needs to note the obsoletes and update actions someplace. Also > put into the introduction ( found in section 1.1 - might need to be earlier > - depends on how the IESG feels). [GC] Done, and mentioned obsoleted/updated document earlier in Section 1. > > 2. Section 2.1.1 - I like the definition of a group here in many ways. I am > wondering if it needs to be extended to deal with the prospective observe > protocol (which might be below where I am reading) that was discussed in the > virtual. In that case we are talking about an endpoint listening on the > multicast address, but not as a server but looking for responses which > corollate to a request. > [GC] We have revised the definitions of the three types of groups (now Section 2.1). For the CoAP group definition, now we more generally say “devices as listeners to that Multicast IP address”. When the text gets even more specific and talks about messages, we mention only a client sending a request over multicast, as in scope for this document. We can easily extend it to also mention a server sending a response over multicast, as specified in https://tools.ietf.org/html/draft-tiloca-core-observe-multicast-notifications-02 > 3. Section 2.2.1, para 4 - This criteria does not seem reasonable. If it > returns an error and then would return a success this seems to say that > second response ought to be suppressed. > [GC] We have rephrased the text as follows (now fifth paragraph of Section 2.3.1) “Any default response suppression by a server SHOULD be performed in a consistent way, such that if a request on a resource produces a Response Code and this response is not suppressed, then a later request on the same resource that produces a response with the same Response Code is also not suppressed.” > 4. Section 2.2.1 - I think that the section on freeing up a token for > unicast responses should be updated to deal with the change made in the > draft-ietf-core-echo-request-tag. > [GC] We have rephrased that paragraph considering the updated client processing in the unicast case (now in Section 2.3.1). Later in the section, we have added the related paragraph “When securing group CoAP communications with Group OSCORE …” > 5. Section 2.3.2 - is the last paragraph misplaced? [GC] Yes, we have swapped the last paragraph in current Section 2.4.2 and the last paragraph in Section 2.4.1. > > 6. Section 5.2.3 - I think that this section needs a new title. It does > not make any sense to me when I read it. I think you mean "Countering > Attacks" [GC] Changed to “Countering Attacks”. > > 7. Section 5.2.3 - You make some grandiose statements about the fact that > these attacks are countered without given any idea of how or where to go to > find out how. > [GC] We have accordingly done a major rewriting of the whole section. > 8. Security considerations. Should there be some type of statement that > since all messages are non-confirmable, there is now way for a client to > know if an attacker is capturing the packets for later replay? > [GC] Yes. We have added a new Section 5.3 where we discuss this. > Nits > Section 2.1.4, para 3 - s/participating to group/participating in group/ > Section 2.2.1 s/but it MAY suppress this response if selected so by the > server application/but the server MAY suppress the response if the server > chooses/ > s/is not standardized yet currently/ either yet or currently but not both > section 4 s/so still allowing/while still allowing/ > [GC] Done IoTconsultancy.nl | Email/Skype: esko.dijk@iotconsultancy.nl