Re: [core] đź”” WGLC of draft-ietf-core-stateless-01
Carsten Bormann <cabo@tzi.org> Wed, 10 July 2019 11:51 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDA6C1200E7 for <core@ietfa.amsl.com>; Wed, 10 Jul 2019 04:51:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.197
X-Spam-Level:
X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6KitLUowBo2b for <core@ietfa.amsl.com>; Wed, 10 Jul 2019 04:51:14 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B42E21200A3 for <core@ietf.org>; Wed, 10 Jul 2019 04:51:13 -0700 (PDT)
Received: from [192.168.217.110] (p548DC676.dip0.t-ipconnect.de [84.141.198.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 45kHZk5HD3z14Xx; Wed, 10 Jul 2019 13:51:10 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <0F46EC62-79D6-4C4C-B691-668E86E3B0F8@inria.fr>
Date: Wed, 10 Jul 2019 13:51:10 +0200
Cc: core <core@ietf.org>
X-Mao-Original-Outgoing-Id: 584452268.2742389-ba5fc292a2d021a98d08ae2e9496e4ec
Content-Transfer-Encoding: quoted-printable
Message-Id: <31720567-638E-4951-A4E3-368D454216A6@tzi.org>
References: <BACE74BC-C665-484D-A2D2-541B42077E93@tzi.org> <0F46EC62-79D6-4C4C-B691-668E86E3B0F8@inria.fr>
To: Mališa Vučinić <malisa.vucinic@inria.fr>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/ogI9dMsTpdLEC8mEojemFeuMgxE>
Subject: Re: [core] đź”” WGLC of draft-ietf-core-stateless-01
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jul 2019 11:51:18 -0000
Hi Mališa, thank you for these remarks. Let me respond to some of them before we hear from the author. > On Jul 10, 2019, at 11:41, Mališa Vučinić <malisa.vucinic@inria.fr> wrote: > > Dear CoRE, > > As indicated during the Prague meeting, I would like to thank Klaus and the CoRE group for finalizing this document on a short notice. The stateless document was motivated by our network access use case in 6TiSCH where an unauthenticated client talks to a constrained (stateless) proxy in order to join the network. > > In general, I find the document well written and easy to read. Some remarks below. > > In case the extended token and Observe are used together, where multiple (legitimate) Observe responses carry the same (extended) token, replay protection using sequence numbers at the client might falsely identify such tokens as replays. How should this be handled? Can you more specific about the scenario? 3.1 says: When multiple clients observe [RFC7641] the same resource, aggregating requests is REQUIRED (Section 3.1 of RFC 7641). As this cannot be satisfied without keeping request state, an intermediary MUST NOT include an Observe Option in requests it sends without keeping request state. > Little consideration is given to the replay protection using timestamps. It might be important to note here that a client, and particularly a constrained one, only needs to trust its own clock without any synchronization required. The question that remains though is what implementation strategy should a client use to accept/reject a given extended token when using timestamps. > > A client (or intermediary in the role of a client) that depends on > support for extended token lengths (Section 2) from the next hop to > avoid keeping request state MUST perform a discovery of support > (Section 2.2) before it can be stateless. > > There are environments, 6TiSCH being one example, where the support for extended tokens can be known before hand, e.g. through out of band information such as dependency in the draft. In that case, saving two messages on the wire in constrained environments by omitting the discovery seems quite reasonable. I would therefore argue for this MUST to be replaced with a SHOULD. Or, alternatively, being set up for operation in such a network could count as such a form of discovery. > Some nits below: > > If a server supports extended token lengths but receives a request > with a token of a length it is unwilling or unable to process, it > MUST NOT reject the message. Instead, it SHOULD return a 4.00 (Bad > Request) response. This implies that the server returns the entire > token verbatim. > > This paragraph to me seems self-contradictory. If a server cannot process a request with a token length greater than some value, is it reasonable to expect that it can return it in the Bad Request response? The note (“This implies”) already points out the significant onus. I’m not sure we can really require the MUST NOT. > If SHOULD is not respected, what happens? The client might have trouble fully assessing the situation. > > Tokens are a hop-by-hop feature: When an intermediary receives a > request, the only requirement is that it echoes the token back in any > resulting response. There is no requirement or expectation that an > intermediary passes a client's token on to a server or that an intermediary > uses extended token lengths itself when receiving a request with an > extended token length. > > Note should be taken here that such intermediary can itself be “stateless”, as described in Section 3.1 just below. > > In wireless mesh networks, > where all traffic is visible to a passive attacker, encryption may > not be needed as the attacker can get the same information from > analyzing the traffic flows. > > I am quite confused by this sentence which seems as an oversimplification. What kind of an attacker are you considering here? I agree that there is a large box of pandora here. In particular, an endpoint often cannot be sure their traffic stays within the wireless network. I’m also not sure this is only about wireless mesh networks and not other wireless networks. So I would reformulate this “Where a passive attacker can get the same information from analyzing the traffic flows, there may be little gain in adding encryption.”. Grüße, Carsten
- [core] đź”” WGLC of draft-ietf-core-stateless-01 Carsten Bormann
- Re: [core] 🔔 WGLC of draft-ietf-core-stateless-01 Mališa Vučinić
- Re: [core] 🔔 WGLC of draft-ietf-core-stateless-01 Mališa Vučinić
- Re: [core] đź”” WGLC of draft-ietf-core-stateless-01 Carsten Bormann
- Re: [core] đź”” WGLC of draft-ietf-core-stateless-01 Klaus Hartke