Re: [core] Comments on draft-ietf-core-echo-request-tag-02
Göran Selander <goran.selander@ericsson.com> Thu, 18 October 2018 21:32 UTC
Return-Path: <goran.selander@ericsson.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F5A312F1AC for <core@ietfa.amsl.com>; Thu, 18 Oct 2018 14:32:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.386
X-Spam-Level:
X-Spam-Status: No, score=-3.386 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.064, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=ec4F6OMG; dkim=pass (1024-bit key) header.d=ericsson.com header.b=fB+UgOR9
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HTQWtwCG7bTR for <core@ietfa.amsl.com>; Thu, 18 Oct 2018 14:32:41 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84871130DEF for <core@ietf.org>; Thu, 18 Oct 2018 14:32:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1539898357; x=1542490357; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=gHXsbZJL1Yq2Lv/hxUlPJ0Pdm+h137BiXYF4pvOIAxQ=; b=ec4F6OMGUihXFdDLkRUmoslKx2Re6ot+c3xeeq7QZCV+0eGIPt46dbjvl4BtW3wl bMC6S7aOtVhG8+jTmCcostw7RAGoeeI3PExrvByLNPwAhoCOL3s7jgNErmgi5fcK rtYvfV0oP/TeVGqZB+/2QRlKxZ/jGymln10sz6t8vTk=;
X-AuditID: c1b4fb25-a0b8c9e0000018b4-c4-5bc8fbf5ad0a
Received: from ESESSMB501.ericsson.se (Unknown_Domain [153.88.183.119]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 86.A6.06324.5FBF8CB5; Thu, 18 Oct 2018 23:32:37 +0200 (CEST)
Received: from ESESSMB505.ericsson.se (153.88.183.166) by ESESSMB501.ericsson.se (153.88.183.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Thu, 18 Oct 2018 23:32:13 +0200
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB505.ericsson.se (153.88.183.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Thu, 18 Oct 2018 23:32:13 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gHXsbZJL1Yq2Lv/hxUlPJ0Pdm+h137BiXYF4pvOIAxQ=; b=fB+UgOR98urDhgH+xQ3ld52BJ32+2zxqkHdY8cAYCC2UwcdrTGYGfrjE+z7ewnxwS4aQ2EpIGVAnj7x7t3iEbyfyKVc+yvhJioyjwDrVbveLHLqA2xyMeb+F2LuAdZVAq6toD8hmrROO6OvOOyTHCyfTUeYFiACtOv7zFNd2OfY=
Received: from AM6PR07MB4822.eurprd07.prod.outlook.com (20.177.190.219) by AM6PR07MB4118.eurprd07.prod.outlook.com (52.134.117.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1273.5; Thu, 18 Oct 2018 21:32:11 +0000
Received: from AM6PR07MB4822.eurprd07.prod.outlook.com ([fe80::f195:bdf:6a62:3bcc]) by AM6PR07MB4822.eurprd07.prod.outlook.com ([fe80::f195:bdf:6a62:3bcc%2]) with mapi id 15.20.1250.022; Thu, 18 Oct 2018 21:32:11 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: Jim Schaad <ietf@augustcellars.com>
CC: "draft-ietf-core-echo-request-tag@ietf.org" <draft-ietf-core-echo-request-tag@ietf.org>, "core@ietf.org" <core@ietf.org>
Thread-Topic: Comments on draft-ietf-core-echo-request-tag-02
Thread-Index: AdRhDB0VTl1oEFpfS0G4KIUfFU0HbAFGCCUAAEWjJwA=
Date: Thu, 18 Oct 2018 21:32:11 +0000
Message-ID: <E207969D-C945-4E7A-94E7-C3F08EC46882@ericsson.com>
References: <00fa01d461b0$2a314f40$7e93edc0$@augustcellars.com> <20181017141813.GA4084@hephaistos.amsuess.com>
In-Reply-To: <20181017141813.GA4084@hephaistos.amsuess.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.12.0.181014
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [83.251.145.234]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM6PR07MB4118; 6:fbsup+g4XMFjn2+1XfHdsRVUzGGaWiHEs1L6PO4UtZBcfHcdoIfiRSsjPjh7ctJfDGtEiujU3SLiLidOMHpAN2FZikdjvkWskd9jW/RR1+0kc6slQRAXPuYR04Xukc+atiDGSr7Vt4A+n273ytcKDUP7VZsb5PgPSgDrfsOsNioZen++QvKwi//dvdyDI7MPs5XN2PrgoQ2JehQ5li14c1NNc2WCsUTtFAKe1jUxngYSreLEI+1vo3/B4UgOghbnfae+VLmo/CLMNr2mGZrIizOyQ38Uv2eqgxVyCpYr8tMofDBc6PDxoRBSIzTx/zrq0UPBXorj9SLEeNvTvpkPmHJINuqAsmDN8BC9PwX79UkjrxBeAdad3GFjQvuYm8o+a0gb4PFQUU+ObXU6GWCG3gVgm4hHWXNt5+2m4Jifexci/hrlE1+y8zjxbGWsee8gb9K0NYm28rwufvXfF4qdZQ==; 5:wrgxpGR42XCmVn1bPQFRDUNDAqV4XEfqvpsKpfSLAH4DoxVM8F1N6KGdHU9Z5ZGJ8CsI+TpzssdgCj25qxI79D0NuF+xn4/IGSEpClGd2WZkSSjWfwNijwEZx9JUETnfP5D9y2+m7DHBSuVEkkLiJ21ZJfbqkJJrhM26A8SBnpY=; 7:97iKqGaH7BRM29CC3MXqUhkaz62Gau7sJrLcABnYX0ayLVhOnq7U8p6XCVKeectj7QTbcy4P1RG7/vny1mJw5EEHEdwxPRJHsnkOaPjQqwJkgKPYciDsgCBysyhUlElBy5YvTE9foPZCeA17UYmvyA==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: c1fe2fa6-d932-4ba3-f910-08d6354129e8
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:AM6PR07MB4118;
x-ms-traffictypediagnostic: AM6PR07MB4118:
x-microsoft-antispam-prvs: <AM6PR07MB4118F7D98C3744AE916831C1F4F80@AM6PR07MB4118.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(278428928389397)(158342451672863)(17755550239193);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231355)(944501410)(52105095)(3002001)(10201501046)(93006095)(93001095)(149066)(150057)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123564045)(20161123560045)(201708071742011)(7699051)(76991095); SRVR:AM6PR07MB4118; BCL:0; PCL:0; RULEID:; SRVR:AM6PR07MB4118;
x-forefront-prvs: 08296C9B35
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(346002)(396003)(39860400002)(376002)(366004)(51444003)(53474002)(199004)(189003)(6246003)(14454004)(33656002)(66066001)(4001150100001)(26005)(97736004)(478600001)(102836004)(3846002)(6116002)(14444005)(186003)(256004)(4326008)(5250100002)(25786009)(53936002)(36756003)(85182001)(106356001)(85202003)(105586002)(6916009)(68736007)(99286004)(53546011)(6506007)(76176011)(66574009)(446003)(58126008)(2616005)(8676002)(486006)(11346002)(54906003)(81166006)(81156014)(8936002)(2900100001)(476003)(229853002)(6486002)(6436002)(6512007)(82746002)(71190400001)(71200400001)(83716004)(316002)(86362001)(2906002)(5660300001)(305945005)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR07MB4118; H:AM6PR07MB4822.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: OJph1B5EDNjqZggkz8PwmKuBiBl9sAdLUegwu0VyJDhAHoFsGtWRwvpZ7hAAnq6+mfYrouWizHlaXCeybjJCScAaXWcA79OY3uCl9bhpQDOflCRbE8Rh+GfW906U1EmSO3/558j6rkk9MGI2mpcSJD6P8/5jkImiYo+g8yadVIQVcoTW7lENYYWRvfHdxUjLqOVxh/DENSb7zTDVJ0vWZtyGC/PgOLXlXlHCfStf4zJcIMuCMjjkBvwJEEZFv5aZ6TnfBOmeMkupdqjGwq5MsrxNDpvA+TjvbMjtgvRMW9OJ5akcTEhCAfG4jszdeWi8lrq9l6pJz9mCRKdiv9Av6P0fw3KQCS0rYBLX71ge7OE=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <6A6D33069CD75E449EED171FA887047B@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c1fe2fa6-d932-4ba3-f910-08d6354129e8
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Oct 2018 21:32:11.0623 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB4118
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sa0hTYRjHfc85bsfV4G2pe7KbDiQUNjUTV2llFBl0+1apXaYevF/Yljci ZhbJXKC4KTNBwRnVTE0tMyVwrJx2Re2iBN6GGZSkNc0rbecs6Nvv/zz/58LzvjQp0nv60WnZ akaZrciU8ASU8VxnvtSxYosPbZ6Uyp//aCHlY7Zuntxcvcg7RMY+qq3mxZpMS8QZIk4Qlcxk puUxypADlwWpM1Ol/Fx7UsFyXYIG1Sq0iKYB7wGz/ZgWCWgRfoFg2jxIcGIBwbJpGHHCRMCv kkbSJShcToLN+tZtqySgvdXI1yIvpxhH8OmL0MU8fATGNZOEi73xLnhsHmGZxNdg7reO9W/G UfBkRuv2RIPd3MXjeB/0N9xh4xQOhK6WFU8XC/FBqOr4Q3KzcsGodyAXe+H90L+wxNYi7AuL A03uWWIYtdexDBiDqecdybEPfJtaZ3v64BCof1VNcrUX4Xqzhsd5JNB9s9/t3w6DdWXsKQB/ 5EFT1Xt3Uyn8NBjcppPQ2zNLcqY+BBW9AxSXCAajrdHNGbCqXXRPSIDRtQayHIXX/LdsjfNR SBwELc9CuHAsfNXoKI4DQF82wa9hb7EJ+o12qh55PkA+KkaVmJWyO1zGKNOSVKqcbFk2o25D zr/S27ES+BQNfY+xIEwjyUZhvsMWL/JU5KkKsywIaFLiLXR0OkPCZEVhEaPMuaS8ksmoLGgr TUnEwonI9jgRTlGomQyGyWWU/7IE7eWnQUU6q1wXbTDMy1PGQnW2tYD1l2210rITAssGvnU9 5k1fwYLeVxwZtGqYG2u/empLuunu68TiytnGOH/6grYoYkd65I37Z1u9p4kPjoDafL5sbVtQ ZUnJkLjq8NRDiew2cbomwsN/7+fj+ntGj8H5/ALrzorS4uHGW+c7wo4SI2oJpUpVhAWTSpXi L7JlcNYnAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/rYyYcTNwhIwF3xKP_c6V_O1lp-c>
Subject: Re: [core] Comments on draft-ietf-core-echo-request-tag-02
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Oct 2018 21:32:43 -0000
Hi Jim, Thanks for comments, responses to the remaining comments below. The CoRE WG Github is updated. On 2018-10-12, 00:17, "Jim Schaad" <ietf@augustcellars.com> wrote: I have read this document and I have the following comments: * Introduction - you say several enhancements, but there are only two new options. What are the other enhancements? GS: "several" removed. A number of applications are listed, e.g. in section 2.3, but no need to go into that here. * Introduction - The sentence "This document specifies ..." this sentence says you are doing two thing and then there are two sentences. I think you can tighten this up with a colon following "Request-Tag option:", delete the rest of this sentence and keep the next two sentences. GS: Done. * Section 1.1 para 1 - I think you should provide a couple of reasons why this is not a suitable solution. I can think of multiple different reasons: a) The amount of traffic and resources required - which may not be a problem with both sides just one. b) Going through proxies where the freshness gets lost as a client renegotiation does not get to the server and a proxy renegotiation says nothing about the client. c) Amount of time involved. GS: Motivation included. * Section 1.3 - I am a bit lost in this section. When doing matches between a request and a response I am matching up the message id and the token if it exists. You need some additional text in here to describe why it is that you are talking about something interesting to me. GS: Text updated and example included. * Section 2.1 - Something seems to be odd. I don't think the RFC editor note is correct. I think a paragraph must have disappeared GS: Paragraph added. * Section 2.2 - I don't think if you reboot that you have lost time synchronization, rather you have lost time continuity. That said the current term may be state of art and thus correct. To me synchronization implies a minimum of two parties. GS: "continuity" seems to be the right term here. Changed in 3 places. * Section 2.2 - I think that you need to make some arguments about what happens if an Echo option value is provided to multiple entities either because the server will just re-use it's current value for some period of time after creation (valid for time m and used for time m/3) or because a proxy provides the same answer to two different clients. Note that this seems to be not recommended in item 2 of section 2.3 GS: Added clarification: "The server MAY include the same Echo option value in several different responses and to different clients." Also added example of this, now sub-bullet of item 1 of section 2.3. * Section 2.3 - Item 4 - I don't understand what is going on here. I am not sure what the device is joining as (a responder?) Is the sync done by two unicast messages or a unicast followed by a multicast? GS: Restructured section 2.3. A sub-bullet of item 2 now describes a new device joining a group and synchronizing state or time with a client, allowing synchronization either with multicast or unicast. I hope that is more clear. * Section 2.3 - Item 5 - I am not sure that this is a reasonable answer for having a proxy sitting there. I could easily be wrong and should probably spend some time thinking about how this does/does not work. GS: This is now item 3. There is no intention to use a proxy here, so I don't understand the question. Please elaborate. --- * Section 5 - I have not seen a justification for this anyplace. GS: Included reference to section 1.3. (Also reference to section 1.1 in section 2, and to section 1.2 in section 3) * Section 7 - para 1 - What is the problem w/ using an encrypted wall clock time for a timestamp? These text appears to say that this is a bad idea but the issues seem to be with using unencrypted items not with the wall clock. The next sentence makes more sense about why not to use one. GS: With encrypted wall clock we typically need to store or transport the IV, in which case the random value method is not worse in message size and server state. * Appendix A - I would think that if you send a 32-bit timestamp in the clear w/ an integrity value that one can start making guesses about some of the same privacy problems as the use of a wall clock. Knowing when a server was last reset could tell you the same things. GS: Added reference to the new privacy considerations section. Any further comments are much welcome. Göran On 2018-10-17, 16:18, "Christian M. Amsüss" <christian@amsuess.com> wrote: Hello Jim, thanks for your review; we're working it into an updated document for WGLC. Responding to the comments related to Request-Tag: On Thu, Oct 11, 2018 at 03:17:12PM -0700, Jim Schaad wrote: > * Section 3.1 - The note to the RFC editor has me confused. Firstly, I am > not sure why it should be moved rather than just staying here. Updated. I hope that the process of submission will be clear enough beforehand that we can remove the paragraph or move the text ourselves -- if (as I expect) OSCORE enters AUTH48 before we submit ERT to the RFC editor, that text will be gone by then. > * Section 3.1 - I think that the value of Request-Tag is potentially going > to be different depending on if it is in the inside rather than the outside. > You may be doing two different block transfers and each needs its own value. Updated to explicitly state that those values are independent because they relate to an inner or outer blockwise transfer. > * Section 3.2 - the first paragraph does not scan. I am not sure what it > says as it seems to be contradictory. That paragraph assumed a very particular implementation method for servers (that unknown options are processed in bulk before known options); does this re-wording read better to you?: The Request-Tag option does not require any particular processing on the server side outside of the processing already necessary for any unknown elective proxy-safe cache-key option: The option varies the properties that distinguish blockwise operations (which includes all options except elective NoCacheKey and except Block1/2), and thus the server can not treat messages with a different list of Request-Tag options as belonging to the same operation. > * Section 3.2 - para 2 - The example sentence looks odd. Do you mean it can > have a cached response not a free response? That was worded confusingly and is now changed. > * Section 3.2 - para "especially" - I find the first sentence very hard to > understand. That paragraph has become obsolete with the presence of core-stateless anyway and was replaced with a reference there later in the proxy application. > * Section 3.3 - last para - how do you recycle something that is absent? I > think the last clause needs examining. Added a sentence on absent Request-Tag options being a value of its own, explaining why that can be recycled just as well. > * Section 3.4.1 - Item 2 - how is a client supposed to be able to know this > if the proxy in the middle just passes it through w/o changing it? Two > different clients could end up with the same Request-Tag. One would hope > that they would have different tokens because of the proxy however. The whole 3.4.1 is, as per item 1, only applicable to blockwise operations split into end-to-end protected individual exchanges. (Ie. DTLS w/o proxies, or inner blockwise in OSCORE). If that does not answer the question, I don't fully understand it, please help me find where we diverge. > * Section 3.4.1 - This seems backwards. I thought that OSCORE was tightly > bound to the end point, but this paragraph says it is not. That was my idea of OSCORE inner-blockwise being allowed to jump transports (which it could easily do but is not specified that way); I've replaced the paragraph with a weaker and more hypothetical one. (By "bound to the end point" I meant that whereas a running DTLS session will only stay alive while IP/port/interface quintuple stays the same, an OSCORE context can be used even after those endpoint identifiers have changed.) > * Section 3.4.3 - You have a "Section TBA" here > > * Section 3.4.3 - Please keep the section for justification of Request-Tag > being repeatable. Given that we now do groundwork for Stateless which is more directly applicable, that document is now referenced instead, and left in. Thanks again Christian -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
- [core] Comments on draft-ietf-core-echo-request-t… Jim Schaad
- Re: [core] Comments on draft-ietf-core-echo-reque… Christian M. Amsüss
- Re: [core] Comments on draft-ietf-core-echo-reque… Göran Selander
- Re: [core] Comments on draft-ietf-core-echo-reque… Jim Schaad
- Re: [core] Comments on draft-ietf-core-echo-reque… Jim Schaad
- Re: [core] Comments on draft-ietf-core-echo-reque… Göran Selander
- Re: [core] Comments on draft-ietf-core-echo-reque… Jim Schaad
- Re: [core] Comments on draft-ietf-core-echo-reque… Göran Selander
- Re: [core] Comments on draft-ietf-core-echo-reque… Carsten Bormann