Re: [core] The various positions on draft-ietf-core-resource-directory-25
Christian Amsüss <christian@amsuess.com> Tue, 03 November 2020 17:10 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E03E73A0DEB; Tue, 3 Nov 2020 09:10:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DkLaBIWK1zG8; Tue, 3 Nov 2020 09:10:05 -0800 (PST)
Received: from prometheus.amsuess.com (prometheus.amsuess.com [5.9.147.112]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CC563A0DE6; Tue, 3 Nov 2020 09:10:02 -0800 (PST)
Received: from poseidon-mailhub.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bd]) by prometheus.amsuess.com (Postfix) with ESMTPS id 16C5840013; Tue, 3 Nov 2020 18:10:00 +0100 (CET)
Received: from poseidon-mailbox.amsuess.com (hermes.amsuess.com [10.13.13.254]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 916D2AB; Tue, 3 Nov 2020 18:09:58 +0100 (CET)
Received: from hephaistos.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:be1b:33a0:9df5:4f6f]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id 6086134; Tue, 3 Nov 2020 18:09:58 +0100 (CET)
Received: (nullmailer pid 50344 invoked by uid 1000); Tue, 03 Nov 2020 17:09:58 -0000
Date: Tue, 03 Nov 2020 18:09:58 +0100
From: Christian Amsüss <christian@amsuess.com>
To: Éric Vyncke <evyncke@cisco.com>, Warren Kumari <warren@kumari.net>, Roman Danyliw <rdd@cert.org>, Erik Kline <ek.ietf@gmail.com>, Alissa Cooper <alissa@cooperw.in>, Martin Duke <martin.h.duke@gmail.com>, Murray Kucherawy <superuser@gmail.com>, Robert Wilton <rwilton@cisco.com>, Benjamin Kaduk <kaduk@mit.edu>
Cc: The IESG <iesg@ietf.org>, jaime.jimenez@ericsson.com, core-chairs@ietf.org, bob.hinden@gmail.com, draft-ietf-core-resource-directory@ietf.org, otroan@employees.org, core@ietf.org
Message-ID: <20201103170958.GA45088@hephaistos.amsuess.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="3V7upXqbjpZ4EhLz"
Content-Disposition: inline
In-Reply-To: <159730632066.12379.5174560093789503034@ietfa.amsl.com> <159732268335.29656.5724379569570361825@ietfa.amsl.com> <159730418060.12332.7885245575969951169@ietfa.amsl.com> <159729581019.30986.4796757249133933498@ietfa.amsl.com> <159725166775.21744.348589503930840040@ietfa.amsl.com> <159721596413.8457.13314798043091474779@ietfa.amsl.com> <159720107494.28255.1546033232009788973@ietfa.amsl.com> <159717402717.27772.14957520028083871786@ietfa.amsl.com> <159661278180.30518.10421410106159995546@ietfa.amsl.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/xWLomwwhovkU-CPGNxnvs40BhaM>
X-Mailman-Approved-At: Tue, 03 Nov 2020 09:17:40 -0800
Subject: Re: [core] The various positions on draft-ietf-core-resource-directory-25
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2020 17:10:08 -0000
Hello Reviewers, CoRE and IESG members, thanks for your input to the Resource Directory document, and your patience while it was being processed. Before the individual point to point responses can go out, this mail is to address the general status, and answer a few points that were brought up by different reviewers (it will be referred back to in the point to point responses). In summary, the points raised in the reviews led to the changes of the recently uploaded [-26], and where no changes were made, the reasoning behind the choices in the document is outlined below or in the following mails. (Either way, short of aggregated nits paragraphs, all points are responded to in the following mails). A few larger issues evolved from the review comments being discussed in the interim meetings, so please expect a -27 at a later point (after IETF109) with the changes mentioned below. Kind regards Christian [-26]: https://tools.ietf.org/html/draft-ietf-core-resource-directory-26 Preface ======= References into the issue tracker are primarily intended for bookkeeping and to give you access to the altered text if you're curious -- but for general review purposes, the responses are self-contained. Anticipated changes =================== We have opted to submit a new version that should clear out all the other comments, so that the remaining work can be focused and swift: * Replay and Freshness (OPEN-REPLAY-FRESHNESS) The comment on DTLS replay made us reevaluate the security properties of operations on the registration resource. While these are successively harder going from DTLS without replay protection to DTLS with replay protection and hardest with OSCORE, the text as it is is still vulnerable to an attacker stopping a reoccurring registration, or undoing alterations in registration attributes. Mitigation from a concurrent document (the Echo mechanism of I-D.ietf-core-echo-request-tag in event freshness mode) is planned, but the text is not complete yet. * Necessity of the `anchor` value in all responses The requirements around Limited Link Format and the necessity to express all looked up links in fully resolved form have stemmed from different ways RFC6690 has been read, both in the IETF community and by implementers. A comment from Esko Dijk has shown a clear error in one of the readings. That reading is single-handedly responsible for most of the overhead in the wire format (savings can go up to 50%), which is of high importance to the CoRE field. Due to that, it is the WG's and authors' intention to remove the reading from the set of interpretations that led to the rules set forth. The change will not render any existing RD server implementation incompatible (older RDs would merely be needlessly verbose), and the known implementations of Link-Format parsers can easily be updated. The updates to the document could not be completed in time with the rest of the changes, because a) it requires revisiting the known implementations for confirmation and b) will affect almost every example that contains lookup results. * Server authorization (OPEN-SERVER) The two areas of "how is the RD discovery secured" and "what do applications based on the RD need to consider" jointly opened up new questions about server authorization and the linkage between a client's intention and the server's promises that may easily not conclusde in timeframe reasonable for RD. While steps have been taken to address the issue both on the RD discovery and the applications side (https://github.com/core-wg/resource-directory/pull/306), the ongoing discussions in the working group may turn up with a less cumbersome phrasing for these parts. * There's a few small open issues Esko brought up on the issue tracker that could not be addressed in time; most of them are about enhancing the examples, which best happens after the anchor cleanup anyway. Repeated topics =============== A few common topics came up in multiple reviews, and are addressed in the following section; the individual responses can be found in follow-up mails, and refer to the common topics as necesary. GENERIC-FFxxDB -------------- "Where do the ff35:30:2001:... addresses come from?" response: There's a coverage gap between RFC3849 (defining example unicast addresses) and RFC3306 (defining unicast-prefix-based multicast addresses). For lack of an agreed-on example multicast address, the used ones were created by applying the unicast-prefix derivation process to the example address. The results (ff35:30:2001:db8::1) should be intuitively recognizable both as a multicast address and as an example address. The generated address did, however, fail to follow the guidance of RFC 3307 and set the first bit of the Group ID. Consequently, the addresses were changed from ff35:30:2001:db8::x to ff35:30:2001:db8::8000:x, which should finally be a legal choice of a group address for anyone operating the 2001:db8:: site. (The changes can be viewed at https://github.com/core-wg/resource-directory/pull/270). GENERIC-6MAN ------------ "Whas this discussed with 6MAN?" response: Not yet; a request for feedback was sent out recently. (Mail at https://mailarchive.ietf.org/arch/msg/ipv6/xY0AqPvbja45gxgW02GU3oWPTwc/). GENERIC-WHOPICKSMODEL --------------------- "How does the client know which security policies the RD supports?" response: The client can only expect any level of trustworthiness if there is a claim to that in the RD's credentials. Typically, though, that claim will not be encoded there, but implied. For example, when configuring an application that relies authenticated endpoint names, then telling the application to use the RD authenticated via PKI as coaps://rd.example.com should only be done if the configurator is sure that rd.example.com will do the required checks on endpoint names. Some clarification has been added in https://github.com/core-wg/resource-directory/pull/265. GENERIC-SUBJECT --------------- "Section 7.1 says: '... can be transported in the subject.' -- where precisely?" response: That text was only meant to illustrate to the reader what such a policy could contain, not to set one (which would require more precision). It has been made more explicit that this is merely setting the task for the policies. As an example, some more precision is given by referring to SubjectAltName dNSName entries. Changes in https://github.com/core-wg/resource-directory/pull/308. (If you have read up to this point, please continue reading the follow-up mails addressing the individual reviewer's points.)
- [core] Benjamin Kaduk's Discuss on draft-ietf-cor… Benjamin Kaduk via Datatracker
- Re: [core] Benjamin Kaduk's Discuss on draft-ietf… Barry Leiba
- Re: [core] Benjamin Kaduk's Discuss on draft-ietf… Christian M. Amsüss
- Re: [core] The various positions on draft-ietf-co… Christian Amsüss
- Re: [core] Benjamin Kaduk's Discuss on draft-ietf… Christian Amsüss
- Re: [core] Benjamin Kaduk's Discuss on draft-ietf… Barry Leiba
- Re: [core] Benjamin Kaduk's Discuss on draft-ietf… Barry Leiba
- Re: [core] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk