[dhcwg] Stephen Farrell's Discuss on draft-ietf-dhc-dynamic-shared-v4allocation-07: (with DISCUSS and COMMENT)

["Stephen Farrell" <stephen.farrell@cs.tcd.ie>]

Stephen Farrell has entered the following ballot position for
draft-ietf-dhc-dynamic-shared-v4allocation-07: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dhc-dynamic-shared-v4allocation/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------


section 6: Why is client identifier option a MUST?  Surely the
PSID has to end up as a unique identifier for the client for the
duration of the lease or else stuff will be broken. (And I don't
see any real use of the client identifier in section 8.) So
requiring the client identifier seems like something counter to
data minimisation. Requiring that also seems to conflict with
possible future privacy friendly dhcp profiles, which might want
to use this as e.g. with some cleverness in source port
randomisation, the public Internet might get less trackable
evidence than would otherwise be the case. I'd argue that you
might be better off here to make the client identifier a SHOULD
NOT and to point out that including it may break a privacy
friendly profile such as defined in [1] should that end up being
standardised, which is presumably likely now that [1] is a dhc
wg draft (though note that I'm not sure the treatment of client
identifier in [1]-02 is what'll end up there in the end.)

   [1] https://tools.ietf.org/html/draft-ietf-dhc-anonymity-profile-00


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------


- section 2: s/mediums/media/? I also wondered if cable is
considered shared here or not? (I assume Ethernet and WiFi are
considered shared.)

- What if 1 of N of the devices with that IP operates a server,
how do we ensure that clients of that server talk to the right
one? 

- I have some questions about ports. Can I ask for port 546 or
547? Why is that ever allowed?  Would port 443 be very popular I
wonder?  Can I ask for other well known ports in the hopes of
successful typosquatting sending me traffic?  What if mptcp is
used?

- section 6, step 3: I'm not sure I get how there can be many
DHCPOFFER messages from which to choose (in the nominal case).
Are you envisaging that two DHCP relays/servers on the same
subnet would be handing out different PSIDs? 

- section 6, step 6: Could I "release" ports that had not been
assigned to me? Where's it say to watch out for that.

- section 9: PSID-len - the description of that isn't clear to
me sorry. I've not followed the references though so I assume it
would be if I had. 

- section 10: [I-D.bajko-pripaddrassign] is odd - that was
replaced by stuff that was replaced by stuff that was replaced
by stuff that's still in-work in the dhc wg. I think you need to
explain why you refer to the archaic thing and not the WG
document.