[dhcwg] Re: Secdir last call review of draft-ietf-dhc-addr-notification-11

Jen Linkova <furry13@gmail.com> Thu, 09 May 2024 10:52 UTC

Return-Path: <furry13@gmail.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 19FCBC15106A; Thu, 9 May 2024 03:52:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OwbNcrvUgMXS; Thu, 9 May 2024 03:52:16 -0700 (PDT)
Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92D0EC14F6FE; Thu, 9 May 2024 03:52:16 -0700 (PDT)
Received: by mail-lj1-x22d.google.com with SMTP id 38308e7fff4ca-2e3f6166e4aso12727261fa.1; Thu, 09 May 2024 03:52:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1715251934; x=1715856734; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=nKQatc76b4Ehv1KySgdViIOG0aGphJHLo90Cp/W4Be8=; b=iNzlGB/8vao/WUZzm24S15VqSaYadmHSbwQkpIODTaO4SnibcKRICBLstBPIZW9Ire aoBqo5jUdhVeZwkb3iAnMpP9CapUikKxD5DQMGFPVLeQC9Mk3valQfmiwbeRa5Kj7c4g 1b+ICddmM36asQaq9I36+FyeEZtMqfDMyz53HSb+gd9iU7JZvaJw8lZKLDDap5N9Az+E rva+MWmSo0Rq4yRz7NwkUv+X/RwP1pDRimsJD0Zs8TSw1BfaB+xyIsve9xz3iBuJFXHO 9dEVkxfQKAvkckDNINAN5TjCXZIRG4XnFAuWNdzsD+6ec0Dxk25Hnw4het9GWdvIsHNs GhxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715251934; x=1715856734; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nKQatc76b4Ehv1KySgdViIOG0aGphJHLo90Cp/W4Be8=; b=gcJPSrGKVkTM2qzdJwikSPSEi5dQ8b2gQmBikL7C5QwYyXx7dAyk9ayBwC6fLCbjbI xIVqW0TOu6Kc2Wp4GSC501wfkc+l6FWnYHJmCrg1qsyn7/w/lAPo2Qz236aMvlA/V34i p/0t10dA+fFA29huhBcL/nSou0GtSGa/pp4wE/sJPOqpS79RilWYxph34lYA/2PzH6Te dqlXUY8+D40sNaJNZrHlWQ8xMoeEWskl3nkE/jJAN5oZZuHAzR4APyQgizPps2GXyqR3 MUbpIqubhXhhB5xCdMSPxOTHfqrRScdUdi0FBYn7gUXN5VuZ3RLhLwea22qvWYDX1uF7 Va+g==
X-Forwarded-Encrypted: i=1; AJvYcCU734jGJzWnJ2cHHyjDm1LeeUwM9XF9w9+Jg0/H2pB7RiM8dsk4Mh0dBIeQUHaQOfZGYRkkjtNHAXIKf+sVWGDB1eh4gILhA1qStHihhh0koOh6YjcJZJ8attE6UemczjOJUWy0uuUb8oG44Pdeu80iS+OLVDwXSVVb2tpfT7o6vEE=
X-Gm-Message-State: AOJu0Yzqq917np24OSkqCQsY2vo75os1ZxXjHZHL0qWrVspWOB0evwNs tYGTai//nDwm2R/eisD7E6nDEgADAIvtH8BMo+8tS/XNpY82YYiXaKjJGaXNM+9euf8IR+tHgYW i8Qf0U7Wkw7LparRWi6ByZsQ3YAWfU/6M
X-Google-Smtp-Source: AGHT+IE1HiLq/U6UnMJqv+TbGNwBEwicgK5sFeZqeRTjTLQimHj25LIv1dZhThx9mz6LwYLFxvPoGO01BM0dKivHmgw=
X-Received: by 2002:a2e:9815:0:b0:2e2:1679:cf84 with SMTP id 38308e7fff4ca-2e447084579mr40534131fa.27.1715251934029; Thu, 09 May 2024 03:52:14 -0700 (PDT)
MIME-Version: 1.0
References: <171453878267.30235.13883649786446626141@ietfa.amsl.com>
In-Reply-To: <171453878267.30235.13883649786446626141@ietfa.amsl.com>
From: Jen Linkova <furry13@gmail.com>
Date: Thu, 09 May 2024 20:52:02 +1000
Message-ID: <CAFU7BARJDEpJf1wJAgocPpAPRC2p+xXtE2BY1_jS7p0vsHVqfg@mail.gmail.com>
To: Peter Yee <peter@akayla.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: UJYUXH246ZMDILQVC7O5ZUKH7N2ZNKXZ
X-Message-ID-Hash: UJYUXH246ZMDILQVC7O5ZUKH7N2ZNKXZ
X-MailFrom: furry13@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dhcwg.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: secdir@ietf.org, dhcwg@ietf.org, draft-ietf-dhc-addr-notification.all@ietf.org, last-call@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [dhcwg] Re: Secdir last call review of draft-ietf-dhc-addr-notification-11
List-Id: Dynamic Host Configuration <dhcwg.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/Z2gJKd0qPIR3NL-8ft9EqLx-2ew>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Owner: <mailto:dhcwg-owner@ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Subscribe: <mailto:dhcwg-join@ietf.org>
List-Unsubscribe: <mailto:dhcwg-leave@ietf.org>

Hi Peter,

Thank you for your feedback and text suggestions!

On Wed, May 1, 2024 at 2:46 PM Peter Yee via Datatracker
<noreply@ietf.org> wrote:
> Page 6, 3rd paragraph after Figure 3, 1st sentence: Presumably the IA Address
> option is inside of an IA_NA or IA_TA option as required by RFC 8415, section
> 21.6. Should this be spelled out?

No, the IA Address option will appear by itself, since the other
fields of the IA_NA and IA_TA options wouldn’t really be given any
reasonable values and are not really applicable.
The must in RFC 8415, section 21.6 is not normative language (it’s not
an uppercase MUST).  Also, it’s not clear that the text of that
section prohibits putting an IA option in other options. It’s possible
to read the text as saying, “in an IA_NA option it must be in the
IA_NA-options field, and in an IA_TA option it must be in the
IA_TA-options field”.

We can make it explicit.

We can also make this draft to update RFC8415 (or the -bis, which is
the WGLC) and allow the IA Address option to appear in the
registration message by itself.

Page 11, section 4.6, 2nd paragraph, 3rd sentence: you might want to indicate
that the range is inclusive (as implied by the 3rd bullet item on the next
page). You might also want to give a useful precision needed across this range
to offer a reasonable desynchronization effect. Otherwise, choosing to use a
single digit after the decimal point meets the requirement but only provides 3
multiplier values. I have no idea how much desynchronization is required, but
I’m guessing this is network dependent.

> Page 11, section 4.6, 2nd paragraph, 3rd sentence:
>you might want to indicate that the range is inclusive (as implied by the 3rd bullet item on the next page).
>You might also want to give a useful precision needed across this range
> to offer a reasonable desynchronization effect. Otherwise, choosing to use a
> single digit after the decimal point meets the requirement but only provides 3
> multiplier values. I have no idea how much desynchronization is required, but
> I’m guessing this is network dependent.

We've updated the text to say “uniformly distributed”.

So the sentence now read:
"AddrRegDesyncMultiplier is a random value uniformly distributed
between 0.9 and 1.1 (inclusive) and is chosen by the client when it
starts the registration process, to ensure that refreshes for
addresses with the same lifetime are coalesced (see below)."

This is consistent with the wording used by other documents (e.g., RFC
4861), and it implies that every value that the client is able to
represent has equal probability. Because no client will have less than
floating-point granularity to represent decimal numbers, the value
should be well desynchronized even if we do not explicitly specify the
precision.

-- 
Cheers, Jen Linkova