Re: [dhcwg] I-D Action: draft-ietf-dhc-sedhcpv6-18.txt

"Bernie Volz (volz)" <volz@cisco.com> Tue, 20 December 2016 21:29 UTC

Return-Path: <volz@cisco.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13CC0129610 for <dhcwg@ietfa.amsl.com>; Tue, 20 Dec 2016 13:29:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.621
X-Spam-Level:
X-Spam-Status: No, score=-17.621 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-3.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UIcvECpBSvpj for <dhcwg@ietfa.amsl.com>; Tue, 20 Dec 2016 13:29:17 -0800 (PST)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05D5112963F for <dhcwg@ietf.org>; Tue, 20 Dec 2016 13:29:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=30090; q=dns/txt; s=iport; t=1482269356; x=1483478956; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=gWmx490IFpvihgVHgtDbYmQ+HVnoIxrqV9oEa6ui5C4=; b=UbZqG4v3qzZ1ccbt0r1F40twQcVKRQoMYmnfzCAD9OLa80E1mkHbuDn0 q6FnOPjHDvm/4MeFmtCcdEEiGQD9VPmoIZDCzKwNBfXXG+kqJR/A0ucGe 2KN81skhjDdTDSE+LAKxqH74zMVg2xX8IWv1iEIsb05VdAdEkC66q6LVc I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AcAQCMoVlY/4MNJK1dGQEBAQEBAQEBA?= =?us-ascii?q?QEBBwEBAQEBgnNEAQEBAQEfWoEGB41Jq2iCCiqFeAIagU8/FAECAQEBAQEBAWI?= =?us-ascii?q?ohGkCBBIRCkEDCBACAQg4CgICAjAlAgQODRqISQ6bMgGNdoIoiwwBAQEBAQEBA?= =?us-ascii?q?QEBAQEBAQEBAQEBAQEYBYoHgQiEIwEBBS2CbYJdBYlJizqFbQGGUYpZgX2FA4l?= =?us-ascii?q?Wh3GKNwEfN4EmLINcBRyBXXIBhliBIYENAQEB?=
X-IronPort-AV: E=Sophos;i="5.33,380,1477958400"; d="scan'208,217";a="185626791"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 20 Dec 2016 21:29:15 +0000
Received: from XCH-RCD-003.cisco.com (xch-rcd-003.cisco.com [173.37.102.13]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id uBKLTFfb017378 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 20 Dec 2016 21:29:15 GMT
Received: from xch-aln-003.cisco.com (173.36.7.13) by XCH-RCD-003.cisco.com (173.37.102.13) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 20 Dec 2016 15:29:15 -0600
Received: from xch-aln-003.cisco.com ([173.36.7.13]) by XCH-ALN-003.cisco.com ([173.36.7.13]) with mapi id 15.00.1210.000; Tue, 20 Dec 2016 15:29:15 -0600
From: "Bernie Volz (volz)" <volz@cisco.com>
To: Lishan Li <lilishan48@gmail.com>
Thread-Topic: [dhcwg] I-D Action: draft-ietf-dhc-sedhcpv6-18.txt
Thread-Index: AQHSTs4GXMOx5uePjkC6PykSIXEqwqD56A0AgBRbwzCAA0jcgP//4J1Q
Date: Tue, 20 Dec 2016 21:29:15 +0000
Message-ID: <51d8e6bf623f4a639eb4af7e1881511c@XCH-ALN-003.cisco.com>
References: <148092498114.3294.14134801279747342720.idtracker@ietfa.amsl.com> <CAJ3w4NfufMn9yzACowX728Cxxn4Rdci5pXAwVYB3d2fKDtNF2Q@mail.gmail.com> <352fe8719ab34fd3ad7b0af2e7127bb8@XCH-ALN-003.cisco.com> <CAJ3w4NfR8jLkRAHnQ072cnO5hJUxvhm+n=gSFx9ooQQyNVqb8Q@mail.gmail.com>
In-Reply-To: <CAJ3w4NfR8jLkRAHnQ072cnO5hJUxvhm+n=gSFx9ooQQyNVqb8Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.131.32.167]
Content-Type: multipart/alternative; boundary="_000_51d8e6bf623f4a639eb4af7e1881511cXCHALN003ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/ayAQ2IVh1J-NEhO6GpU9lXw-0lA>
Cc: dhcwg <dhcwg@ietf.org>
Subject: Re: [dhcwg] I-D Action: draft-ietf-dhc-sedhcpv6-18.txt
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2016 21:29:19 -0000

Hi:

I dropped the CC of the original messages I’m replying to as it was extremely large and required mailing list administrator action. For those that want to review that, see https://www.ietf.org/mail-archive/web/dhcwg/current/msg17817.html.

Here’s a few comments with respect to your comments on my comments! Thanks again for all your effort on this document!

For General comment:

[LS]: According to RFC 4034, for the same problem, it define the key tag calculation algorithm

BV2> Referencing RFC 4034 (Appendix B) would be a good way to resolve this. Though it may be worth checking the RFCs that update this one to see if there’s anything changed in those - Updated by: 4470, 6014, 6840, 6944.

RFC 6840:
5.5<https://tools.ietf.org/html/rfc6840#section-5.5>;.  Key Tag Calculation
   Appendix B.1 of [RFC4034]<https://tools.ietf.org/html/rfc4034#appendix-B.1> incorrectly defines the Key Tag field
   calculation for algorithm 1.  It correctly says that the Key Tag is
   the most significant 16 of the least significant 24 bits of the
   public key modulus.  However, [RFC4034<https://tools.ietf.org/html/rfc4034>;] then goes on to incorrectly
   say that this is fourth-to-last and third-to-last octets of the
   public key modulus.  It is, in fact, the third-to-last and second-to-
   last octets.


For section 5.2:
BV> Also, given that the WG is working on Failover Protocol in parallel, how would seDHCPv6 work with Failover? And should we consider anything related to this. One possibility is that the failover partners could exchange some information (so we might have to define a new failover option eventually). But then my comment above about the Server Identifier may cause other issues? It may just be that once a client picks one of the failover partners, it will have to stick with that partner or return to the server discovery phase? But that would be too bad. (I had thought about whether the failover partners should share a Server Identifier, but that likely complicates other cases so not sure it is best.) Perhaps when the failover partners exchange the above mentioned information, that could include the Server Identifier which would allow them to be used.
[LS]: Sorry for not reviewing the draft. Will review it and reply to you later.

BV2> This is just something that happens when two drafts that might impact each other are being worked on at the same time. While great if you want to think about, it was more to raise the issue so that we give it some thought (it may be appropriate for those working on failover to work with you on this). I just wanted to bring out the issue so we would think about it before it was too late.
For section 6:
[LS]: The reply message is the first message that contains the increasing-number option. So, the
client does not verify it, but record the value of the locally stored increasing number as the value of it.

BV2> That sounds appropriate. Did I just misunderstand this in my reading or was this missing text?

For section 8:
   Relay agent is RECOMMENDED to cache server announcements to form the
   list of the available DHCPv6 server certs.  If the relay agent
BV> NO! I do not think this is a wise idea at all. Please remove this! Relays should not do this!
[LS]: In the before, Ted suggested us to add this part. What is the caused problem? Looking forward to your guidance.

I don’t think this is a good idea. Let the servers handle these Information-Requests. Having the relay’s respond on behalf of servers isn’t a good idea and also can’t work as the XID of the Information-Request messages will be different and hence unless the relay can encrypt on the server’s behalf, how could this work? (I assume that the signature is calculated over the entire message, which includes the XID field).
In 10.1.3 you write:
   The Signature option allows a signature that is signed by the private
   key to be attached to a DHCPv6 message.  The Signature option could
   be in any place within the DHCPv6 message while it is logically
   created after the entire DHCPv6 header and options.  It protects the
   entire DHCPv6 header and options, including itself.  The format of
   the Signature option is described as follows:

Happy Holidays!

-          Bernie