IETF Logo Mail Archive

[DNSOP] Re: [core] Re: Fwd: WG Adoption Call for draft-lenders-core-coap-dtls-svcb

Christian Amsüss <christian@amsuess.com> Tue, 30 July 2024 10:26 UTC

Return-Path: <christian@amsuess.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34B3AC14F6FC; Tue, 30 Jul 2024 03:26:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id II-2oZhooxAp; Tue, 30 Jul 2024 03:26:35 -0700 (PDT)
Received: from smtp.akis.at (smtp.akis.at [IPv6:2a02:b18:500:a515::f455]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E7F4C14F6EE; Tue, 30 Jul 2024 03:26:31 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by smtp.akis.at (8.18.1/8.17.2) with ESMTPS id 46UAQSmU003122 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 30 Jul 2024 12:26:28 +0200 (CEST) (envelope-from christian@amsuess.com)
X-Authentication-Warning: smtp.akis.at: Host 095129206250.cust.akis.net [95.129.206.250] claimed to be poseidon-mailhub.amsuess.com
Received: from poseidon-mailbox.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 644B73FD2F; Tue, 30 Jul 2024 12:26:27 +0200 (CEST)
Received: from hephaistos.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:209b:5efa:d517:c3d7]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id 0B8E038FD8; Tue, 30 Jul 2024 12:26:27 +0200 (CEST)
Received: (nullmailer pid 2700 invoked by uid 1000); Tue, 30 Jul 2024 10:26:26 -0000
Date: Tue, 30 Jul 2024 12:26:26 +0200
From: Christian Amsüss <christian@amsuess.com>
To: Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org>
Message-ID: <Zqi_0hWno5Clx5EN@hephaistos.amsuess.com>
References: <1f45d102-5997-48fa-a205-48c63a2730af@ri.se> <D51D54F8-8E88-4C82-84E9-C77745C5E9AE@tzi.org> <DU2PR02MB10160A7FD8589E471F775F95388B72@DU2PR02MB10160.eurprd02.prod.outlook.com> <SA1PR15MB43705A05EC4E46439BA54693B3B72@SA1PR15MB4370.namprd15.prod.outlook.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="gn7R4JUFCGn7qxtJ"
Content-Disposition: inline
In-Reply-To: <SA1PR15MB43705A05EC4E46439BA54693B3B72@SA1PR15MB4370.namprd15.prod.outlook.com>
X-Scanned-By: MIMEDefang 2.86
Message-ID-Hash: EOT7CKHLKWWOOVMA6KYAXEEKWBR76KLN
X-Message-ID-Hash: EOT7CKHLKWWOOVMA6KYAXEEKWBR76KLN
X-MailFrom: christian@amsuess.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "mohamed.boucadair@orange.com" <mohamed.boucadair@orange.com>, Carsten Bormann <cabo@tzi.org>, "core@ietf.org" <core@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: [core] Re: Fwd: WG Adoption Call for draft-lenders-core-coap-dtls-svcb
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/p-FjtGcXVSiGD308tYZcB5cW_qY>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Hello  Rich,

> I'm also surprised by the choice of mnemonic, which is very short.  If
> the extra 7 octets of "coap-dtls" would make a material difference in
> some use case, perhaps the draft should explain that.

This was mentioned just very briefly during the tls-reg-review[1], so
I'm happy to elaborate here. I have no current use cases where they hit
the precise boundaries, but two observations:

* In general, CoAP is one of the IETF protocols used in situations where
  sizes matter a lot -- while a DTLS messages usually fit well within a
  UDP MTU, CoAP is designed for running over fragmenting link layers,
  and the Client Hello and Server Hello are just the messages that
  already fragment[2]. With cTLS[3] being worked on, there is hope to
  push those below the fragmentation threshold -- provided we don't add
  too much on top of it while cTLS is shrinking.

* The process of designing EDHOC to fit with its required use cases
  involved byte shaving and just barely fit some of the maximum lengths.
  [4] describes how going over a fragmentation limit can cause
  exhaustion of slots and thus delay onboarding by an hour. To my
  understanding, DTLS/cTLS is not aiming for that precise space, but it
  does illustrate that this byte shaving around CoAP is not a vain
  exercise.

I think that these considerations are well understood among CoAP users
(who are the main audience of this document); if you prefer an
explanation in the document, we're happy to elaborate there as well.

Best regards
Christian

[1]: https://mailarchive.ietf.org/arch/browse/tls-reg-review/?gbt=1&index=RiTWJ3-vE95YQ76Zk3VZySB4YEs
[2]: https://dl.acm.org/doi/pdf/10.1145/3609423#page=12
[3]: https://datatracker.ietf.org/doc/draft-ietf-tls-ctls/
[4]: https://www.ietf.org/archive/id/draft-ietf-lake-reqs-04.html#name-time

-- 
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom

v2.35.0 | Report a Bug | By Email | System Status