[dtn] BPv7 compliance and handling of unknown EID schemes
"Sipos, Brian J." <Brian.Sipos@jhuapl.edu> Tue, 05 March 2024 22:04 UTC
Return-Path: <Brian.Sipos@jhuapl.edu>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B97D0C14F5EB for <dtn@ietfa.amsl.com>; Tue, 5 Mar 2024 14:04:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.406
X-Spam-Level:
X-Spam-Status: No, score=-4.406 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jhuapl.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lZjkrCYeJCwg for <dtn@ietfa.amsl.com>; Tue, 5 Mar 2024 14:04:18 -0800 (PST)
Received: from aplegw02.jhuapl.edu (aplegw02.jhuapl.edu [128.244.251.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F84DC14F5E3 for <dtn@ietf.org>; Tue, 5 Mar 2024 14:04:18 -0800 (PST)
Received: from pps.filterd (aplegw02.jhuapl.edu [127.0.0.1]) by aplegw02.jhuapl.edu (8.17.1.19/8.17.1.19) with ESMTP id 425LwHxZ021252 for <dtn@ietf.org>; Tue, 5 Mar 2024 17:04:17 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhuapl.edu; h=from : to : subject : date : message-id : content-type : mime-version; s=JHUAPLDec2018; bh=02LZxDsicSfGetRufgvvLayY/VUSW/DVqbJ06WvqpV8=; b=URvYdApWuXu6uf+kw32sKYqY83K2M0yqaS3x9v4Uq/QOGpl3Bkg8DlcmmAAjxZTG785E 3lMR0dQGB9HaQooY8Gdln4xuwRL7ViBdq3EeHh4W++N1cqxJ5Zb7kWzv3BNBO6Zyw17D Yq4f0tk1BlhNK+tSMaRI40w+c3wNnipeQcm6PLJyaOTdahLMA4E697L/mOXcH5P8Ltnm wQZ+SlUTjoeGKh0bzg3c1iMHRnm40Ys36GRZyOHK+NJjcU4f6g+ETYWS+vbap7rNWBk9 bzzm2gWD0VG6kxJL6Xs1Qt3zeGmt1ZLBEXV/cVQAoma7hBfrEMuKK9tdMAAFUjV5Dk93 6g==
Received: from aplex25.dom1.jhuapl.edu (aplex25.dom1.jhuapl.edu [10.114.162.10]) by aplegw02.jhuapl.edu (PPS) with ESMTPS id 3wm1751x45-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dtn@ietf.org>; Tue, 05 Mar 2024 17:04:17 -0500
Received: from APLEX21.dom1.jhuapl.edu (10.114.162.6) by APLEX25.dom1.jhuapl.edu (10.114.162.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.40; Tue, 5 Mar 2024 17:04:17 -0500
Received: from APLEX21.dom1.jhuapl.edu ([fe80::20d7:9545:f01e:9b2]) by APLEX21.dom1.jhuapl.edu ([fe80::20d7:9545:f01e:9b2%5]) with mapi id 15.02.1118.040; Tue, 5 Mar 2024 17:04:17 -0500
From: "Sipos, Brian J." <Brian.Sipos@jhuapl.edu>
To: "dtn@ietf.org" <dtn@ietf.org>
Thread-Topic: BPv7 compliance and handling of unknown EID schemes
Thread-Index: AdpvSQ/hqyrZCOcHQFq9lRz5WvvTrQ==
Date: Tue, 05 Mar 2024 22:04:17 +0000
Message-ID: <ed574adc2549475eb12b9846a3cfe658@jhuapl.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.114.162.18]
Content-Type: multipart/signed; micalg="SHA1"; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_0569_01DA6F1F.274ABE10"
MIME-Version: 1.0
X-CrossPremisesHeadersFilteredBySendConnector: APLEX25.dom1.jhuapl.edu
X-OrganizationHeadersPreserved: APLEX25.dom1.jhuapl.edu
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-05_18,2024-03-05_01,2023-05-22_02
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/rLi15ueKQy0ijzDV7DF3tBHknJs>
Subject: [dtn] BPv7 compliance and handling of unknown EID schemes
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Mar 2024 22:04:22 -0000
All,
There is something that I've seen a few times in different contexts related
to EID handling that has the potential to lead to highly "ossified" state
for BPv7 and cause lack of interoperability or lack of future compatibility
(as spelled out in great detail in RFC 9170 [3]).
BPv7 requires EIDs in a few different places; beyond the three uses in the
primary block there are also the Previous Hop block, Security Source within
security blocks, and within Status Report records. The BPv7 spec has a
well-defined notion of what a valid EID structure is from Section 4.2.5.1
[1] and this structure is codified in Appendix B as the simple CDDL
expression:
eid-structure = [uri-code: uint, SSP: any]
In some cases a BPA implementation might choose to consider invalid any EID
with an unknown scheme `uri-code` value. The problem is that this BPA will
now fail in situations that it should not:
1. It might not be able to forward a bundle having an unknown EID
scheme in its Destination, even if the BPA has a kind of "default route"
forwarding policy that would otherwise handle the situation properly.
2. It might no longer be able to properly status bundles that use an
unknown EID scheme in the bundle Source, even if the Report-To EID scheme is
known and routable and the bundle is otherwise fully valid.
3. It might not properly treat the primary block as immutable if the
Report-To EID uses an unknown scheme and the primary block is re-encoded.
4. It might consider a Previous Hop block to fail processing,
triggering Step 4 of Section 5.6 "Bundle Reception" (and possibly deleting
the bundle with reason "Block unsupported"), even though the block data is
well-formed and valid according to [1].
5. It might treat a security block as invalid if it contains a Security
Source EID having an unknown scheme even though the block data is perfectly
well-formed and valid according to [1]. Just because the EID will not match
any security policy on the BPA does not mean that the block is invalid.
This is a different situation than, for example, the CRC Type field which
has a fixed set of valid code points [2] and any others represent invalid
content. Any EID which matches the `eid-structure` schema should be treated
as valid by a BPA and handled appropriately. This means the EID `SSP` is
kept in its original form without any further processing so that, e.g., a
bundle Source or Report-To EID is not modified by a BPA during reception or
forwarding.
The examples above could even be turned into test vectors to check the
proper behavior of a BPA with unknown EID scheme code points. I suspect that
current BPA implementations might not handle these cases well.
Others' thoughts on this topic are appreciated. My goal here is not to
nitpick or finger-point, but to ensure that BP and BPAs do not fall into the
same traps that others have landed in (see examples in Appendix A of [3])
while development is fresh and there is still time to correct things.
Brian S.
[1] https://www.rfc-editor.org/rfc/rfc9171.html#section-4.2.5.1
[2] https://www.rfc-editor.org/rfc/rfc9171.html#section-4.2.1
[3] https://www.rfc-editor.org/rfc/rfc9170.html