IETF Logo Mail Archive

Re: [Ecrit] planned-changes: two questions

Brian Rosen <br@brianrosen.net> Wed, 08 September 2021 19:18 UTC

Return-Path: <br@brianrosen.net>
X-Original-To: ecrit@ietfa.amsl.com
Delivered-To: ecrit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 034B03A339A for <ecrit@ietfa.amsl.com>; Wed, 8 Sep 2021 12:18:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Level:
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=brianrosen-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DzCDfFpFOJwm for <ecrit@ietfa.amsl.com>; Wed, 8 Sep 2021 12:17:56 -0700 (PDT)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA8D13A3390 for <ecrit@ietf.org>; Wed, 8 Sep 2021 12:17:51 -0700 (PDT)
Received: by mail-io1-xd2c.google.com with SMTP id j18so4690796ioj.8 for <ecrit@ietf.org>; Wed, 08 Sep 2021 12:17:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brianrosen-net.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=kSFJp/DCS0wHWZEq/dv0CRKRRDB6joq/gYReNy9R92w=; b=dqqXRUSE7RkbfrHem/7eCEqO//WwDr+aVf41x2wQWUnmvQdzs64SI9tMolnMYvpNCG o8s9f5b1nTVvkr8OqlpDiGKCA9QbdFnPh2xFhdN16jCGCkaic/ImHxFp2Wayr3BVRpae vSrmS42nBDXA/fv7eue1ZqUOTjQ+3G1dxOVko0Z3+qDc7DGE5ifaGHSsYulOQlKSbSna fFmVwKUsKj5DWOHs60uFuFQP4kNcfy5U5yVltuJxuuyEYcBMUtUTQc8TJGmfQto7JX6/ v4N/YfivE9OVSEsI/EwBzxoLDroeIwAeG55Y3LOVtAujbXmLU9NLJXpl0JhEv9CKkEic G3bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=kSFJp/DCS0wHWZEq/dv0CRKRRDB6joq/gYReNy9R92w=; b=CSZZ5QobYowPqp2hkJ3kMOi58L8F0KAsoWUnzSsXhEDr0O9hxNK+20GqZL8K6Kpga9 Jci3OkEWxwgQrb4otfl94zhSke0COmg6A6OZYpqBWUj+IKoRdGkUx5uyoCijjQMDhUR7 F4CFBw25M9ffnunX1tILS9ZESZeRwD/sghwQA6BEiF7IbOzN2DXjrd18PZJZaL+jxNs5 5qIBfco2KBOWZDwrVex/iLErnyGryRLxETQyibg7U9W+il8N2ExLDTIJE+FGvp3t6QUb +EL399h0Qn8h06mu3bOqaYHfsCC+7GKF72iVoPNUcKJlCq7ZbVc+JpkDH6kDZH4TBZ29 M1oA==
X-Gm-Message-State: AOAM530abUdBjpBV+pbTy6sNDmDXErBXbE47qzDiKOx1h2YPvNXJaRgw VbeAui7BV06uT+1XmiPOBtJnCg==
X-Google-Smtp-Source: ABdhPJzpKr6sMF0B92B4AwotXZdHnltgItCp+zyaMSXrqPEyukKG/QmdnJawTX61LYfSElZJCtCVLg==
X-Received: by 2002:a02:3b1b:: with SMTP id c27mr5087406jaa.103.1631128670262; Wed, 08 Sep 2021 12:17:50 -0700 (PDT)
Received: from smtpclient.apple (dynamic-acs-24-154-121-237.zoominternet.net. [24.154.121.237]) by smtp.gmail.com with ESMTPSA id a25sm1539173ioq.46.2021.09.08.12.17.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Sep 2021 12:17:49 -0700 (PDT)
From: Brian Rosen <br@brianrosen.net>
Message-Id: <D3AA7F51-01F4-4ED6-BFC3-2B3BF5AB1536@brianrosen.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3AB9E762-65F4-4F94-A233-1BC8BC379AB6"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Date: Wed, 8 Sep 2021 15:17:48 -0400
In-Reply-To: <89a34416a9224a3bbccb520408283373@bell.ca>
Cc: Randall Gellens <rg+ietf@randy.pensive.org>, ECRIT <ecrit@ietf.org>
To: "Caron, Guy" <g.caron@bell.ca>
References: <A0FC259C-DF34-4496-9013-422006278DA6@randy.pensive.org> <FB2A33E8-E146-404B-B150-1496C40510EF@brianrosen.net> <5577e2e6daa4405bbe12ef61675e1f55@bell.ca> <DE195D79-5A01-48EE-95CA-6C4B82E0886D@brianrosen.net> <e6e17f501711441188119cdfbe384d3d@bell.ca> <3AD58DEC-1DC9-4BC0-B55C-4E782E4AAA74@brianrosen.net> <E20342E7-2EFB-4479-96C2-85B4B7E16989@randy.pensive.org> <A7D59E8E-A014-4CC8-A0FF-5F58E81C6D4A@brianrosen.net> <2b4abbef37be4131a87471af75b6e7da@bell.ca> <CF2E8EDC-B38D-4742-B317-F3CE3E831578@brianrosen.net> <f82108f590674341a22da9c2e4c649e0@bell.ca> <7C4F6B87-C480-4963-B582-7639A9A1B029@brianrosen.net> <89a34416a9224a3bbccb520408283373@bell.ca>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ecrit/jdNwJlpKJ9Oc2A7fl96ALDIHxv4>
Subject: Re: [Ecrit] planned-changes: two questions
X-BeenThere: ecrit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Emergency Context Resolution with Internet Technologies <ecrit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ecrit>, <mailto:ecrit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ecrit/>
List-Post: <mailto:ecrit@ietf.org>
List-Help: <mailto:ecrit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ecrit>, <mailto:ecrit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Sep 2021 19:18:01 -0000

Okay, I think the three of us are converging,  Here is a restatement of your description:
1) In a validation query, a Client can request to be notified when the proffered LI should be revalidated, and provides a URI to send the notifications to;
2) In the validation response, the Server provides an ID that the Client associates with the LI it just validated.   The server may silently ignore repeated requests to store a URI where the test in 4 below fails.
3) Immediately thereafter, if the URI is new to the Server, the Server sends a ‘test’ notification to the URI, with an empty ID.
4) The recipient at the URI is expected to respond with the ID provided in step 2. If it does, the Server stores the URI for future notifications.  If it does not, the server ignores the request to store the URI. 
5) Some time after, the Server notifies the Client of an upcoming planned change by sending a notification to the successfully tested URI with the location ID;
6) The client revalidates each LI in its database that matches the ID as of the date of the planned change. If no ID matches, it is a no-op at the Client. Revalidations may also result in no-op at the Client.
7) LIs at the Client that are invalidated by the planned change are modified in its database to be valid (which probably mean another revalidation cycle) with an effective date set to <revalidateAsoF> value.
8) The Server may send ’test’ notifications to the URI without any ID as a form of “keep-alive”.  Any ID provided by the Server to the client may be used as the response to the test transaction


There has been a discussion of sending more than one ID in a transaction.  I think that is a decent idea, but I worry about how big that could be.  Either we put a hard limit in the text or have something in the response to the test transaction that specifies a size limit for that client.

Brian

> On Sep 7, 2021, at 8:31 PM, Caron, Guy <g.caron@bell.ca> wrote:
> 
> 1) In a validation query, a Client can request to be notified when the proffered LI should be revalidated, and provides a URI to send the notifications to;
> 2) In the validation response, the Server provides an ID that the Client associates with the LI it just validated;
> 3) Immediately thereafter, the Server sends a ‘test’ notification to the URI, without any ID;\
> [br[For every new ID?  Or just once?  I wanted this to be a one time registration.
> [GC] Just once per offered URI.
> 
> 
> 4) The recipient at the URI is expected to respond with the ID provided in step 2. If it does, the Server stores the URI for future notifications. If it does not, the Server [let’s pick one: reject silently the URI and block the Client permanently/provides a ‘uriNotStored’ warning response to the URI {not compatible with the current proposal to test outside of LoST}/reject silently the URI and block the Client temporarily/other?];
> [br]I don’t think an explicit failure is a problem.  The LoST server can limit retries if it needs to.
> [GC] Ok for HTTP failures but what I’m talking about is when it fails to return the ID, like in your DoS example.
>  
> 
> 
> 5) Some time after, the Server notifies the Client of an upcoming planned change by sending a notification to the successfully tested URI with the location ID;
> 6) The client revalidates each LI in its database that matches the ID as of the date of the planned change. If no ID matches, it is a no-op at the Client. Revalidations may also result in no-op at the Client.
> 7) LIs at the Client that are invalidated by the planned change are modified in its database to be valid (which probably mean another revalidation cycle) with an effective date set to <revalidateAsoF> value.
> [br]I wanted periodic keep alives.  How would that work?
> [GC] You mean at step 3? As I mentioned below, I was wondering about the necessity for periodic tests. If the group is convinced it is needed, the Server can simply redo step 3 and the Client can respond with one or many IDs it has from that Server.

v2.8.7 | Report a Bug | By Email