IETF Logo Mail Archive

Re: [Gen-art] Gen-ART Last Call review of draft-ietf-ntp-checksum-trailer-04

Paul Kyzivat <pkyzivat@alum.mit.edu> Thu, 25 February 2016 17:02 UTC

Return-Path: <pkyzivat@alum.mit.edu>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A4381B2E19 for <gen-art@ietfa.amsl.com>; Thu, 25 Feb 2016 09:02:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZeOJbux4s-Q for <gen-art@ietfa.amsl.com>; Thu, 25 Feb 2016 09:02:30 -0800 (PST)
Received: from resqmta-po-08v.sys.comcast.net (resqmta-po-08v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:167]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9203A1B2DA5 for <gen-art@ietf.org>; Thu, 25 Feb 2016 09:02:28 -0800 (PST)
Received: from resomta-po-15v.sys.comcast.net ([96.114.154.239]) by resqmta-po-08v.sys.comcast.net with comcast id Nh251s0045AAYLo01h2TAE; Thu, 25 Feb 2016 17:02:27 +0000
Received: from Paul-Kyzivats-MacBook-Pro.local ([73.218.51.154]) by resomta-po-15v.sys.comcast.net with comcast id Nh2R1s00Q3KdFy101h2Rqt; Thu, 25 Feb 2016 17:02:27 +0000
To: Tal Mizrahi <talmi@marvell.com>, "draft-ietf-ntp-checksum-trailer.all@ietf.org" <draft-ietf-ntp-checksum-trailer.all@ietf.org>
References: <56818AED.8090909@alum.mit.edu> <56CCC3D8.7010600@alum.mit.edu> <1fd008bb55c84958aa1b038fe42bf793@IL-EXCH01.marvell.com>
From: Paul Kyzivat <pkyzivat@alum.mit.edu>
Message-ID: <56CF33EE.8040007@alum.mit.edu>
Date: Thu, 25 Feb 2016 12:03:42 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <1fd008bb55c84958aa1b038fe42bf793@IL-EXCH01.marvell.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1456419747; bh=AjWTtPfm19J4Y8qERlomN0NkbEuSDW6qjIDWuc9DM2I=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=JP8ROhB5eQWEyzDD9pbnu45Nuk+u1iTuJtkHrVkvvPJ83ADJWWLfcpbQzVBImdb21 OKfSMhF0JEAJvfthtWwhIbi2ZyDytZ78kKtg/yrsYf/IO0tZnm2q09qdmirO2bRPeq doa3f6DB0whespybAweQecHirbN3hwlRwIqxQvckLIpu8Mut0hXb9eNYZsG/xd0MBi P5VTcY2gNEPxW2hp15/uK6RVTBi5IsW7gSHOMCOnGRfGfsRCG2Tt4lUqR1jyK+tZdB RmBduYnEu2k5NYF0XeEkhbEYQonzQooGYfOYD8i1+ZXGVOt/8FHKhhQA+Nnom9zVVZ awKMulRovdwZQ==
Archived-At: <http://mailarchive.ietf.org/arch/msg/gen-art/SlCe0VBsARmxyNjpPnJ54K078-4>
Cc: General Area Review Team <gen-art@ietf.org>, "Brian Haberman (brian@innovationslab.net)" <brian@innovationslab.net>, "Karen ODonoghue (odonoghue@isoc.org)" <odonoghue@isoc.org>
Subject: Re: [Gen-art] Gen-ART Last Call review of draft-ietf-ntp-checksum-trailer-04
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Feb 2016 17:02:32 -0000

Tal,

Please see inline.

On 2/25/16 1:37 AM, Tal Mizrahi wrote:
> Hi Paul,
>
> Many thanks for the thorough review.
>
> Please find my responses to the major comments below. The next version of the draft will address these comments, as well as the ones you specified as 'minor'.
>
>
>> (1) Major:
>>
>> Section 3.3 references [NTP-Ext] (draft-ietf-ntp-extension-field) as
>> justification for why existing implementations won't have any trouble with this
>> extension. But some (most?) existing implementations won't comply with
>> [NTP-Ext], but rather only with RFC5905. This section doesn't explain how
>> *those* implementations will behave. ISTM there is some possibility that they
>> won't behave well.
>
> I agree that Section 3.3. should be clarified. An existing implementation (whether it complies to [NTP-Ext] or not) that receives a Checksum Complement has two options: (i) ignore it, or (ii) drop the packet. While (i) is interoperable with the current draft, (ii) is not. I suggest the following text for Section 3.3:
>
> "The behavior defined in this document does not impose new requirements on the reception of NTP packets beyond the requirements defined in [NTP-Ext]. Note that, as defined in [NTP-Ext], a host that receives an NTP message with an unknown extension field SHOULD ignore the extension field and MAY drop the packet if policy requires it. Thus, transmitters and intermediate nodes that support the Checksum Complement can transparently interoperate with receivers that are not Checksum-Complement-compliant, as long as these receivers ignore the Checksum Complement extension field. It is noted that existing implementations that discard packets with unknown extension fields cannot interoperate with transmitters that use the Checksum Complement."

Isn't this serious? IIUC in many (most?) cases the transmitters and 
intermediate nodes won't know if the receiver supports [NTP-Ext]. 
Inserting this for those that don't will deny them of the time they are 
looking for.

Shouldn't there be some discussion of how a decision can be made about 
when to use this in order to avoid breaking receivers?

>> (2) Major:
>>
>> Section 3.2 says:
>>
>>       This length guarantees that the host that receives the packet
>>       parses it correctly, whether the packet includes a MAC or not.
>>       [NTP-Ext] provides further details about the length of an
>>       extension field in the absence of a MAC.
>>
>> I am not reviewing [NTP-Ext], but I consulted it in an attempt to understand. I
>> found this logic, and the references, to be confusing and seemingly
>> contradictory:
>>
>> In [NTP-Ext] I find:
>>
>>     ... However, a MAC is
>>     not mandatory after an extension field; an NTPv4 packet can include
>>     one or more extension fields without including a MAC (Section 7.5 of
>>     [RFC5905]).
>>
>> While section 7.5 of [RFC5905] contradicts that:
>>
>>     In NTPv4, one or more extension fields can be inserted after the
>>     header and before the MAC, which is always present when an extension
>>     field is present.
>>
>
> Please note that this paragraph in RFC5905 was corrected by erratum 3627 (https://www.rfc-editor.org/errata_search.php?rfc=5905), and the corrected text is:
>
> In NTPv4, one or more extension fields can be inserted after the
> header and before the MAC, if a MAC is present. If a MAC is not
> present, one or more extension fields can be inserted after the
> header, according to the following rules:
> o If the packet includes a single extension field, the length of the
>    extension  field MUST be at least 7 words, i.e., at least 28 octets.
> o If the packet includes more than one extension field, the length of
>    the last extension field MUST be at least 28 octets. The length of
>    the other extension fields in this case MUST be at least 16 octets
>    each.

I missed the errata. I agree that it covers the issue.

>> The text that allows extension fields without a MAC is an update to
>> RFC5905 in section 3 of [NTP-Ext]. But that isn't very clear about how one is
>> expected to decipher this. I *think* the intended logic is:
>>
>>     If the packet length is more that 24 bytes in excess of the size
>>     of a packet with no extensions or MAC, then it must contain at
>>     least one extension. In that case, process extensions until the
>>     remaining size of the packet is less or equal to 24. Then, if bytes
>>     remain process them as a MAC.
>>
>> IMO this draft should not progress until this is specified *somewhere*,
>> probably in [NTP-Ext].
>>
>> [IMO this technique is a horrible hack. I hope there was no better backward
>> compatible alternative. But this comment isn't a formal part of this review.]
>
>
> I agree that this logic is far from intuitive, and is defined for the sake of backward compatibility.
> The text in [NTP-Ext] is:
>
>     If a MAC is not present, one or more extension fields can be inserted
>     after the header, according to the following rules:
>
>     o  If the packet includes a single extension field, the length of the
>        extension field MUST be at least 7 words, i.e., at least 28
>        octets.
>
>     o  If the packet includes more than one extension field, the length
>        of the last extension field MUST be at least 28 octets. The length
>        of the other extension fields in this case MUST be at least 16
>        octets each.
>
>
> I believe the current text in [NTP-Ext] is correct, and consistent with erratum 3627.
> Please let us know if you think this is not the case.

I think so. However the erratam also has exactly the text I was hoping 
to find describing how extensions and the mac are parsed out of the 
packet by the receiver, and I don't see that in [NTP-Ext]. In principle 
it is not necessary (it is an exercise for the reader to figure out how 
to do this) but having it ensures that developers get it right.

Is there a reason why [NTP-Ext] doesn't also pick that up from the 
erratam? (Of course that has no bearing on *this* draft.)

	Thanks,
	Paul

>> -----Original Message-----
>> From: Paul Kyzivat [mailto:pkyzivat@alum.mit.edu]
>> Sent: Tuesday, February 23, 2016 10:41 PM
>> To: draft-ietf-ntp-checksum-trailer.all@ietf.org
>> Cc: General Area Review Team
>> Subject: [Gen-art] Gen-ART Last Call review of draft-ietf-ntp-checksum-trailer-
>> 04
>>
>> I am the assigned Gen-ART reviewer for this draft. The General Area Review
>> Team (Gen-ART) reviews all IETF documents being processed by the IESG for
>> the IETF Chair. Please treat these comments just like any other last call
>> comments. For more information, please see the FAQ at
>> <http://wiki.tools.ietf.org/area/gen/trac/wiki/GenArtfaq>.
>>
>> Document: draft-ietf-ntp-checksum-trailer-04
>> Reviewer: Paul Kyzivat
>> Review Date: 2016-02-23
>> IETF LC End Date: 2016-03-01
>> IESG Telechat date: 2016-03-03
>>
>> Summary:
>>
>> This draft is on the right track but has open issues, described in the review.
>>
>> Major: 2
>> Minor: 3
>> Nits:  1
>>
>> (1) Major:
>>
>> Section 3.3 references [NTP-Ext] (draft-ietf-ntp-extension-field) as
>> justification for why existing implementations won't have any trouble with this
>> extension. But some (most?) existing implementations won't comply with
>> [NTP-Ext], but rather only with RFC5905. This section doesn't explain how
>> *those* implementations will behave. ISTM there is some possibility that they
>> won't behave well.
>>
>> (2) Major:
>>
>> Section 3.2 says:
>>
>>       This length guarantees that the host that receives the packet
>>       parses it correctly, whether the packet includes a MAC or not.
>>       [NTP-Ext] provides further details about the length of an
>>       extension field in the absence of a MAC.
>>
>> I am not reviewing [NTP-Ext], but I consulted it in an attempt to understand. I
>> found this logic, and the references, to be confusing and seemingly
>> contradictory:
>>
>> In [NTP-Ext] I find:
>>
>>     ... However, a MAC is
>>     not mandatory after an extension field; an NTPv4 packet can include
>>     one or more extension fields without including a MAC (Section 7.5 of
>>     [RFC5905]).
>>
>> While section 7.5 of [RFC5905] contradicts that:
>>
>>     In NTPv4, one or more extension fields can be inserted after the
>>     header and before the MAC, which is always present when an extension
>>     field is present.
>>
>> The text that allows extension fields without a MAC is an update to
>> RFC5905 in section 3 of [NTP-Ext]. But that isn't very clear about how one is
>> expected to decipher this. I *think* the intended logic is:
>>
>>     If the packet length is more that 24 bytes in excess of the size
>>     of a packet with no extensions or MAC, then it must contain at
>>     least one extension. In that case, process extensions until the
>>     remaining size of the packet is less or equal to 24. Then, if bytes
>>     remain process them as a MAC.
>>
>> IMO this draft should not progress until this is specified *somewhere*,
>> probably in [NTP-Ext].
>>
>> [IMO this technique is a horrible hack. I hope there was no better backward
>> compatible alternative. But this comment isn't a formal part of this review.]
>>
>> (3) Minor:
>>
>> Section 3.2 says:
>>
>> The extension field includes 22 octets of padding. This field SHOULD be set to
>> 0, and SHOULD be ignored by the recipient.
>>
>> In my experience SHOULD is dangerous when not explained. I would
>> recommend either changing it to MUST or providing an explanation of
>> conditions that would justify violating the SHOULD.
>>
>> (4) Minor:
>>
>> While section 3.2 carefully defines the format of the Checksum Complement
>> option, it never specifies how the content of that field is generated or used.
>> An example of that calculation is shown in appendix A, but that isn't
>> normative. A normative specification of the content of the field is needed.
>> IIUC it is to simply be ignored by the recipient.
>> It would be good to say that too.
>>
>> (4) Minor:
>>
>> This document has a normative reference to RFC5905 and an informative
>> reference to [NTP-Ext]. But [NTP-Ext] has normative updates to RFC5905 and
>> this document has dependencies on those changes, so it needs a normative
>> reference to that document.
>>
>> (6) Nit/Question:
>>
>> In section 3.1, IIUC the timestamp engine will need to know that the
>> Checksum Complement field is present before it updates the packet. Is it
>> assumed that engine will assume that to be so, and will not be invoked unless
>> it is? It might be helpful to say something about this. If not, I don't see how it
>> can work.
>
>

v2.23.0 | Report a Bug | By Email