IETF Logo Mail Archive

Re: [hiprg] draft-ahrenholz-hiprg-dht-05

"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Mon, 19 October 2009 18:43 UTC

Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hiprg@core3.amsl.com
Delivered-To: hiprg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0CBFB3A697B for <hiprg@core3.amsl.com>; Mon, 19 Oct 2009 11:43:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NoyDipT5L4w8 for <hiprg@core3.amsl.com>; Mon, 19 Oct 2009 11:43:15 -0700 (PDT)
Received: from blv-smtpout-01.boeing.com (blv-smtpout-01.boeing.com [130.76.32.69]) by core3.amsl.com (Postfix) with ESMTP id 9E5AA3A697C for <hiprg@irtf.org>; Mon, 19 Oct 2009 11:43:15 -0700 (PDT)
Received: from slb-av-01.boeing.com (slb-av-01.boeing.com [129.172.13.4]) by blv-smtpout-01.ns.cs.boeing.com (8.14.0/8.14.0/8.14.0/SMTPOUT) with ESMTP id n9JIhKTB015573 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <hiprg@irtf.org>; Mon, 19 Oct 2009 11:43:20 -0700 (PDT)
Received: from slb-av-01.boeing.com (localhost [127.0.0.1]) by slb-av-01.boeing.com (8.14.0/8.14.0/DOWNSTREAM_RELAY) with ESMTP id n9JIhJRv014111 for <hiprg@irtf.org>; Mon, 19 Oct 2009 11:43:19 -0700 (PDT)
Received: from XCH-NWHT-03.nw.nos.boeing.com (xch-nwht-03.nw.nos.boeing.com [130.247.71.23]) by slb-av-01.boeing.com (8.14.0/8.14.0/UPSTREAM_RELAY) with ESMTP id n9JIhJrf014074 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK) for <hiprg@irtf.org>; Mon, 19 Oct 2009 11:43:19 -0700 (PDT)
Received: from XCH-NW-10V.nw.nos.boeing.com ([130.247.25.85]) by XCH-NWHT-03.nw.nos.boeing.com ([130.247.71.23]) with mapi; Mon, 19 Oct 2009 11:43:19 -0700
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: "Ahrenholz, Jeffrey M" <jeffrey.m.ahrenholz@boeing.com>, "hiprg@irtf.org" <hiprg@irtf.org>
Date: Mon, 19 Oct 2009 11:43:19 -0700
Thread-Topic: [hiprg] draft-ahrenholz-hiprg-dht-05
Thread-Index: AcoxeSJ1sL9W6wDySdyPnxQar4OWqgAB0zbgB9n+ZJA=
Message-ID: <AAF2CBF9D2573B45A7ED75C4FFD9883F4B9515A0E7@XCH-NW-10V.nw.nos.boeing.com>
References: <0DF156EE7414494187B087A3C279BDB404AD7C9D@XCH-NW-6V1.nw.nos.boeing.com>
In-Reply-To: <0DF156EE7414494187B087A3C279BDB404AD7C9D@XCH-NW-6V1.nw.nos.boeing.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [hiprg] draft-ahrenholz-hiprg-dht-05
X-BeenThere: hiprg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Host Identity Protocol \(HIP\) Research Group" <hiprg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/hiprg>
List-Post: <mailto:hiprg@irtf.org>
List-Help: <mailto:hiprg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2009 18:43:17 -0000

> -----Original Message-----
> From: Ahrenholz, Jeffrey M
> Sent: Wednesday, September 09, 2009 12:10 PM
> To: hiprg@irtf.org
> Subject: [hiprg] draft-ahrenholz-hiprg-dht-05
>
> The DHT draft has been updated to
> draft-ahrenholz-hiprg-dht-05. Here are
> the changes:
> - Reordered Sections 3.2 and 3.1, since the HIT lookup normally occurs
>   before the address lookup.
> - Added text about why two separate lookups are defined.
> - Added text pertaining to the OpenDHT service retiring.

Jeff,
Here are a few questions/comments on the DHT draft:

1) "The current DNS system does not provide a suitable lookup mechanism for these flat, random values, and has been heavily optimized for address lookup."

Oleg Ponomarev's draft (draft-ponomarev-hip-hit2ip-04.txt) suggests that DNS could be used in some situations, so maybe this statement needs to be relaxed, and a reference added.

2) In section 3, regarding the HIT lookup service, should we allow somehow for the possible extension that a user could put a name record that also had a certificate that bound the name to a HIT?  This may allow security to be introduced into this service, such as:  1) when the server authenticates the put() based on certificate, or 2) when the client authenticates the name-to-HIT binding based on certificate retrieved.

3) is it possible for a put() to fail?  If so, how should an implementation handle that event?

4) Section 4:  "Note that this HDRR format is different than the HIP RR used by the Domain Name System as defined in [RFC5205]."  It may be helpful to mention here that the reason it is different is that it is a different record from a functional point of view:  in DNS, the query key is a FQDN, and the return value is a HIT, while here, the query key is a HIT.

5) Should the reader of this HDRR verify that the SRC HIT and DST HIT values are correct, and discard if not, or be permissive about these values?

6) In the last paragraph of section 4, it starts to describe HIP-aware DHT behavior, but then says that it is out of scope.  What would be required to go ahead and specify the HIP aware interface in this draft?  In this case, the put() may fail (see #3 above) and this failure would need to be conveyed to the client somehow.  Is there anything else required to extend the scope to also allow for HIP-aware DHT servers?

7) Section 5's title could probably just be simplified to read "Use Cases"

- Tom

v2.30.2 | Report a Bug | By Email | System Status