Re: [Hipsec] WGLC: draft-ietf-hip-dex-04
Tom Henderson <tomhend@u.washington.edu> Sun, 20 November 2016 02:33 UTC
Return-Path: <tomhend@u.washington.edu>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E604129488 for <hipsec@ietfa.amsl.com>; Sat, 19 Nov 2016 18:33:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.697
X-Spam-Level:
X-Spam-Status: No, score=-5.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CuTt77Uyxe4J for <hipsec@ietfa.amsl.com>; Sat, 19 Nov 2016 18:33:26 -0800 (PST)
Received: from mxout23.cac.washington.edu (mxout23.cac.washington.edu [140.142.32.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5EE3129400 for <hipsec@ietf.org>; Sat, 19 Nov 2016 18:33:25 -0800 (PST)
Received: from hymn03.u.washington.edu (hymn03.u.washington.edu [140.142.9.111]) by mxout23.cac.washington.edu (8.14.4+UW14.03/8.14.4+UW16.03) with ESMTP id uAK2X11P010455 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 19 Nov 2016 18:33:02 -0800
Received: from hymn03.u.washington.edu (localhost [127.0.0.1]) by hymn03.u.washington.edu (8.14.4+UW14.03/8.14.4+UW16.03) with ESMTP id uAK2WxOe027291; Sat, 19 Nov 2016 18:32:59 -0800
Received: from localhost (Unknown UID 24282@localhost) by hymn03.u.washington.edu (8.14.4+UW14.03/8.14.4+Submit-local) with ESMTP id uAK2WwK1027288; Sat, 19 Nov 2016 18:32:58 -0800
X-Auth-Received: from [73.140.18.44] by hymn03.u.washington.edu via HTTP; Sat, 19 Nov 2016 18:32:58 PST
Date: Sat, 19 Nov 2016 18:32:58 -0800
From: Tom Henderson <tomhend@u.washington.edu>
To: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
In-Reply-To: <c6efff43-5a0c-942b-f151-751fb6694bee@ericsson.com>
Message-ID: <alpine.LRH.2.01.1611191832580.24556@hymn03.u.washington.edu>
User-Agent: Web Alpine 2.01 (LRH 1302 2010-07-20)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Content-Transfer-Encoding: 8bit
X-PMX-Version: 6.2.1.2493963, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2016.11.20.22427
X-PMX-Server: mxout23.cac.washington.edu
X-Uwash-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, SUPERLONG_LINE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_2000_2999 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, DATE_TZ_NA 0, IN_REP_TO 0, LEGITIMATE_NEGATE 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, MULTIPLE_REAL_RCPTS 0, NO_CTA_URI_FOUND 0, NO_URI_FOUND 0, NO_URI_HTTPS 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CC_NAME 0, __CC_NAME_DIFF_FROM_ACC 0, __CC_REAL_NAMES 0, __CP_NOT_1 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __HAS_CC_HDR 0, __HAS_FROM 0, __HAS_MSGID 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __NO_HTML_TAG_RAW 0, __SANE_MSGID 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NAME 0, __TO_NAME_DIFF_FROM_ACC 0, __TO_REAL_NAMES 0, __USER_AGENT 0'
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/0D3Z0muJykuR8NxcIyNTOcXmEbY>
Cc: HIP <hipsec@ietf.org>
Subject: Re: [Hipsec] WGLC: draft-ietf-hip-dex-04
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Nov 2016 02:33:27 -0000
Gonzalo, I have reviewed HIP DEX again and believe it is ready to publish, although I spotted a few minor items below that can be handled in the next revision. - Tom Editorial/minor: Section 1: The numbered list is somewhat tersely written and may be hard to interpret by the newcomer to HIP specifications. Consider to elaborate more (using fuller sentences and not sentence fragments). e.g.: "Forfeit of Perfect Forward Secrecy with the dropping of an ephemeral Diffie-Hellman key agreement." could be "Forfeit of the HIPv2 Perfect Forward Secrecy property due to the removal of the HIPv2 ephemeral Diffie-Hellman key agreement." Section 1.1, spell out 'DoS' first time usage Section 4.1: "Note that x and y each constitute half the final session key material." (change to 'half of the') The figure in 4.1 does not have a caption, and also, why is 'mac' lowercased? Sec 4.1.3.1: "Since only little data is protected by this SA" (perhaps s/little/a small amount/) Sec. 5.2.4: "The following new HIT Suite IDs are defined..." (s/IDs are/ID is/ because there is only one defined) Sec. 6.3: "sort(HIT-I | HIT-R) is defined as the network byte order concatenation of the two HITs... comparison of the two HITs interpreted as positive (unsigned) 128-bit integers in network byte order" what does it mean to define a sort on a network byte order concatenation? It seems perhaps clearer to leave endian issues out (they are implicit everywhere in a protocol) and just define it as a comparison on HITs interpreted as unsigned 128-bit integers (and by the way, is the full 128 bits including prefix included or just the 96 bits)? Sec. 6.5 through 6.8: Unlike much of this draft, these sections do not just specifically call out the differences from the corresponding RFC 7401 sections, but instead restate the modified processing flow, and it is hard to spot what is different here. I wonder whether it would be clearer to just refer to those processing steps in RFC 7401 that are changed. Sec. 8: Can a MITM reply to I1 with ICMP parameter problem, causing the true response (coming later) to be ignored because the initiator already gave up? Maybe clarify here or in sec 5.4 to wait a little while before accepting the result of an ICMP. Sec. 10: Consider to update the IANA section in the style that RFC 8003 (and others) used, stating the history of the registry and what exactly is requested to be changed. For example, something like "RFC 5201 and later RFC 7401 established the following registry .... This document defines the following new codepoints for that registry ..."
- [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Robert Moskowitz
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Robert Moskowitz
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 René Hummen
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 René Hummen
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-dex-04 René Hummen