Re: [Hipsec] Clarifying HIP parameter type ranges

Tobias Heer <heer@cs.rwth-aachen.de> Thu, 08 July 2010 21:12 UTC

Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9CA363A689C for <hipsec@core3.amsl.com>; Thu, 8 Jul 2010 14:12:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.201
X-Spam-Level:
X-Spam-Status: No, score=-2.201 tagged_above=-999 required=5 tests=[BAYES_50=0.001, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w2D5lEppLmEQ for <hipsec@core3.amsl.com>; Thu, 8 Jul 2010 14:12:42 -0700 (PDT)
Received: from mta-1.ms.rz.rwth-aachen.de (mta-1.ms.rz.RWTH-Aachen.DE [134.130.7.72]) by core3.amsl.com (Postfix) with ESMTP id 987F13A68F3 for <hipsec@ietf.org>; Thu, 8 Jul 2010 14:12:41 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from ironport-out-1.rz.rwth-aachen.de ([134.130.5.40]) by mta-1.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0L5900CYBC99FI40@mta-1.ms.rz.RWTH-Aachen.de> for hipsec@ietf.org; Thu, 08 Jul 2010 23:12:45 +0200 (CEST)
X-IronPort-AV: E=Sophos;i="4.53,560,1272837600"; d="scan'208";a="64532352"
Received: from relay-auth-2.ms.rz.rwth-aachen.de (HELO relay-auth-2) ([134.130.7.79]) by ironport-in-1.rz.rwth-aachen.de with ESMTP; Thu, 08 Jul 2010 23:12:45 +0200
Received: from coyote.lan ([unknown] [91.179.47.138]) by relay-auth-2.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0L5900BCVC98MT50@relay-auth-2.ms.rz.rwth-aachen.de> for hipsec@ietf.org; Thu, 08 Jul 2010 23:12:44 +0200 (CEST)
From: Tobias Heer <heer@cs.rwth-aachen.de>
In-reply-to: <4C33349A.7020904@nomadiclab.com>
Date: Thu, 08 Jul 2010 23:12:48 +0200
Message-id: <5F1221F0-C61C-4801-B3C5-CF48A655257B@cs.rwth-aachen.de>
References: <4C33349A.7020904@nomadiclab.com>
To: HIP WG <hipsec@ietf.org>
X-Mailer: Apple Mail (2.1081)
Subject: Re: [Hipsec] Clarifying HIP parameter type ranges
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jul 2010 21:12:44 -0000

Hello Ari, 
Am 06.07.2010 um 15:50 schrieb Ari Keranen:

> Hi all,
> 
> I think we should clarify, at least for the 5201bis, how new HIP parameter type values should be assigned. The current text at the end of section 5.2 of 5201 tries to do that, but it is not really accurate, and in some places even wrong (I filed errata about that a year ago). Here's what is says:
> 
>   Parameters numbered between 0-1023 are used in HIP
>   handshake and update procedures and are covered by signatures.
>   Parameters numbered between 1024-2047 are reserved.  Parameters
>   numbered between 2048-4095 are used for parameters related to HIP
>   transform types.  Parameters numbered between 4096 and (2^16 - 2^12)
>   61439 are reserved.  Parameters numbered between 61440-62463 are used
>   for signatures and signed MACs.  Parameters numbered between 62464-
>   63487 are used for parameters that fall outside of the signed area of
>   the packet.  Parameters numbered between 63488-64511 are used for
>   rendezvous and other relaying services.  Parameters numbered between
>   64512-65535 are reserved.
> 
> I talked about this with Jan, and we were thinking that for the first range (0-1023) it could make sense to rather say something like:
> "Parameters that are important for basic HIP functionality and thus should be implemented by all HIP implementations."
> 
> For the reserved ranges, it should be mentioned for what purpose are they reserved (for future versions of HIP?).
> 
> For extensions that are not "basic functionality" there should be explicitly mentioned ranges for both signed and unsigned parameter values.

That works as long as you keep the signed and non-signed parts of the packet apart. Right now signature handling is quite simple and elegant. Therefore at least the fact that parameters with numbers smaller than x will be signed and the osthers won't.

I agree that the ranges could be more useful. We already did some reshaping by removing the transform-related range. However, I would like to keep existing type numbers i possible (and sensible).

Tobias


> 
> Also, it would be good to recommend semantic grouping for new parameters, i.e., parameters with similar purpose would be close to each other. Another question is should one start new sets from binary or decimal value boundaries; I'm personally inclined to start from decimal value boundaries (e.g., 32800 instead of 32768)

> 
> And the IANA page [1] should be updated with the ranges; at least for the reserved parts.
> 
> Opinions?
> 
> 
> Cheers,
> Ari
> 
> 
> [1] http://www.iana.org/assignments/hip-parameters/hip-parameters.xhtml#hip-parameters-3
> _______________________________________________
> Hipsec mailing list
> Hipsec@ietf.org
> https://www.ietf.org/mailman/listinfo/hipsec




-- 
Dipl.-Inform. Tobias Heer, Ph.D. Student
Distributed Systems Group 
RWTH Aachen University, Germany
tel: +49 241 80 207 76
web: http://ds.cs.rwth-aachen.de/members/heer
blog: http://dtobi.wordpress.com/
card: http://card.ly/dtobi