IETF Logo Mail Archive

Re: [Hipsec] draft-ietf-hip-native-api-09-pre

"Ahrenholz, Jeffrey M" <jeffrey.m.ahrenholz@boeing.com> Thu, 20 August 2009 23:56 UTC

Return-Path: <jeffrey.m.ahrenholz@boeing.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id F17013A6EEF for <hipsec@core3.amsl.com>; Thu, 20 Aug 2009 16:56:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WZ474BVlwRbh for <hipsec@core3.amsl.com>; Thu, 20 Aug 2009 16:56:20 -0700 (PDT)
Received: from slb-smtpout-01.boeing.com (slb-smtpout-01.boeing.com [130.76.64.48]) by core3.amsl.com (Postfix) with ESMTP id 23AB528C14E for <hipsec@ietf.org>; Thu, 20 Aug 2009 16:56:17 -0700 (PDT)
Received: from slb-av-01.boeing.com (slb-av-01.boeing.com [129.172.13.4]) by slb-smtpout-01.ns.cs.boeing.com (8.14.0/8.14.0/8.14.0/SMTPOUT) with ESMTP id n7KNuAeI028179 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 20 Aug 2009 16:56:13 -0700 (PDT)
Received: from slb-av-01.boeing.com (localhost [127.0.0.1]) by slb-av-01.boeing.com (8.14.0/8.14.0/DOWNSTREAM_RELAY) with ESMTP id n7KNuAM3007088; Thu, 20 Aug 2009 16:56:10 -0700 (PDT)
Received: from XCH-NWBH-11.nw.nos.boeing.com (xch-nwbh-11.nw.nos.boeing.com [130.247.55.84]) by slb-av-01.boeing.com (8.14.0/8.14.0/UPSTREAM_RELAY) with ESMTP id n7KNu8Df007037; Thu, 20 Aug 2009 16:56:10 -0700 (PDT)
Received: from XCH-NW-6V1.nw.nos.boeing.com ([130.247.55.53]) by XCH-NWBH-11.nw.nos.boeing.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 20 Aug 2009 16:56:09 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 20 Aug 2009 16:56:06 -0700
Message-ID: <0DF156EE7414494187B087A3C279BDB404AD7C73@XCH-NW-6V1.nw.nos.boeing.com>
In-Reply-To: <4A8DBB16.3010705@hiit.fi>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Hipsec] draft-ietf-hip-native-api-09-pre
Thread-Index: Acoh2kBmoONXwfyIS2WtGKM/8dpOUAAD8TNQ
References: <4A8DBB16.3010705@hiit.fi>
From: "Ahrenholz, Jeffrey M" <jeffrey.m.ahrenholz@boeing.com>
To: miika.komu@hiit.fi, hip WG <hipsec@ietf.org>
X-OriginalArrivalTime: 20 Aug 2009 23:56:09.0991 (UTC) FILETIME=[CA64A970:01CA21F1]
Subject: Re: [Hipsec] draft-ietf-hip-native-api-09-pre
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2009 23:56:21 -0000

> we got an extra review to the native API from Stefan Götz. The new 
> preversion is here:
> 
> http://www.iki.fi/miika/docs/draft-ietf-hip-native-api-09-pre1.txt
> 
> The changes are editorial readability changes throughout the 
> document. Especially section 4.1 contains now more clarifications on 
> the fields of sockaddr_hip structure and wildcards

I read the new preversion and it looks pretty good. Only this minor editorial nits below:
Sect 3.1 Interaction with the Resolver
s/should be noticed/should be noted/

> 
> We'd like to move on with the document, but we have two questions for 
> the working group:
> 
> #1 How to future proof HITs in case we need 256 bit HITs? This is 
> important also from the view point of comparison of HITs (currently 
> draft suggests memcmp() in section 4.1. Unless, there's other 
> suggestions, I'd go for alternative (i):
> 
>      * Alternative (i): separate sockaddr_hip structure for 
> larger HITs
>      * Alternative (ii): make larger HIT structure in 
> sockaddr_hip with 
> zero padding for 128 bit HITs

yes I like alternative (i) better than (ii); maybe you could make use of ship_flags to indicate new ship_hit bit sizes in the future

note that in section 4.1.1 you also describe storing IPv6 and IPv4-mapped addresses in the ship_hit field; (should the ship_flags indicate these locator types?) in the future you would need to come up with new mappings, such as IPv4/IPv6-mapped to a 256 bit HIT.

why is HIP_HIT_ANY_TMP used for anonymous identifiers? maybe it should be named HIP_HIT_ANY_ANON or HIP_HIT_ANY_NOPUB?
 
> #2 How should the socket calls react to only-hip wildcard. Currently 
> section 4.1.1 describes:
> 
>     With the HIP_HIT_ANY address,
>     the underlying system allows only HIP-based data flows with the
>     corresponding socket.  For incoming packets, the system 
> transparently
>     discards all other traffic arriving at the socket than 
> HIP related.
>     For outgoing packets, the system returns -1 in the socket call and
>     sets errno to ECOMM when the system failed to deliver the 
> packet over
>     a HIP-based data channel.

maybe you are asking if the text is enough?
it seems fairly clear to me:
- bind() to HIP_HIT_ANY and the socket provides you only with HIP data
- connect() to HIP_HIT_ANY and you are required to specify a locator (sect 4.6) (and I assume it would establish an association w/anonymous I1)
- error under other circumstances

-Jeff

v2.29.0 | Report a Bug | By Email | System Status