Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)

Eric Rescorla <ekr@rtfm.com> Sun, 06 May 2018 19:10 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7AD712D77C for <hipsec@ietfa.amsl.com>; Sun, 6 May 2018 12:10:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KGmi3vEY6m-W for <hipsec@ietfa.amsl.com>; Sun, 6 May 2018 12:10:23 -0700 (PDT)
Received: from mail-ot0-x22c.google.com (mail-ot0-x22c.google.com [IPv6:2607:f8b0:4003:c0f::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3232A129C59 for <hipsec@ietf.org>; Sun, 6 May 2018 12:10:21 -0700 (PDT)
Received: by mail-ot0-x22c.google.com with SMTP id y10-v6so29709886otg.10 for <hipsec@ietf.org>; Sun, 06 May 2018 12:10:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fpx5vrEXJM97l1cPHvIc1VNTQ1WWWAEgHqPg+F8a/Zc=; b=qbHmkA4Q0fjGhzduM3wzd4d43NzaRbRY4FKGXq290lhDly+xvNK3loeBY3j3XoR65E BEEZWQZLqPEdUogFwT9wXosNIsFQNrGLloLTXhJq0Xjp+QCDnCoSU7e1EwMqlitn77Jv 0TNk/GDFrvvDxYpBpTEKGQvtJhKnjC2I5no3CKf0+VckWGMrzg/RM8h8VhNOvzG56tYc LmvrjjWupE6O2wEEmaCD0Z/8+XS9czu+oFEKE1NApR11gG6RYjcoe6K+PSyGrkckwM3s DxeOQtLrR0n7faRLqSwTOu2efxx2oCGmEocWU7oLs59UEB8zvWOcqMIkQ0z5zYxkUshQ 2e/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fpx5vrEXJM97l1cPHvIc1VNTQ1WWWAEgHqPg+F8a/Zc=; b=Netjp2KQkDh+cn++gE2n+GjsARbe2ZfpXR2LwIhpGLuDkKuRpD+kwyzwDmPN2KHs+g sArx2ANd0XzazZq/yEo1Ja6vq3w20JbKY7uRqvzabV/ncpdU6sbO7DL8fse2BzlIcAW0 uXWDNxtZeJ1TGnsQlDmYROAn14uZ1ozj0w2VDKX9Z9Nd9xMG609DcEfRc8P5t9oVZNd+ m1LmXti6H25vndu0IUOtWfkQtuK4yyY6aMQ0eo1z5d1VQCVb0OW5g871tAplyB0pQ+OP 2EreHbCLnKAB0SL06KSFrd//rWAOEuWfIyrmvaA4mugrxEiSYE2IwI0unorDi8cZ337p 61+Q==
X-Gm-Message-State: ALQs6tB9+ty9kNYn/RsYqSUaSksVMXRQzJiN+BeBX2UlgqM7Kc7wgiGy Uh+7Dw40SKm/s3qBL+KUJhSMZPWJQtaxm6uEFnIDqg==
X-Google-Smtp-Source: AB8JxZrS8Y9ImxB6eEQgonIWr0lvxyxyIrENxdlHjP2TP7stbD9UShD9XLFUi9cIHka6BXBxnhvKS6yVWEdQb4RXe7I=
X-Received: by 2002:a9d:1055:: with SMTP id o21-v6mr25217115oto.371.1525633820481; Sun, 06 May 2018 12:10:20 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.201.118.130 with HTTP; Sun, 6 May 2018 12:09:40 -0700 (PDT)
In-Reply-To: <71503CBD-B852-4D4B-8691-E16356EA9738@ericsson.com>
References: <152546246777.11589.13288594519409569524.idtracker@ietfa.amsl.com> <7594FB04B1934943A5C02806D1A2204B72EB51CE@ESESSMB109.ericsson.se> <CABcZeBOiuGdr+Z60zdOYGC81XMgRw0NK7SvE9xe70yhZ4_ppww@mail.gmail.com> <71503CBD-B852-4D4B-8691-E16356EA9738@ericsson.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sun, 06 May 2018 12:09:40 -0700
Message-ID: <CABcZeBM1OQVHHq8F-n+dLa3-NJdCHBcVe2rqhpWyg9=uj3sFvg@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Cc: The IESG <iesg@ietf.org>, "hipsec@ietf.org" <hipsec@ietf.org>, "draft-ietf-hip-native-nat-traversal@ietf.org" <draft-ietf-hip-native-nat-traversal@ietf.org>, "hip-chairs@ietf.org" <hip-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ed6e58056b8e4d6d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/A_TtR9E7YJh_w-8aHobLnpawwqs>
Subject: Re: [Hipsec] Eric Rescorla's Discuss on draft-ietf-hip-native-nat-traversal-28: (with DISCUSS and COMMENT)
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 May 2018 19:10:25 -0000

On Sun, May 6, 2018 at 12:05 PM, Christer Holmberg <
christer.holmberg@ericsson.com> wrote:

> Hi,
>
> The question is whether this document should re-define the HIP variations
> to ICE that RFC 5770 already does.
>

That may be your question, but it's not my question. My question is that
I'm not sure this document is sufficiently clear and unambigious to
implement, given its current structure.

-Ekr


> Regards,
>
> Christer
>
> Sent from my iPhone
>
> On 6 May 2018, at 22.01, Eric Rescorla <ekr@rtfm.com> wrote:
>
>
>
> On Sun, May 6, 2018 at 10:19 AM, Christer Holmberg <
> christer.holmberg@ericsson.com> wrote:
>
>> Hi,
>>
>> > I am very familiar with ICE and yet I found this document extremely
>> hard to follow. The problem is that it cherry-picks pieces
>> > of ICE and I'm just not sure that it's a complete specification when
>> put all together. I have noted a number of places where I
>> > actually am not sure how to implement something, and fixing those will
>> resolve this DISCUSS, but IMO you really should totally
>> > rewrite this document either (a) as a variant of ICE or (b) as an
>> entirely new document not with a pile of new text and then
>> > references out to ICE sections.
>>
>> I haven't been involved in the work on this draft, so I may be wrong, but
>> I did review the document and my understanding is that RFC 5770 is the
>> "variant of ICE", and this document is a modification/extension to RFC 5770.
>>
>
> This document is a variant of ICE in the sense that it is ICE-like and
> explicitly depends on quite a bit of ICE.
>
> -Ekr
>
>
>> Regards,
>>
>> Christer
>>
>>
>>
>