[Hipsec] review of RFC4423-bis
"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Thu, 27 September 2012 04:27 UTC
Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E81021F864A for <hipsec@ietfa.amsl.com>; Wed, 26 Sep 2012 21:27:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.524
X-Spam-Level:
X-Spam-Status: No, score=-102.524 tagged_above=-999 required=5 tests=[AWL=0.075, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ELSlCyTPgIcU for <hipsec@ietfa.amsl.com>; Wed, 26 Sep 2012 21:27:32 -0700 (PDT)
Received: from slb-mbsout-02.boeing.com (slb-mbsout-02.boeing.com [130.76.64.129]) by ietfa.amsl.com (Postfix) with ESMTP id 26BC821F8646 for <hipsec@ietf.org>; Wed, 26 Sep 2012 21:27:31 -0700 (PDT)
Received: from slb-mbsout-02.boeing.com (localhost.localdomain [127.0.0.1]) by slb-mbsout-02.boeing.com (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with ESMTP id q8R4RJax022228 for <hipsec@ietf.org>; Wed, 26 Sep 2012 21:27:19 -0700
Received: from XCH-NWHT-09.nw.nos.boeing.com (xch-nwht-09.nw.nos.boeing.com [130.247.25.115]) by slb-mbsout-02.boeing.com (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id q8R4RI4L022225 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK) for <hipsec@ietf.org>; Wed, 26 Sep 2012 21:27:18 -0700
Received: from XCH-NW-16V.nw.nos.boeing.com ([130.247.25.240]) by XCH-NWHT-09.nw.nos.boeing.com ([130.247.25.115]) with mapi; Wed, 26 Sep 2012 21:27:12 -0700
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: HIP WG <hipsec@ietf.org>
Date: Wed, 26 Sep 2012 21:27:11 -0700
Thread-Topic: review of RFC4423-bis
Thread-Index: Ac2b+tKxlyO0CHdLQAKcXvk7mpYJMAAFpwxQABV/t4A=
Message-ID: <758141CC3D829043A8C3164DD3D593EA2E4C38C07D@XCH-NW-16V.nw.nos.boeing.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-TM-AS-MML: No
Subject: [Hipsec] review of RFC4423-bis
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Sep 2012 04:27:33 -0000
I had another read through of http://datatracker.ietf.org/doc/draft-ietf-hip-rfc4423-bis/ I think it is nearly ready to publish; the main substantive comments that I have are: 1) Section 13 (Changes from RFC 4423) is incomplete as written; it should either be completed or deleted 2) it would be nice to describe how host identifiers are intended to be revoked/replaced over time. However, the current text in Section 1 seems to be restrictive in this regard (more on this below). 3) it would be nice to go into a bit more detail of how HIP relates to multicast Regarding whether it should be published as Informational or PS RFC, I don't have a strong opinion. I guess I would lean towards Informational since it is not normative specification, but I would yield to whatever is best current practice in the IETF for documents such as these. - Tom Detailed comments below: Section 1 (Introduction) > There is exactly one Host Identifier for each Host Identity. This document does not talk about replacing Host Identifiers over time; should it? Also, couldn't multiple keys be associated with the same Identity (computing stack)? I wonder whether this statement is too restrictive, especially since one can imagine times in which keys are replaced and two Host Identifiers may be active at the same time. Section 2 (Terminology) > (Public key) Used as a publicly known identifier for cryptographic identity authentication. Does it need to be publicly known? See later "Unpublished Host Identifier" definition. Suggest "(typically publicly known)" instead. Section 3 (Background) > IP numbers suggest "IP addresses" instead (many places in this section) Section 4 (Host Identity namespace) > As will be specified in the Host Identity Protocol Base EXchange (BEX) [RFC5201-bis] specification Suggest instead: "As specified in the Host Identity Protocol [RFC5201-bis] specification Section 4.1 (Host Identifiers) > The actual Host Identities are never directly used in any Internet protocols. I believe that this should instead be Identifier (Identities are abstract). Section 4.2 (Host Identity Hash) > It is possible to for the two Hosts in the HIP exchange to use different hashes. Suggest "It is possible for the two hosts..." Section 4.3 (Host Identity Tag) s/perfers/prefers Section 5 (New stack architecture) > As discussed above, the IP addresses can be seen to be a confounding of routing direction vectors and interface names. Is it routing direction vectors, or endpoint (or stack) names? Is "routing direction vector" terminology used elsewhere; if so, suggest to add a reference, if not, suggest to change to end-point names. Section 7 (HIP and ESP) > As adding a new naming layer allows one to potentially add a new forwarding layer (see Section 9, below), it is very important that the HIP provides mechanisms for middlebox authentication. Perhaps add reference to RFC 5207 here? s/consistant/consistent > It should be noted that there are already BITW implementations. Perhaps a clarification here: "It should be noted that there are already BITW implementations of HIP providing virtual private network (VPN) services." Section 10 (Multicast) > Since its inception, a few studies have looked at how HIP might affect IP-layer or application-layer multicast. IMO, this section should be expanded with some more commentary about how HIP applies to multicast. In particular, how amenable are multicast key management protocols and security associations to being able to leverage HIP? Would HITs ever be put into source or destination address fields of multicast datagrams? Section 13 (Changes from RFC 4423) This section is not yet completed. Either complete or delete. Section 14 (Security considerations) > There are more details on this process in the Host Identity Protocol under development. Suggest to strike "under development" since the HIP protocol has now been developed. > There has been no attempt to develop a secure method to issue the HIT revocation notice. This is no longer true due to draft-irtf-hiprg-revocation-05; suggest to rephrase.
- [Hipsec] review of RFC4423-bis Henderson, Thomas R
- Re: [Hipsec] review of RFC4423-bis Robert Moskowitz
- Re: [Hipsec] review of RFC4423-bis Robert Moskowitz
- Re: [Hipsec] review of RFC4423-bis Gonzalo Camarillo