Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15
Tom Henderson <tomhend@u.washington.edu> Sun, 19 February 2017 15:20 UTC
Return-Path: <tomhend@u.washington.edu>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07AB9129516 for <hipsec@ietfa.amsl.com>; Sun, 19 Feb 2017 07:20:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yEFOV25r38wT for <hipsec@ietfa.amsl.com>; Sun, 19 Feb 2017 07:20:06 -0800 (PST)
Received: from mxout23.cac.washington.edu (mxout23.cac.washington.edu [140.142.32.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6ACD51294FB for <hipsec@ietf.org>; Sun, 19 Feb 2017 07:20:06 -0800 (PST)
Received: from hymn03.u.washington.edu (hymn03.u.washington.edu [140.142.9.111]) by mxout23.cac.washington.edu (8.14.4+UW14.03/8.14.4+UW16.03) with ESMTP id v1JFIecX021485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 19 Feb 2017 07:18:40 -0800
Received: from hymn03.u.washington.edu (localhost [127.0.0.1]) by hymn03.u.washington.edu (8.14.4+UW14.03/8.14.4+UW16.03) with ESMTP id v1JFIapc002315; Sun, 19 Feb 2017 07:18:36 -0800
Received: from localhost (Unknown UID 14576@localhost) by hymn03.u.washington.edu (8.14.4+UW14.03/8.14.4+Submit-local) with ESMTP id v1JFIaTY002309; Sun, 19 Feb 2017 07:18:36 -0800
X-Auth-Received: from [73.140.18.44] by hymn03.u.washington.edu via HTTP; Sun, 19 Feb 2017 07:18:36 PST
Date: Sun, 19 Feb 2017 07:18:36 -0800
From: Tom Henderson <tomhend@u.washington.edu>
To: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
In-Reply-To: <f70ecd7b-9558-806e-319c-9e85f263e1e3@ericsson.com>
Message-ID: <alpine.LRH.2.01.1702190718360.26978@hymn03.u.washington.edu>
User-Agent: Web Alpine 2.01 (LRH 1302 2010-07-20)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Content-Transfer-Encoding: 8bit
X-PMX-Version: 6.2.1.2493963, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2017.2.19.151516
X-PMX-Server: mxout23.cac.washington.edu
X-Uwash-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, SUPERLONG_LINE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_2000_2999 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, DATE_TZ_NA 0, IN_REP_TO 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, MULTIPLE_REAL_RCPTS 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CC_NAME 0, __CC_NAME_DIFF_FROM_ACC 0, __CC_REAL_NAMES 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __HAS_CC_HDR 0, __HAS_FROM 0, __HAS_MSGID 0, __HTTPS_URI 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __MULTIPLE_URI_TEXT 0, __NO_HTML_TAG_RAW 0, __SANE_MSGID 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NAME 0, __TO_NAME_DIFF_FROM_ACC 0, __TO_REAL_NAMES 0, __URI_IN_BODY 0, __URI_NS , __URI_WITH_PATH 0, __USER_AGENT 0'
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/QArrrjvRxoAMt7U-cEtJy51-tQs>
Cc: HIP <hipsec@ietf.org>
Subject: Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-traversal-15
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Feb 2017 15:20:08 -0000
Hello, I have read the latest (-17) draft and sent some purely editorial comments to Miika. I had a few non-editorial questions and comments.
1) In appendix D, it states:
o A minimal implementation would conform only to Section 4.7.1 or
Section 4.7.2, thus merely tunneling HIP control and data traffic
over UDP. The drawback here is that it works only in the limited
cases where the Responder has a public address.
However, in section 5.4, it states:
Implementations conforming to this specification MUST implement both
UDP-ENCAPSULATION and ICE-HIP-UDP modes.
The contradictory text should be resolved. In my opinion, implementations that want to support only the UDP-ENCAPSULATION mode (and its restricted set of use cases) should be allowed. However, I don't know what might need to be done to avoid a situation where a product claims RFC compliance but only implements one of the two modes. It could perhaps be avoided by a statement that states "Implementations that choose to only support the UDP-ENCAPSULATION mode should clarify this point when any claims of <RFC-to-be> compliance are made."
2) Appendix C states:
o The considerations on Diffserv Codepoint markings in ICE are not
applicable to HIP since Diffserv is not used in HIP.
Why wouldn't the same issues arise in HIP as in ICE on this matter? Should this draft instead copy or reference the RFC 5245 recommendation:
If the agent is using Diffserv Codepoint markings [RFC2475] in its
media packets, it SHOULD apply those same markings to its
connectivity checks.
Also, I don't think that the HIP control plane should be excluded from using diffserv.
3) In section 4.10 (NAT keepalives), it states:
Both a registered client and relay server SHOULD
send a HIP NOTIFY packets to each other every 15 seconds (the so-
called Tr value in ICE) unless they have exchange some other traffic
over the used UDP ports.
However, I couldn't find an explanation anywhere (also in RFC 5770) about how to code this NOTIFY. Would it make sense to define also a "NAT_KEEPALIVE" NOTIFY message type for this purpose?
Once these issues are resolved, I think that the draft would be ready to publish.
- Tom
On Thu, 2 Feb 2017, Gonzalo Camarillo wrote:
> Folks,
>
> I would like to start a WGLC on the following draft. This WGLC will
> end on February 19th:
>
> https://datatracker.ietf.org/doc/draft-ietf-hip-native-nat-traversal/
>
> Thanks,
>
> Gonzalo
>
> _______________________________________________
> Hipsec mailing list
> Hipsec@ietf.org
> https://www.ietf.org/mailman/listinfo/hipsec
>
- [Hipsec] WGLC: draft-ietf-hip-native-nat-traversa… Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Jeff Ahrenholz
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Jeff Ahrenholz
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Tom Henderson
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Jeff Ahrenholz
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu
- Re: [Hipsec] WGLC: draft-ietf-hip-native-nat-trav… Miika Komu