IETF Logo Mail Archive

Re: [Hipsec] Last Call: <draft-ietf-hip-rfc4843-bis-05.txt> (An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers Version 2 (ORCHIDv2)) to Proposed Standard

Julien Laganier <julien.ietf@gmail.com> Thu, 19 June 2014 14:24 UTC

Return-Path: <julien.ietf@gmail.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A0051A03C3 for <hipsec@ietfa.amsl.com>; Thu, 19 Jun 2014 07:24:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Iz2wstHwb_s for <hipsec@ietfa.amsl.com>; Thu, 19 Jun 2014 07:24:31 -0700 (PDT)
Received: from mail-vc0-x230.google.com (mail-vc0-x230.google.com [IPv6:2607:f8b0:400c:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C841D1A03C0 for <hipsec@ietf.org>; Thu, 19 Jun 2014 07:24:30 -0700 (PDT)
Received: by mail-vc0-f176.google.com with SMTP id ik5so2270061vcb.35 for <hipsec@ietf.org>; Thu, 19 Jun 2014 07:24:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=gs0j8J0XOQ+dZ5EGOJSzk/pFDHavs0VMMke3Cq7gtVc=; b=uhgnjV7eILw95PqJwVtDFgeDDaUCyAxmHIj9OHf3uk3vG96tEtuPnwQ8DK/LaKugCB o3uxdW7ucetBCGN0n5/Fv3eb9tpitaSpOfkWCcsh1qP/Aw2c8FdNs/74RdvkxfrFtWnP GqOy+vv6FI9Vp0FgDDNJ1rIZXqV7PkIG6QpP6Ineidl2N/b07b/KU/MtM3lbTyrzDhOu zs6cm07ziEUjCJvJELsriAqKdMNIqDwgEbK+hYZzSaSz7xaUQYpdRlSdowkHejaQjd5y jwDnf0nVxJEGtl+5c7PsVykroG5fbngz16EB6mSAsuV2DpBiZx5zrPx+NQFUnPJ4yP0I Tjcg==
MIME-Version: 1.0
X-Received: by 10.221.27.8 with SMTP id ro8mr4264795vcb.30.1403187869956; Thu, 19 Jun 2014 07:24:29 -0700 (PDT)
Received: by 10.52.117.9 with HTTP; Thu, 19 Jun 2014 07:24:29 -0700 (PDT)
In-Reply-To: <6.2.5.6.2.20140607073853.0b975758@resistor.net>
References: <20140528160426.31345.98483.idtracker@ietfa.amsl.com> <6.2.5.6.2.20140607073853.0b975758@resistor.net>
Date: Thu, 19 Jun 2014 07:24:29 -0700
Message-ID: <CAE_dhju4kfj=YXjJN-rMXDNd-zLy4zLawf_2jcBh26CiFSJ99A@mail.gmail.com>
From: Julien Laganier <julien.ietf@gmail.com>
To: S Moonesamy <sm+ietf@elandsys.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/hipsec/_rmyptZrUxJVOrHQ_mYJJz5bM4E
Cc: HIP <hipsec@ietf.org>, Francis Dupont <fdupont@isc.org>
Subject: Re: [Hipsec] Last Call: <draft-ietf-hip-rfc4843-bis-05.txt> (An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers Version 2 (ORCHIDv2)) to Proposed Standard
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jun 2014 14:24:32 -0000

On Sat, Jun 7, 2014 at 8:22 AM, S Moonesamy <sm+ietf@elandsys.com> wrote:
> At 09:04 28-05-2014, The IESG wrote:
>>
>> The IESG has received a request from the Host Identity Protocol WG (hip)
>> to consider the following document:
>> - 'An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers
>>    Version 2 (ORCHIDv2)'
>>   <draft-ietf-hip-rfc4843-bis-05.txt> as Proposed Standard
>>
>> The IESG plans to make a decision in the next few weeks, and solicits
>> final comments on this action. Please send substantive comments to the
>> ietf@ietf.org mailing lists by 2014-06-11. Exceptionally, comments may be
>
>
> I took a quick look at the draft.
>
> In Section 1.1:
>
>   "While being technically possible to use ORCHIDs between consenting
>    hosts without any co-ordination with the IETF and the IANA, the
>    authors would consider such practice potentially dangerous."
>
> The document is intended as an IETF RFC.  I suggest framing the about from
> an IETF perspective instead of the authors' perspective.

s/the authors/the IETF/ ?

>   "A specific danger would be realised if the IETF community later
>    decided to use the ORCHID prefix for some different purpose.  In
>    that case, hosts using the ORCHID prefix would be, for practical
>    purposes, unable to use the prefix for the other new purpose."
>
> My reading of the above is that the working group is trying to make a case
> for some free IPv6 addresses.  According to the sixth paragraph in that
> section ORCHIDs are about allowing people to experiment.  The question that
> arises is why is an intended Proposed Standard being used to describe an
> experiment.  I don't understand the "danger" argument.  Is the ORCHID
> request for an experiment or for a prefix to be set aside for people using
> the technology?

HIP _was_ an experiment supported by ORCHIDs. The experiment has
concluded and HIP is going to proposed standard, requiring a propose
standard ORCHID, so the sixth paragraph can be adapted accordingly:

OLD:

ORCHIDs are
   designed to address this situation: to allow people to experiment
   with protocol stack extensions, such as secure overlay routing, HIP,
   or Mobile IP privacy extensions, without requiring them to update
   their applications.  The goal is to facilitate large-scale
   experiments with minimum user effort.


NEW:

ORCHIDs are
   designed to address this situation: to allow people to implement
   protocol stack extensions, such as secure overlay routing, HIP,
   or Mobile IP privacy extensions, without requiring them to update
   their applications.  The goal is to facilitate large-scale
   deployments with minimum user effort.

> In Section 3:
>
>   "Router software MUST NOT include any special handling code for
>    ORCHIDs.  In other words, the non-routability property of ORCHIDs, if
>    implemented, MUST be implemented via configuration and NOT by
>    hardwired software code.  At this time, it is RECOMMENDED that the
>    default router configuration not handle ORCHIDs in any special way.
>    In other words, there is no need to touch existing or new routers due
>    to ORCHIDs.  If such a reason should later appear, for example, due
>    to a faulty implementation leaking ORCHIDs to the IP layer, the
>    prefix can be and should be blocked by a simple configuration rule."
>
> There is, in my opinion, excessive usage of RFC 2119 key words in the above.
> I suggest using RFC 2119 key words for the main points.

Specific suggestions would be welcome w.r.t. to what is excessive, and
the proposed remedy.

> The IANA Considerations in Section 6 could do with a few changes.  Please
> see RFC 6890 for the information requirements for having a reservation in
> the IPv6 Special-Purpose Address Registry.

IANA considerations will be clarified based on the forthcoming IANA review.

> The termination date for the ORCHID assignment is March 2014.  It may be
> easier to note the fact that the experiment has ended instead of saying that
> the prefix is to be returned to IANA in 2014.

This provides useful information on the need for an allocation for
the time being, and I believe can be edited as you suggest as an
editorial change during AUTH48 once the draft has been approved by
IESG.

--julien

v2.23.0 | Report a Bug | By Email