Re: [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis
Julien Laganier <julien.ietf@gmail.com> Thu, 11 June 2015 01:44 UTC
Return-Path: <julien.ietf@gmail.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F94E1A873B for <hipsec@ietfa.amsl.com>; Wed, 10 Jun 2015 18:44:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QwJL5Q7yMBkE for <hipsec@ietfa.amsl.com>; Wed, 10 Jun 2015 18:44:29 -0700 (PDT)
Received: from mail-yh0-x230.google.com (mail-yh0-x230.google.com [IPv6:2607:f8b0:4002:c01::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19F2C1A000B for <hipsec@ietf.org>; Wed, 10 Jun 2015 18:44:29 -0700 (PDT)
Received: by yhak3 with SMTP id k3so27476256yha.2 for <hipsec@ietf.org>; Wed, 10 Jun 2015 18:44:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Usl1cX3fv8/hk+E78LYT0PV8K4JrYO5pskniYuItkr8=; b=NlSyHftX3D/W6x3zwTW34QLh0TXdAYBJwFjpTj0JRdqIf+uFqv3HiitzP6ZMxtif/v lAU4pN2zJ2MTYAPGFWsRTsduJJTF85LnFFc8QfB6tTWjJEK5YXNyBJg3rveOXyODmQIT 7LYYvZ3+ZkksLAS1wyMpOOMRwcaRwIPEVSYETTwV1fBY40khdcCeVhokY2IirOLck1lU mlvgnwTDXg87dq5BqPvXS9x+JFI9BLcUhO2j+xNYycwZTczH+9SAvbCUV6j7CCe7NtJy 4gG/ZDmFy7BlzAAYwURIBrtwZLOOGA3wCxQGNSgBO0CKP5umCfSJTXz3Mw/xKnNxPB+7 NuJw==
MIME-Version: 1.0
X-Received: by 10.129.137.129 with SMTP id z123mr7870262ywf.145.1433987068452; Wed, 10 Jun 2015 18:44:28 -0700 (PDT)
Received: by 10.129.137.134 with HTTP; Wed, 10 Jun 2015 18:44:28 -0700 (PDT)
In-Reply-To: <5548CCD5.9010108@ericsson.com>
References: <5530E4C1.8070509@ericsson.com> <554780D0.9070301@tomh.org> <5548CCD5.9010108@ericsson.com>
Date: Wed, 10 Jun 2015 18:44:28 -0700
Message-ID: <CAE_dhjtfiRE17q=GhgTLWoCUbCYmYa93+UnfgUDc5hJyK49ATA@mail.gmail.com>
From: Julien Laganier <julien.ietf@gmail.com>
To: Gonzalo Camarillo <Gonzalo.Camarillo@ericsson.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/hipsec/sfALfpIqaPRu5Izy3mxB1Agp1QA>
Cc: HIP <hipsec@ietf.org>
Subject: Re: [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2015 01:44:35 -0000
Hi Tom, Thank you for you review. Please see inline below the proposed resolution of your WGLC comments. --julien > On 04/05/2015 5:23 PM, Tom Henderson wrote: >> On 04/17/2015 03:47 AM, Gonzalo Camarillo wrote: >>> Hi, >>> >>> I would like to start a WGLC on the following draft. This WGLC will end >>> on May 4th: >>> >>> https://datatracker.ietf.org/doc/draft-ietf-hip-rfc5205-bis/ >>> >>> Please, send your comments to this list. >>> >>> Thanks, >>> >>> Gonzalo >> >> I had a fresh read of this specification and have the following comments. >> >> (possibly) technical >> -------------------- >> >> RFC 7401 specifies ECDSA and ECDSA_LOW as separate algorithm types, but >> this document only mentions ECDSA. For alignment with RFC 7401, I >> suggest to replace references to "ECDSA" with "ECDSA and ECDSA_LOW" as >> appropriate (it seems to me that they can reuse the same code point). The HIP DNS support re-uses the existing DNS KEY RR encoding for ECDSA, however AFAIK there is no DNS KEY RR encoding for ECDSA_LOW. Also, since presumably ECDSA_LOW support is present in RFC 7401 for tightly constrained device, and given that it isn't immediately clear whether such tightly constrained device would use the DNS at all to resolve HIP information of their peer, at this time I'd rather keep ECDSA_LOW out-of-scope for this specification. >> I could not find discussion about TTL considerations; are there any? If >> there are no special considerations about TTL, caching, and how records >> may be updated, perhaps it would be helpful to state this (and possibly >> reference the specification that describes how to expire resource records). I've clarified the TTL handling of the HIP resource records by adding the following paragraph to sec 4.2: The HIP resource records have a Time To Live (TTL) associated with them. When the number of seconds that passed since the record was retrieved exceeds the record's TTL, the record MUST be considered to be no longer valid and deleted by the entiry that retrieved it. If access to the record is necessary to initiate communication with the entity to which the record corresponds, a new query MUST be be made to retrieve a fresh copy of the record. >> The document doesn't seem to have any discussion of what to do when a >> host wants to register more than one host identity. I suggest something >> along the lines of "there may be multiple HIP RRs associated with a >> single name. It is outside the scope of this specification as to how a >> host chooses from between multiple RRs when more than one is returned. >> The RVS information may be copied and aligned across multiple RRs, or >> may be different for each one; a host SHOULD check that the RVS used is >> associated with the HI being used, when multiple choices are present." Thanks, I've added the text you proposed to sec. 4.2 but I've used MUST instead of SHOULD. >> editorial >> --------- >> >> IANA considerations could be made more explicit about exactly what we >> are requesting IANA to do; e.g., "the reference to the RR type code >> should be updated from RFC 5205 to this specification." and "this >> document requests that IANA allocate a new codepoint for 'ECDSA and >> ECDSA_LOW' in the existing registry for IPSECKEY RR." Done. The IANA considerations has been update and now reads: 9. IANA Considerations IANA is requested to replace references to [RFC5205] by references to this document in the the DNS RR type code registry. IANA is requested to allocate the following algorithm type in the IPSECKEY RR [RFC4025] registry: [IANA-TBD] is ECDSA >> Suggest to replace "Singly" with "Single" and "degenerated" with >> "degenerate". done.
- [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis Julien Laganier
- Re: [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis Gonzalo Camarillo
- Re: [Hipsec] WGLC: draft-ietf-hip-rfc5205-bis Julien Laganier