Re: [homenet] naming drafts
Daniel Migault <mglt.ietf@gmail.com> Fri, 10 June 2022 14:30 UTC
Return-Path: <mglt.ietf@gmail.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E93DC14CF0D for <homenet@ietfa.amsl.com>; Fri, 10 Jun 2022 07:30:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rF5ycVPOrmQl for <homenet@ietfa.amsl.com>; Fri, 10 Jun 2022 07:30:06 -0700 (PDT)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABDADC184159 for <homenet@ietf.org>; Fri, 10 Jun 2022 07:30:06 -0700 (PDT)
Received: by mail-lf1-x12d.google.com with SMTP id be31so43152261lfb.10 for <homenet@ietf.org>; Fri, 10 Jun 2022 07:30:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/VbGuwWEldCeLrKHdEFAPo4jfzmX1QvM/FqNext+Uno=; b=YGwobEiweb6FBbAOK58SAz/OQOKXdnQBdLKEEj2J2KW5wSaZedF2D4uKjsnqFUZOCh xEF3j58O85N42M8uNoG8cc12/1c7HVMbp7UjXpvtvEMpmmpfS5EkoQxrRn1ueH+ZIIyY xKt+IDZEbO++1BNuaf/yV4dY5OPYUfAU6LCW6KCTec0HZpWTEb6AFOwo7X8wsna0P841 E9h2ZbZ/W3c1insoEsfB8tvgA+jCpFkdDc43o0BREVVz/g3mSfoncWeHq6ZUzXJK9qGk YTC/dPqp90kJI9ajN33zBIkK+maRBQtdFsDs47i3EqhgtoHgiUz0GE6gPlQ+m86BnlZK 8maA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/VbGuwWEldCeLrKHdEFAPo4jfzmX1QvM/FqNext+Uno=; b=IPtVrJO8MzsFR8KpV/u+5teMnxEyjBIwYtJ/VjVjWqQqFQ7FjNEvDuOZiygTyZ2boU yt0oOz4ji02BWVXn+DejPfMSqnmhraaIeLu+EVf5Mtaz4APwgemxhraBDjHu4axOwaQN qGJxhjdXLfhjRCGFUGFvy2uHRLxpkPhwBMy9GkvBllBtULGUicWLi7tAIUOOwWMCsKLt R/s24BM1WrlrgnR0NLBYof/T0weH4EmzP1ir/uF4bcv1m0idxiMi919UAyKQTc7mzA4z stY/uL87kEuQzBVeE+8adQp19tgi+J849x7S9Fhjfkkbhblw2BAqLFyGZthJ4zFxKCa2 bc3w==
X-Gm-Message-State: AOAM532QQMSaLE/aOb8Fpxzr0PPderJFfrtVvWpMdeFCL+gtYWZbkGtU kVz6z+xNnJnc4CG8hKiJ6/s98z1ECLeC7h3XKLEUFw80Iv0=
X-Google-Smtp-Source: ABdhPJwNru2zla7J8FzrDolxIG4SmTHb9a5MjG5VwNucjxbItMPJDwm+kqmZeQk0oszjnZ0jMcRpWLt7iqtloAiR1d0=
X-Received: by 2002:a05:6512:1289:b0:478:ff7d:db17 with SMTP id u9-20020a056512128900b00478ff7ddb17mr28245910lfs.136.1654871404788; Fri, 10 Jun 2022 07:30:04 -0700 (PDT)
MIME-Version: 1.0
References: <DM6PR02MB692445CDCA3FD587D20404A2C33B9@DM6PR02MB6924.namprd02.prod.outlook.com> <CACJ6M14zG+Be09+ZLNk651ieNCfR6-jvh706pVSRJU=rJyFwtQ@mail.gmail.com> <CADZyTknt7Fdc4peauBWPpowd38S_fp4vZcQtBWQTYGgtC9O84w@mail.gmail.com> <CACJ6M14Um0FJSGU80WQ-EcTp4UuU3V_eU=LqAeT_hxUhREia=A@mail.gmail.com> <CADZyTk=MR=xJBvNxJkHAvQTjxtd6=23c0_Eph0w5CjeJ=OpsPg@mail.gmail.com> <CACJ6M14ur1y_3mD0ohubcO+fHv=A0HoPVzmnpx8=HRF1iR=sGQ@mail.gmail.com> <CADZyTknvfbL6=JhQMH0pFYgp=ub_ejvhXAZEcjFS=d_aLu4GWw@mail.gmail.com> <20B50649-D1CF-420E-9540-47C17DB40B1D@cisco.com> <1D7BA20D-31A8-4CCE-9FCB-9767471E3273@cisco.com> <CADZyTkm87PBjSGFVpWx_RqEU4wH2x7PeCGOs6puaOE0et3Tssg@mail.gmail.com> <2de7d31a-1e2e-12c7-7cc1-9810bc65266f@gmail.com>
In-Reply-To: <2de7d31a-1e2e-12c7-7cc1-9810bc65266f@gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
Date: Fri, 10 Jun 2022 10:29:53 -0400
Message-ID: <CADZyTknQrs3OdDJq5eLYgbPJLYtKs=x+7dQPTrbgy9hcu_vAEA@mail.gmail.com>
To: Kiran M <kiran.ietf@gmail.com>
Cc: Éric Vyncke <evyncke@cisco.com>, "Eric Vyncke (evyncke)" <evyncke=40cisco.com@dmarc.ietf.org>, homenet <homenet@ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Type: multipart/alternative; boundary="0000000000003b3fc905e118c605"
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/g2nm2_e_mkZ4VOwKY1vIf-wXD_g>
Subject: Re: [homenet] naming drafts
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jun 2022 14:30:11 -0000
Thank you very much for the feed backs. I will have a look at the comments today and should be able to implement them by early next week. Yours, Daniel On Thu, Jun 9, 2022 at 7:44 PM Kiran M <kiran.ietf@gmail.com> wrote: > Hi Daniel, > > I finally managed to finish the review of front-end naming document. My > apologies for the delay. Many thanks for addressing the first round of > comments, the readability has improved quite a bit. The remainder of the > comments are in the Github. Hope we will see a revision soon. > > Cheers, > Kiran > > > ------------------------------ > *From:* Daniel Migault [mailto:mglt.ietf@gmail.com <mglt.ietf@gmail.com>] > *Sent:* Thursday, June 2, 2022, 6:36 AM > *To:* Eric Vyncke (evyncke) > *Cc:* Eric Vyncke (evyncke); homenet@ietf.org; kiran.ietf@gmail.com; > Michael Richardson; Stephen Farrell > *Subject:* [homenet] naming drafts > > We are working on it with Kiran, I actually started yesterday to consider > her latest feedback (2nd round) - not yet being pushed, but that should > happen very soon. > > Yours, > Daniel > > On Thu, Jun 2, 2022 at 7:30 AM Eric Vyncke (evyncke) <evyncke@cisco.com> > wrote: > >> As we are halfway between IETF-113 and IETF-114, it is time to make a >> check as I have seen no revised version for those 2 ‘naming’ drafts. >> >> >> >> You may also have noticed that Ted’s ‘stub networking’ work is going in a >> SNAC BoF at IETF-114 (please attend and contribute to the snac@ietf.org >> mailing list). >> >> >> >> Therefore, the plan is to close Homenet early July 2022 if nothing >> changes. >> >> >> >> Hoping to see you in “Philly” to celebrate the achievments of Homenet ! >> >> >> >> Regards >> >> >> >> -éric >> >> >> >> *From: *homenet <homenet-bounces@ietf.org> on behalf of "Eric Vyncke >> (evyncke)" <evyncke=40cisco.com@dmarc.ietf.org> >> *Date: *Thursday, 14 April 2022 at 09:16 >> *To: *"homenet@ietf.org" <homenet@ietf.org> >> *Cc: *"kiran.ietf@gmail.com" <kiran.ietf@gmail.com>, Michael Richardson < >> mcr+ietf@sandelman.ca>, Daniel Migault <mglt.ietf@gmail.com>, Stephen >> Farrell <stephen.farrell@cs.tcd.ie> >> *Subject: *Re: [homenet] naming drafts >> >> >> >> Dear Homenet, >> >> >> >> After 9 months, it is time to resurrect this email thread and move >> forward with the 'naming drafts', which are still in WG Last Call since May >> 2021: >> >> - draft-ietf-homenet-front-end-naming-delegation >> >> - draft-ietf-homenet-naming-architecture-dhc-options >> >> >> >> AT IETF-113, there was a meeting with two authors, the chairs, and I (as >> the responsible AD for Homenet). The plan is to give the authors a chance >> to issue a revised I-D considering Chris Blox's review as well as trying to >> improve the readability and flow of the text (which suffers from multiple >> revisions that have rendered the I-D difficult to read). Once done, the >> chairs will close the WGLC and will request publication to continue the >> process. This should be done by IETF-114 (July 2022) if not earlier. >> >> >> >> About the DynDNS discussion of last year, I am in favor of going forward >> anyway with the homenet drafts and wait for the IETF Last Call + IESG >> evaluation to get a broader scope than the Homenet WG on this very specific >> topic. >> >> >> >> Final point, the chairs and I have decided that once those 2 drafts have >> been approved by the IESG [1], then the Homenet WG can be closed after 11 >> years [2]. >> >> >> >> Of course, feedback and comments on the above are welcome. >> >> >> >> Regards >> >> >> >> -éric >> >> >> >> [1] or if the publication is not requested before IETF-114, then I will >> declare those two I-D as "dead" and proceed anyway with the closing of >> Homenet. >> >> [2] a new home will need to be found for Ted Lemon's drafts on "stub >> networking" >> >> >> >> *From: *homenet <homenet-bounces@ietf.org> on behalf of Daniel Migault < >> mglt.ietf@gmail.com> >> *Date: *Tuesday, 13 July 2021 at 23:28 >> *To: *Chris Box <chris.box.ietf@gmail.com> >> *Cc: *"homenet@ietf.org" <homenet@ietf.org> >> *Subject: *Re: [homenet] naming drafts >> >> >> >> Hi, >> >> >> >> Thanks for the follow up Chris. I apologize for the delay. >> >> >> >> Yours, >> >> Daniel >> >> >> >> On Tue, Jun 22, 2021 at 12:31 PM Chris Box <chris.box.ietf@gmail.com> >> wrote: >> >> Daniel, >> >> >> >> On Wed, 16 Jun 2021 at 01:27, Daniel Migault <mglt.ietf@gmail.com> wrote: >> >> >> >> The HNA SHOULD drop any packets arriving on the WAN interface that are >> not issued from the DM. >> >> Depending how the communications between the HNA and the DM are secured, >> only packets associated to that protocol SHOULD be allowed. >> >> >> The separation looks good, but I'd like to tweak the second paragraph. By >> "only packets associated to that protocol" do you mean destination port >> filtering? >> >> >> >> To me IP and port filtering are implemented by the previous line. "only >> packets associated with that protocol" to me means that only TLS packets >> are allowed. The reason we are not mentioning TLS explicitly is that >> other protocols may be used. >> >> >> >> Ah, I see, so this is about the payload of the packets. But surely >> intelligent validation of the incoming packets is always going to happen? >> This is a key property of any security protocol. >> >> If the DM is listening on TCP 443, and the incoming packet is not a TLS >> Client Hello that it is happy with, it'll get ignored. >> >> If the DM is listening on UDP 500, and the incoming packet is not an >> IKE_SA_INIT that it is happy with, it'll get ignored. >> >> >> >> So I'm not disagreeing with you, I'm just questioning whether the >> sentence is needed. I don't really mind if it stays. >> >> This may not be necessary, but the reason I would prefer to keep it is to >> head up that additional checks - when possible - may be performed in >> addition to port filtering. So unless you have a strong preference, I would >> prefer to keep this additional check that could be performed by the >> terminating node or a firewall. >> >> >> >> >> >> I'm not concerned about the additional round trip. I was more concerned >> that the DM could be implemented as a frontend/backend architecture. The >> FQDN would resolve to the front end, and this is likely to be a small list >> of addresses, or even a single address. But the backend servers would have >> distinct, different addresses. Connections from the DM to the HNA might be >> initiated from the backend. If the HNA only looked up the FQDN, it would >> drop legitimate connections. This suggests we need a way to inform the HNA >> of the set of legitimate source addresses. >> >> >> >> >> >> What did you think of this last point? >> >> >> >> I see your point. The architecture document envisioned this case by >> specifying the dm_acl parameter in the informative section 14. >> >> We did not include it into the DHCP option as we were requested to >> implement the simplest use case that is envisioned. My understanding was >> that DHCP Options had some history where complex options had been designed >> but hardly used. >> >> That said, if that is something you believe is really needed, we may >> bring this discussion and add this parameter to the current DHCP Options. >> It still represents a minor change as already considered in the >> architecture document. >> >> >> >> Another alternative may also consider adding an extension so the acl may >> be negotiated through the control channel, which I see more scalable than >> designing large DHCP options. At that point, I would rather keep the >> architecture as it is a let such option for future work - though fairly >> easy to set. >> >> >> >> >> >> >> >> >> >> Chris >> >> >> >> >> -- >> >> Daniel Migault >> >> Ericsson >> > > > -- > Daniel Migault > Ericsson > > -- Daniel Migault Ericsson
- [homenet] naming drafts STARK, BARBARA H
- Re: [homenet] naming drafts Michael Richardson
- Re: [homenet] naming drafts Juliusz Chroboczek
- Re: [homenet] naming drafts Michael Richardson
- Re: [homenet] naming drafts Stephen Farrell
- Re: [homenet] naming drafts Michael Richardson
- Re: [homenet] naming drafts Ray Hunter (v6ops)
- Re: [homenet] naming drafts Stephen Farrell
- Re: [homenet] naming drafts Juliusz Chroboczek
- Re: [homenet] naming drafts Daniel Migault
- Re: [homenet] naming drafts Stephen Farrell
- Re: [homenet] naming drafts Michael Richardson
- Re: [homenet] naming drafts Daniel Migault
- Re: [homenet] naming drafts Michael Richardson
- Re: [homenet] naming drafts Chris Box
- Re: [homenet] naming drafts Daniel Migault
- Re: [homenet] naming drafts Chris Box
- Re: [homenet] naming drafts Daniel Migault
- Re: [homenet] naming drafts Chris Box
- Re: [homenet] naming drafts Daniel Migault
- Re: [homenet] naming drafts Eric Vyncke (evyncke)
- Re: [homenet] naming drafts Eric Vyncke (evyncke)
- Re: [homenet] naming drafts Daniel Migault
- Re: [homenet] naming drafts Michael Richardson
- Re: [homenet] naming drafts Kiran M
- Re: [homenet] naming drafts Daniel Migault