IETF Logo Mail Archive

Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard

Lorenzo Colitti <lorenzo@google.com> Mon, 22 February 2016 02:18 UTC

Return-Path: <lorenzo@google.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEA5D1B2B4C for <ietf@ietfa.amsl.com>; Sun, 21 Feb 2016 18:18:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.384
X-Spam-Level:
X-Spam-Status: No, score=-1.384 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5aY1iB7Bh2wD for <ietf@ietfa.amsl.com>; Sun, 21 Feb 2016 18:18:12 -0800 (PST)
Received: from mail-yk0-x22b.google.com (mail-yk0-x22b.google.com [IPv6:2607:f8b0:4002:c07::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 371921B2B57 for <ietf@ietf.org>; Sun, 21 Feb 2016 18:18:11 -0800 (PST)
Received: by mail-yk0-x22b.google.com with SMTP id z13so56216185ykd.0 for <ietf@ietf.org>; Sun, 21 Feb 2016 18:18:11 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=ZRHExFtdvtw5WP25XoAmaIQJn7YB3TWd3mq3+e6xxjc=; b=W/7ymCjHsFtacXMIimYxkGX7T0THNWmXzOhRyugt0KD6ibNglN9ykjDayavdp9Yfrt k2nNhvVglV9XniZ0jBTnfLsadpkjYA/JMWSeoeUnp1HI1/7vI4M0Ag/Scz+zQc2RgJxe rW0tiCLYzjerDtgXzhpA/vf6DePi/RB+hRoDitr3ENO+6RM4a0TFu6khQvJf/Gux2xFz 6ARbBdn5seql9GrN+Ln4LYdpYoBtnx3D0AnfJXj7+FCyT9xuDY4qEJdW7ENMsVmtZnHt g70wC6RJvWKA4RJ7ilsHa2ETQC0U6n1OWF0N4antkdcyxGqXHJZ9sLFean3fWiYekb1N 101w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=ZRHExFtdvtw5WP25XoAmaIQJn7YB3TWd3mq3+e6xxjc=; b=K10gxFIveNg3dum3vjJkIXZngM0V3VmZMTHng5qpLBXw0S53YZpi11IKXrkHJVIHnw wFlN7qTTQN8QntyYwFbwllCJgoTuqWwITeNet2DFU7NZef2Kr7L2ymak7Ups4S3V/LjH /e8fSfANv8Lw7+dfnP+mYBuHpLoEYnWBgjcPi8zBGP61Xouz6w2Dituxf8sl+c2JqA5/ KBwv6gryJXEto4l0PuVSej+Bd+xSFMEvAMssuHJ9juPy9VHMW+LXnbW/DBeZIdDwh0kB xQPcM9njdLAB4X9AmxEo1AhVZyhYLQewVMXcYDNRSzciAN/BtMJCXy0/iZ10k717ISex 9zzQ==
X-Gm-Message-State: AG10YOTGvFgDpIN6j+ekyNwMz+TsqoAarN8oHMNBRaSEko3BBGhdkrLf5IM5Hb1ho4dCQ4x50tK3eqVy/C7fgZl1
X-Received: by 10.37.65.211 with SMTP id o202mr2119685yba.185.1456107490292; Sun, 21 Feb 2016 18:18:10 -0800 (PST)
MIME-Version: 1.0
Received: by 10.37.19.65 with HTTP; Sun, 21 Feb 2016 18:17:50 -0800 (PST)
In-Reply-To: <56C3161F.3070301@innovationslab.net>
References: <20160201142413.30288.23248.idtracker@ietfa.amsl.com> <CAKD1Yr11tEDEPXkUWj4g_-wL=AgYRu7LYrOkgobEMtwOW4CpEA@mail.gmail.com> <003001d1687a$926ab2e0$b74018a0$@huitema.net> <56C3161F.3070301@innovationslab.net>
From: Lorenzo Colitti <lorenzo@google.com>
Date: Mon, 22 Feb 2016 11:17:50 +0900
Message-ID: <CAKD1Yr15EYQdS3XR4zenqmpBn2K2Zue2a+mMz1m+Vw54ou7zZQ@mail.gmail.com>
Subject: Re: [dhcwg] Last Call: <draft-ietf-dhc-anonymity-profile-06.txt> (Anonymity profile for DHCP clients) to Proposed Standard
To: Brian Haberman <brian@innovationslab.net>
Content-Type: multipart/alternative; boundary="001a11c00034b73625052c5271d2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/owh2STxkw3RxmtG6B0dtHEjbVew>
Cc: IETF Discussion <ietf@ietf.org>, dhc-chairs@ietf.org, Christian Huitema <huitema@huitema.net>, iesg@ietf.org, draft-ietf-dhc-anonymity-profile@ietf.org, "dhcwg@ietf.org" <dhcwg@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2016 02:18:13 -0000

On Tue, Feb 16, 2016 at 9:29 PM, Brian Haberman <brian@innovationslab.net>
wrote:

> > Well, section 4 of draft-ietf-dhc-anonymity-profile-07 says:
> >
> >    The choice between the stateful and stateless scenarios depends on
> >    flag and prefix options published by the "Router Advertisement"
> >    messages of local routers, as specified in [RFC4861].  When these
> >    options enable stateless address configuration hosts using the
> >    anonymity profile SHOULD choose it over stateful address
> >    configuration, because stateless configuration requires fewer
> >    information disclosures than stateful configuration.
> >
> > That seems pretty close from what you want, at least as far as "stateful
> DHCPv6" is concerned.
>
> I would agree that the above text covers what I interpret as Lorenzo's
> concern.
>

My concern is not with the intent, it's with the wording.

The business of this draft is to provide guidance to implementers. I am an
implementer: I wrote the DHCP client currently used in a host OS, and while
said OS does not yet support DHCPv6, I am likely to involved with that as
well if/when that happens. So I am squarely in the target audience for this
document - but as has become clear from this thread, I did not understand
the text correctly, even though I was actually paying attention It took a
specific response from Christian and an explanation from a colleague before
I actually understood what the implications were for host behaviour. We
should try to ensure other implementers do not misunderstand the text like
I did, by making it clearer.

Let me suggest text again:

   When these options enable stateless address configuration (i.e., when
   the A flag in a Prefix Information Option is set to 1) hosts using the
   anonymity profile SHOULD perform stateless address configuration
   and SHOULD NOT use stateful DHCPv6, because stateless configuration

I don't see how that text is different from the text that's already in the
draft, except it actually provides clear guidance. Why not use it?

v2.23.0 | Report a Bug | By Email