IETF Logo Mail Archive

RE: Last Call: <draft-ietf-manet-nhdp-optimization-03.txt> (An Optimization for the MANET Neighborhood Discovery Protocol (NHDP)) to Proposed Standard

"Adrian Farrel" <adrian@olddog.co.uk> Sun, 02 November 2014 22:00 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 383591A1A34 for <ietf@ietfa.amsl.com>; Sun, 2 Nov 2014 14:00:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.2
X-Spam-Level:
X-Spam-Status: No, score=-99.2 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AYJaSqU-NpP7 for <ietf@ietfa.amsl.com>; Sun, 2 Nov 2014 14:00:13 -0800 (PST)
Received: from asmtp2.iomartmail.com (asmtp2.iomartmail.com [62.128.201.249]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B6371A004D for <ietf@ietf.org>; Sun, 2 Nov 2014 14:00:13 -0800 (PST)
Received: from asmtp2.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp2.iomartmail.com (8.13.8/8.13.8) with ESMTP id sA2M0A1t011614; Sun, 2 Nov 2014 22:00:10 GMT
Received: from 950129200 (unsi-72-29-212-251.unsi.net [72.29.212.251] (may be forged)) (authenticated bits=0) by asmtp2.iomartmail.com (8.13.8/8.13.8) with ESMTP id sA2M08Nb011578 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sun, 2 Nov 2014 22:00:09 GMT
From: Adrian Farrel <adrian@olddog.co.uk>
To: 'Abdussalam Baryun' <abdussalambaryun@gmail.com>
Subject: RE: Last Call: <draft-ietf-manet-nhdp-optimization-03.txt> (An Optimization for the MANET Neighborhood Discovery Protocol (NHDP)) to Proposed Standard
Date: Sun, 02 Nov 2014 22:00:07 -0000
Message-ID: <02e501cff6e8$5e908990$1bb19cb0$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: Ac/26FkNwl0m4FiFQGOp0McboccMJA==
Content-Language: en-gb
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1576-7.5.0.1018-21072.003
X-TM-AS-Result: No--16.011-10.0-31-10
X-imss-scan-details: No--16.011-10.0-31-10
X-TMASE-MatchedRID: rYpa/RC+czEzx9GDMr0HvzYTypjB3iDVuikHZcC6ceA/vgFpaLdKG1Fk C3FivavMJP00JqzxhIABW0uhJTasU4823JRYmjGWaDCzqDR7DPak2H/b/X5aJVVMJlS9HCuzUf/ MC4Zu2qSXIvKDkFPmOE6QKUOZl/Oqe2c/FCGaWPvgcGljJ5AnZ2EF8bGZ0cKCLLoMUXmFqmYuLL rhEK94Bp93Q9aV8Vuon1TRVwPwrAM8rjCdnw9q0XBRIrj8R47Fu56wFPSkMVFkljqvtoNIdnROw AUH8TPXw6Kt9Wk1Fg/ayvaN4jh4oE8Aw2tCWJUVuIwLnB3Aqp0k80hXoYXya/gnJH5vm2+gbxyU T8x6cCOBJ0XH2HW+oF83V5iNxs/zhHW57gT4Ks0SEYfcJF0pRSFq4bKNOR/1kXR9dgxJdJD+tnM vnQl+U50Dsy7gpIedEsBMYLuTMf6ZXRFMm5LTfHY+p3RAnPX0Kx5ICGp/WtFBRe0Gd+ZWd1Cpsx 9tgqGyfWrgQNsTIWqCEbppyYBw3iQrZhTLcUW+vlxnA0x5PB99LQinZ4QefNQdB5NUNSsi1GcRA JRT6POOhzOa6g8KrS1ltLfMOx10nJLchNI+am4sJfbZ/JdIMoyetXZZscuQSl1vi29L4gY=
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/qWZZXBCflIRplFVS8otDVfIqa7k
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Nov 2014 22:00:15 -0000

Hello AB,

Thanks for your review.

> 1- The reviewer suggests that the title to be changed to specify the
> type of optimization or its condition. As to chang it to:
> 
> An Optimization for the MANET Neighborhood Discovery Protocol (NHDP)
> based on link quality.

Left for authors to respond.

> 2- The draft mentions in the introduction:-
> This modification is strictly optional,
> 
> [AB] the reviewer suggests to include in the ID-Abstract that this
> standard is optional. It is not enough to only mention in the
> introduction such important information.

Good point.

> 3- The draft proposes to update two IETF standards but does not show
> any testings information. It is prefered to test the standard
> performance by IETF before published.

"It is preferred" presumably means you would prefer it?

The document shepherd write-up confirms that there are multiple implementations of this specification. I assume, therefore, that you are suggesting that the modulus of the optimization be tested. Isn't that obvious, however? You can quantify this very exactly simply by looking at the protocol exchanges.

> 4- The draft states:-
> As such, this protocol introduces no new security considerations to an
> implementation of [RFC6130] or of any other protocol that uses it,
> such as RFC7181].
> 
> [AB] The standard is based on the use of link quality in such
> optimization, however, the proposed standard can be attacked (requires
> considerations) if the link quality is attacked frequently. The
> proposed choice of the quality-threashold and its acceptance decisions
> are very important to the proposed standard to function successfully,
> therefore, the reviewer suggests to remove the above text from the
> draft and to add some security considerations.

Haven't you got this exactly the wrong way around?
That is, without this optimization, an attack on the stability of the link (such as by radio interference) can cause disruption to 2-hop neighbors (or at least to their robustness).
This document makes these neighbors more able to rapidly recover when the link is restored.

This point was already made by me in my review and in the Sec Dir review by Charlie Kaufmann and lead one of the authors to propose including a simple statement that "It may sometimes provide a small improvement in availability against attacks such as short bursts of deliberate interference" although it was also discussed that this is not a very substantial security improvement given that it is a second (or even third) order effect compared to the basic attack on the link.

Adrian

v2.23.0 | Report a Bug | By Email