Re: Last Call: <draft-ietf-geopriv-dhcp-lbyr-uri-option-15.txt> (Dynamic Host Configuration Protocol (DHCP) IPv4 and IPv6 Option for a Location Uniform Resource Identifier (URI)) to Proposed Standard
Ted Lemon <mellon@fugue.com> Thu, 31 May 2012 20:43 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F392D21F85AF for <ietf@ietfa.amsl.com>; Thu, 31 May 2012 13:43:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LryQ2WxEPMVl for <ietf@ietfa.amsl.com>; Thu, 31 May 2012 13:43:15 -0700 (PDT)
Received: from toccata.fugue.com (toccata.fugue.com [204.152.186.142]) by ietfa.amsl.com (Postfix) with ESMTP id 2A8A521F85AD for <ietf@ietf.org>; Thu, 31 May 2012 13:43:15 -0700 (PDT)
Received: from [64.89.226.6] (unknown [64.89.226.6]) by toccata.fugue.com (Postfix) with ESMTPSA id 0E263238152B; Thu, 31 May 2012 16:43:12 -0400 (EDT)
Subject: Re: Last Call: <draft-ietf-geopriv-dhcp-lbyr-uri-option-15.txt> (Dynamic Host Configuration Protocol (DHCP) IPv4 and IPv6 Option for a Location Uniform Resource Identifier (URI)) to Proposed Standard
Mime-Version: 1.0 (Apple Message framework v1278)
Content-Type: text/plain; charset="windows-1252"
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <20120531184851.30358.8816.idtracker@ietfa.amsl.com>
Date: Thu, 31 May 2012 13:43:11 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <ADE21D06-F6A4-4018-A999-6B50EC94F3C7@fugue.com>
References: <20120531184851.30358.8816.idtracker@ietfa.amsl.com>
To: ietf@ietf.org
X-Mailer: Apple Mail (2.1278)
X-Mailman-Approved-At: Fri, 01 Jun 2012 08:15:25 -0700
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2012 20:43:17 -0000
There are still a few problems with this draft. The first is that it uses a nonstandard and somewhat odd encoding to deliver the URI and Lifetime values. These should simply be delivered as separate options, leaving out the whole Luritype complication. The argument might be raised that the Luritype field provides some sort of future-proofing, but this future-proofing can as easily be attained with another DHCP option code, so it's unnecessary. Secondly, this text ought to be expanded: > The choice of the Valid-For value is a policy decision for the > operator of the DHCP server. Like location URIs themselves, it can > be statically configured on the DHCP server or provisioned > dynamically (via an out-of-band exchange with a Location Information > Server) as requests for location URIs are received. To: > The choice of the Valid-For value is a policy decision for the > operator of the DHCP server. Like location URIs themselves, it can > be statically configured on the DHCP server or provisioned > dynamically (via an out-of-band exchange with a Location Information > Server) as requests for location URIs are received. DHCP server > operators are advised not to configure a valid-for lifetime that is > greater than half the minimum configured lifetime for DHCP leases, > since this could result in stale configuration information on the > DHCP client and potential loss of service. Thirdly, this text is simply wrong, and indeed specifically contradicted by RFC3396: > Per [RFC2131], subsequent LocationURI Options, which are > non-concatenated, overwrite the previous value. I don't think this is a huge problem, but I think the text should say this: > It is not meaningful to configure multiple LocationURI options. DHCPv4 servers and clients conforming to RFC3396 will not permit this; DHCPv6 servers and clients can be configured this way, but the behavior when so configured is undefined. Therefore, DHCPv6 server operators are cautioned not to configure more than one such option. Section 3.2 suggests that options shouldn't contain certain potentially harmful values, but this is a toothless restriction, since an attacker can simply ignore it. In order for it to be effective, Section 3.2 should insist that DHCP clients reject forbidden URI formats. Of course, this too is somewhat toothless, since any list of forbidden URI formats will necessarily fail to mention any future potentially harmful URIs that could arise. It would be better to list which URIs _are_ permitted, and require the client to reject any URI that is not permitted. The document is already set up to do this, but doesn't _actually_ do it, so fixing this should be quite easy. Sorry for not catching all of this sooner—the previous review of the document was rudely interrupted by the Paris IETF meeting... :) Aside from these objections, which I think are easy to address, I have no problem with the document proceeding.
- Re: Last Call: <draft-ietf-geopriv-dhcp-lbyr-uri-… Ted Lemon
- Re: Last Call: <draft-ietf-geopriv-dhcp-lbyr-uri-… Alissa Cooper
- Re: [dhcwg] Last Call: <draft-ietf-geopriv-dhcp-l… Ted Lemon
- Re: [dhcwg] Last Call: <draft-ietf-geopriv-dhcp-l… Alissa Cooper
- Re: [dhcwg] Last Call: <draft-ietf-geopriv-dhcp-l… Ted Lemon