[Int-dir] Intdir telechat review of draft-ietf-6lo-plc-06

Dave Thaler via Datatracker <noreply@ietf.org> Sat, 07 August 2021 02:03 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Dave Thaler via Datatracker <noreply@ietf.org>
To: int-dir@ietf.org
Cc: 6lo@ietf.org, draft-ietf-6lo-plc.all@ietf.org, last-call@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <162830179295.7667.13372087276503711656@ietfa.amsl.com>
Reply-To: Dave Thaler <dthaler@microsoft.com>
Date: Fri, 06 Aug 2021 19:03:13 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/int-dir/_vTMp5tAW5v4gjBzclwht_4tdKA>
Subject: [Int-dir] Intdir telechat review of draft-ietf-6lo-plc-06

Reviewer: Dave Thaler
Review result: Almost Ready

I am an assigned INT directorate reviewer for draft-ietf-6lo-plc-06.txt. These
comments were written primarily for the benefit of the Internet Area Directors.
Document editors and shepherd(s) should treat these comments just like they
would treat comments from any other IETF contributors and resolve them along
with any other Last Call comments that have been received. For more details on
the INT Directorate, see https://datatracker.ietf.org/group/intdir/about/
<https://datatracker.ietf.org/group/intdir/about/>.

Overall I found the document to be fairly well written and understandable. 
There were a couple of areas though where I think additional elaboration is
needed.

Technical comments:

1) Page 8 talks about "the" IPv6 address used for communication with the public
network, implying there can only be one at a time.  This is not normal in IPv6,
where you can have a public address, the current temporary address, and the
previous temporary address (to allow for transition to a new one), all at the
same time.   Should this be changed to be plural?  If not, how do you support
privacy addresses in IPv6?  What about cases where you have external
connectivity to two public networks each with its own prefix?  I don't see this
answered anywhere in the doc.

2) Page 8 also mentions that a shared secret "or" version number can be used in
a hash to derive an IID, but never defines any hash details.  To me, that
implies that this document currently does not provide any guarantee of
interoperability, in which case why do you need an IETF RFC at all if every
device has to come from the same vendor with an algorithm not specified in the
standard?   I expected this document to specify the details of a hash algorithm
that must be implemented.

3) RFC 8065 explains that privacy of IPv6 link-local addresses is typically
uninteresting because on broadcast media all devices can see all the link-layer
addresses and mappings anyway.   At least in the star and tree topologies, I
suspect this is not the case.   However the document doesn't seem to contain
any discussion of the privacy considerations in such a case.

4) RFC 8065 section 4 provides a checklist of what adaptation layer
documents like this need to address. I'd recommend addressing each point
separately in the Security Considerations section, so it's clear that the
draft addresses the whole checklist.  For example, there's nothing in the
document that mentions what the typical link lifetime is (years maybe?)
As another example, it's really hard to tell from reading the last
paragraph of section 4.5 of this draft how it addresses RFC
8065's statement that "any specification using Short
Addresses should carefully construct an IID generation
mechanism so as to provide sufficient entropy compared to
the link lifetime" so elaboration here is warranted here in
my opinion.

I also have some editorial nits that can be found in a marked up copy at
https://www.microsoft.com/en-us/research/uploads/prod/2021/08/draft-ietf-6lo-plc-06.pdf

Dave

[Int-dir] Intdir telechat review of draft-ietf-6l… Dave Thaler via Datatracker
Re: [Int-dir] Intdir telechat review of draft-iet… Eric Vyncke (evyncke)
Re: [Int-dir] Intdir telechat review of draft-iet… Liubing (Remy)