Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf-ippm-stamp-option-tlv-07: (with DISCUSS and COMMENT) addressing COMMENTS
Benjamin Kaduk <kaduk@mit.edu> Wed, 22 July 2020 04:14 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CFCA3A0D60; Tue, 21 Jul 2020 21:14:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eLvYUhbK5Jh6; Tue, 21 Jul 2020 21:13:57 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C1403A0D66; Tue, 21 Jul 2020 21:13:56 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 06M4D3NR012455 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 22 Jul 2020 00:13:05 -0400
Date: Tue, 21 Jul 2020 21:13:03 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Greg Mirsky <gregimirsky@gmail.com>
Cc: IPPM Chairs <ippm-chairs@ietf.org>, draft-ietf-ippm-stamp-option-tlv@ietf.org, The IESG <iesg@ietf.org>, Yali Wang <wangyali11@huawei.com>, IETF IPPM WG <ippm@ietf.org>
Message-ID: <20200722041303.GG41010@kduck.mit.edu>
References: <159478020257.22868.5345083656365195833@ietfa.amsl.com> <CA+RyBmXmTdHQWS_nhzXmj7=J_t1uaC4OPObUvZthZgYm-DzM6A@mail.gmail.com> <20200720232054.GZ41010@kduck.mit.edu> <CA+RyBmXJg6S6N0KdreSx3CvAnLnTwt94vPSGHgju9A92rCjn-g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CA+RyBmXJg6S6N0KdreSx3CvAnLnTwt94vPSGHgju9A92rCjn-g@mail.gmail.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/b_dc6vYEKNlqYycct9lJCuceWgY>
Subject: Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf-ippm-stamp-option-tlv-07: (with DISCUSS and COMMENT) addressing COMMENTS
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 04:14:06 -0000
Hi Greg, On Tue, Jul 21, 2020 at 03:05:29PM -0700, Greg Mirsky wrote: > Hi Ben, > thank you for the detailed response to the proposed updates addressing > COMMENTS. I'll work on on the outstanding issues. > We've discussed the NAT64 case and below the proposed text for the > section on Location TLV. Also, a new IANA request for the sub-registry > of sub-TLV types. > > 4.2. Location TLV > > STAMP Session-Senders MAY include the variable-size Location TLV to > query location information from the Session-Reflector. The Session- > Sender MUST NOT fill any information fields except for STAMP TLV > Flags, Type, and Length. The Session-Reflector MUST validate the > Length value against the address family of the transport > encapsulating the STAMP test packet. If the Length field's value is It seems like validating this length might cause unnecessary failures when a NAT64 is present, if I understand correctly. > invalid, the Session-Reflector follows the procedure defined in > Section 4 for a malformed TLV. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| Location Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Destination Port | Source Port | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ Sub-TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 8: Location TLV > > where fields are defined as the following: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > o Location Type - is a one-octet-long field, value TBA2 allocated by > IANA Section 5.1. > > o Length - two-octet-long field equal to the length of the Value > field in octets. > > o Destination Port - two-octet-long UDP destination port number of > the received STAMP packet. > > o Source Port - two-octet-long UDP source port number of the > received STAMP packet. > > o Sub-TLVs - a sequence of sub-TLVs, as defined further in this > section. The "theory of operation" in 4.2.2 helps clarify things a great deal, but it might be worth a sentence here about "the sub-TLVs are used by the Session-Sender to request location information with generic TLV types, and the Session-Reflector responds with the corresponding more-specific sub-TLVs for the type of address (e.g., IPv4 or IPv6) used at the Session-Reflector". > 4.2.1. Location Sub-TLVs > > A sub-TLV in the Location TLV uses the format displayed in Figure 5. > Handling of the U and M flags in the sub-TLV is as defined in > Section 4. The I flag MUST be set by a Session-Sender and Session- > Reflector to 0 before transmission and its value ignored on receipt. > The following types of sub-TLV for the Location TLV are defined in > this specification (type values are assigned according to Table 5): > > o Source MAC Address sub-TLV - is a 12-octet-long sub-TLV. The Type > value is TBA9. The value of the Length field MUST equal to 8. > The Value field is a 12-octet-long MBZ field that MUST be zeroed > on transmission and ignored on receipt. > > o Source EUI-48 Address sub-TLV - is a 12-octet-long sub-TLV that > includes the EUI-48 source MAC address. The Type value is TBA10. > The value of the Length field MUST equal to 8. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | EUI-48 Address | > + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | MBZ | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 9: The Value Field of the Source EUI-48 Address sub-TLV > > The Value field consists of the following fields (Figure 9): > > * The EUI-48 is a six-octet-long field. > > * Two-octet-ling MBZ field MUST be zeroed on transmission and > ignored on receipt. > > o Source EUI-64 Address sub-TLV - is a 12-octet-long sub-TLV that > includes the EUI-64 source MAC address. The Type value is TBA11. > The value of the Length field MUST equal to 12. The Value field > consists of an eight-octet-long EUI-64 field. > > o Destination IP Address sub-TLV - is a 20-octet-long sub-TLV. The > Type value is TBA12. The value of the Length field MUST equal to > 16. The Value field consists of a 16-octet-long MBZ field that > MUST be zeroed on transmit and ignored on receipt > > o Destination IPv4 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv4 destination address. The Type value is TBA13. The > value of the Length field MUST equal to 16. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | IPv4 Address | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ MBZ (12 octets) ~ > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 10: IPv4 Address in a Sub-TLV's Value Field > > The Value field consists of the following fields (Figure 10): > > * The IPv4 Address is a four-octet-long field. > > * 12-octet-long MBZ field MUST be zeroed on transmit and ignored > on receipt. > > o Destination IPv6 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv6 destination address. The Type value is TBA14. The > value of the Length field MUST equal to 16. The Value field is a > 16-octet-long IP v6 Address field. > > o Source IP Address sub-TLV - is a 20-octet-long sub-TLV. The Type > value is TBA15. The value of the Length field MUST equal to 16. > The Value field is a 16-octet-long MBZ field that MUST be zeroed > on transmit and ignored on receipt > > o Source IPv4 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv4 source address. The Type value is TBA16. The value > of the Length field MUST equal to 16. The Value field consists of > the following fields (Figure 10): > > * The IPv4 Address is a four-octet-long field. > > * 12-octet-long MBZ field that MUST be zeroed on transmit and > ignored on receipt. > > o Source IPv6 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv6 source address. The Type value is TBA17. The value > of the Length field MUST equal to 16. The Value field is a 16- > octet-long IPv6 Address field. > > 4.2.2. Theory of Operation of Location TLV > > The Session-Reflector that received an extended STAMP packet with the > Location TLV MUST include the Location TLV of the size equal to the > size of Location TLV in the received packet in the reflected packet. > Based on the local policy, the Session-Reflector MAY leave some > fields unreported by filling them with zeroes. An implementation of > the stateful Session-Reflector MUST provide control for managing such > policies. > > A Session-Sender MAY include the Source MAC Address sub-TLV is the > Location TLV. If the Session-Reflector receives the Location TLV > that includes the Source MAC Address sub-TLV, it MUST include the > Source EUI-48 Address sub-TLV if the source MAC address of the > received extended test packet is in EUI-48 format. And the Session- > Reflector MUST copy the value of the source MAC address in the EUI-48 > field. Otherwise, the Session-Reflector MUST use the Source EUI-64 > Address sub-TLV and MUST copy the value of the Source MAC address > from the received packet into the EUI-64 field. If the received > extended STAMP test packet does not have the Source MAC address, the > Session-Reflector MUST zero the EUI-64 field before transmitting the > reflected packet. > > A Session-Sender MAY include the Destination IP Address sub-TLV is > the Location TLV. If the Session-Reflector receives the Location TLV > that includes the Destination IP Address sub-TLV, it MUST include the > Destination IPv4 Address sub-TLV if the source IP address of the > received extended test packet is of IPv4 address family. And the > Session-Reflector MUST copy the value of the destination IP address > in the IPv4 Address field. Otherwise, the Session-Reflector MUST use > the Destination IPv6 Address sub-TLV and MUST copy the value of the > destination IP address from the received packet into the IPv6 Address > field. > > A Session-Sender MAY include the Source IP Address sub-TLV is the > Location TLV. If the Session-Reflector receives the Location TLV > that includes the Source IP Address sub-TLV, it MUST include the > Source IPv4 Address sub-TLV if the source IP address of the received > extended test packet is of IPv4 address family. And the Session- > Reflector MUST copy the value of the source IP address in the IPv4 > Address field. Otherwise, the Session-Reflector MUST use the Source > IPv6 Address sub-TLV and MUST copy the value of the source IP address > from the received packet into the IPv6 Address field. > > The Location TLV MAY be used to determine the last-hop IP addresses, > ports, and last-hop MAC address for STAMP packets. The MAC address > can indicate a path switch on the last hop. The IP addresses and UDP > ports will indicate if there is a NAT router on the path. It allows > the Session-Sender to identify the IP address of the Session- > Reflector behind the NAT, and detect changes in the NAT mapping that > could cause sending the STAMP packets to the wrong Session-Reflector. > > 5.3. Sub-TLV Type Sub-registry > > IANA is requested to create the sub-TLV Type sub-registry as part of > the STAMP TLV Type registry. All code points in the range 1 through Ah, interesting. My assumption from the way that the -07 talked about sub-TLVs was that the TLV type codes for top-level TLVs and sub-TLVs would be assigned from the same registry. I'm okay with being wrong (separate registries feels more natural to me), so it's good to see this clarified. It may be worth a note about whether the same sub-TLV types are to be used in all TLVs that have sub-TLVs, or whether the sub-TLV types are further scoped by the type of the containing TLV. If that makes sense (too many "TLV"s makes for tough reading). Thanks, Ben > 175 in this registry shall be allocated according to the "IETF > Review" procedure as specified in [RFC8126]. Code points in the > range 176 through 239 in this registry shall be allocated according > to the "First Come First Served" procedure as specified in [RFC8126]. > The remaining code points are allocated according to Table 4: > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 25] > Internet-Draft STAMP Extensions July 2020 > > > +-----------+--------------+---------------+ > | Value | Description | Reference | > +-----------+--------------+---------------+ > | 0 | Reserved | This document | > | 1- 175 | Unassigned | This document | > | 176 - 239 | Unassigned | This document | > | 240 - 251 | Experimental | This document | > | 252 - 254 | Private Use | This document | > | 255 | Reserved | This document | > +-----------+--------------+---------------+ > > Table 4: Location Sub-TLV Type Sub-registry > > This document defines the following new values in the IETF Review > range of the Location sub-TLV Type sub-registry: > > +-------+--------------------------+----------+---------------+ > | Value | Description | TLV Used | Reference | > +-------+--------------------------+----------+---------------+ > | TBA9 | Source MAC Address | Location | This document | > | TBA10 | Source EUI-48 Address | Location | This document | > | TBA11 | Source EUI-64 Address | Location | This document | > | TBA12 | Destination IP Address | Location | This document | > | TBA13 | Destination IPv4 Address | Location | This document | > | TBA14 | Destination IPv6 Address | Location | This document | > | TBA15 | Source IP Address | Location | This document | > | TBA16 | Source IPv4 Address | Location | This document | > | TBA17 | Source IPv6 Address | Location | This document | > +-------+--------------------------+----------+---------------+ > > Table 5: STAMP sub-TLV Types > > The current working version of the draft attached. > > Regards, > Greg > > On Mon, Jul 20, 2020 at 4:21 PM Benjamin Kaduk <kaduk@mit.edu> wrote: > > > > Hi Greg, > > > > On Sat, Jul 18, 2020 at 01:33:00PM -0700, Greg Mirsky wrote: > > > Hi Benjamin, > > > I hope my proposal to split DISCUSS and COMMENTS resolutions is acceptable > > > to you (I'll make sure that nothing gets lost in the meantime). Please find > > > my answers to the COMMENTS section of your review below tagged GIM>>. > > > Attached is the diff reflecting all the updates applied in the working > > > version. Please note that the format of the Location TLV is WIP. > > > > Understood about the Location TLV, and thank you for reopening that part of > > the design.. > > Inline... > > > > > Regards, > > > Greg > > > > > > On Tue, Jul 14, 2020 at 7:30 PM Benjamin Kaduk via Datatracker < > > > noreply@ietf.org> wrote: > > > > > > > Benjamin Kaduk has entered the following ballot position for > > > > draft-ietf-ippm-stamp-option-tlv-07: Discuss > > > > > > > > When responding, please keep the subject line intact and reply to all > > > > email addresses included in the To and CC lines. (Feel free to cut this > > > > introductory paragraph, however.) > > > > > > > > > > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html > > > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > > > > > > > The document, along with other ballot positions, can be found here: > > > > https://datatracker.ietf.org/doc/draft-ietf-ippm-stamp-option-tlv/ > > > > > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > DISCUSS: > > > > ---------------------------------------------------------------------- > > > > > > > > I support Roman's discusses and am happy to see the ongoing discussion > > > > thereof. > > > > > > > > (1) I think there's a conflict between this document and RFC 8762 with > > > > respect to the behavior of pure RFC 8762 implementations that receive > > > > packets longer than the base packet for the given operational mode. > > > > > > > > RFC 8762 says (Section 4.3): > > > > > > > > % The Session-Reflector receives the STAMP-Test packet and verifies it. If > > > > % the base STAMP-Test packet is validated, the Session-Reflector that > > > > % supports this specification prepares and transmits the reflected test > > > > % packet symmetric to the packet received from the Session-Sender copying > > > > % the content beyond the size of the base STAMP packet (see Section 4.2). > > > > > > > > But Section 4 of this document says: > > > > > > > > A Session-Reflector > > > > that does not support STAMP extensions is not expected to compare the > > > > value in the Length field of the UDP header and the length of the > > > > STAMP base packet. Hence the Session-Reflector will transmit the > > > > base STAMP packet. [...] > > > > > > > > Does "will transmit the base STAMP packet" mean something other than > > > > "with the exact length of the base packet [for the given operational > > > > mode]"? > > > > > > > > (2) As I remarked on (then-) draft-ietf-ippm-stamp, I think we need to > > > > require some level of cryptographic protection whenever control > > > > information is included in a Session-Sender's test packet. That is, > > > > that a Session-Reflector MUST NOT act on control information received in > > > > unauthenticated packets, and specifically, that the HMAC TLV must be > > > > used, since the base authenticated STAMP packet's HMAC does not cover > > > > the options. > > > > > > > > (3) The secdir reviewer's question about dealing with 6-to-4 gateways > > > > seems to have not gotten a response. Specifically, the requirement that > > > > "[t]he Session-Reflector MUST validate the Length value against the > > > > address family of the transport encapsulating the STAMP test packet" > > > > seems to require the protocol to fail when sender and reflector use > > > > different address families, or perhaps to require the sender to use > > > > trial and error to determine which address family is used by the > > > > reflector. Some clarification on the intended operation in such > > > > scenarios seems appropriate. > > > > > > > > (4) The ability for a Session-Sender to (MUST-level!) control the DSCP > > > > codepoint used by packets generated by a Session-Reflector feels like it > > > > opens up significant risk in site-local (security-relevant) policy. That > > > > is, the interpretation of the DSCP codepoints is to large extent > > > > site-specific, and allowing a nominally external system to set any/all > > > > possible values, without a chance for site policy to be applied and > > > > block the use of potentially disruptive DSCP values. So I think we need > > > > to modify the "MUST set", perhaps requiring that either the requested > > > > DSCP value is used or the entire TLV/packet/whatever is rejected. > > > > > > > > (5) If we're not going to remedy the severability of authenticated > > > > options from authenticated base packets (which would be my preferred > > > > resolution), we need to document that weakness in the security > > > > considerations. > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > COMMENT: > > > > ---------------------------------------------------------------------- > > > > > > > > (side note) It seems slightly gratuitous to group the "base" (with > > > > SSID) packet formats by authenticated/unauthenticated and then by > > > > sender/reflector, when RFC 8762 groups by sender/reflector and then by > > > > authenticated/unauthenticated. But probably not worth churning the > > > > document at this point to address it... > > > > > > > GIM>> As you've said, it would make documents look consistent but if you > > > can accept the current way of presenting information, much appreciate your > > > understanding. > > > > To confirm: I can accept it (this is the non-blocking COMMENT section, > > after all ;) > > > > > > > > I support Erik Kline's discuss point about the L-bit error-case guidance > > > > (and note that Section 4.7 also seems to be saying to zero specific > > > > fields vs. the earlier guidance to echo the entire rest of the packet). > > > > > > > GIM>> I'm looking to hearing from Erik on the proposed resolution. Yes, the > > > text in Section 4.7 is ambiguous. Will s/set the L flag/set the L flag to > > > 1/ fix the issue? > > > > I don't think so. The question is not about what happens to the L bit, but > > rather what happens for the "rest of the packet" (which, I realized after > > balloting, is actually a bit unclear itself -- is "rest of the packet" just > > "bits later in the packet body" or does processing order come into play, > > e.g., processing the HMAC TLV first). > > > > > > > > > > Section 1 > > > > > > > > Simple Two-way Active Measurement Protocol (STAMP) [RFC8762] supports > > > > the use of optional extensions that use Type-Length-Value (TLV) > > > > encoding. Such extensions enhance the STAMP base functions, such as > > > > > > > > How about a "this document specifies" in there somewhere? TLVs are not > > > > mentioned in RFC 8762... > > > > > > > GIM>> Agree and thank you for the suggested text. Would the following be > > > acceptable: > > > OLD TEXT: > > > Simple Two-way Active Measurement Protocol (STAMP) [RFC8762] supports > > > the use of optional extensions that use Type-Length-Value (TLV) > > > encoding. > > > NEW TEXT: > > > Simple Two-way Active Measurement Protocol (STAMP) [RFC8762] defined > > > the STAMP base functionalities. This document specifies the use of > > > optional extensions that use Type-Length-Value (TLV) encoding. > > > > +1 > > > > > > > > > > Section 3 > > > > > > > > An implementation of the STAMP Session-Reflector that supports this > > > > specification SHOULD identify a STAMP Session using the SSID in > > > > combination with elements of the usual 4-tuple for the session. > > > > > > > > It's slightly surprising that this is only a SHOULD. > > > > > > > GIM>> Similar comment came from another IESG reviewer. The working version > > > of the draft states: > > > An implementation of the STAMP Session-Reflector that supports this > > > specification MUST identify a STAMP Session using the SSID in > > > combination with elements of the usual 4-tuple for the session. > > > > > > > > > > > > A STAMP Session-Reflector that does not support this specification > > > > will return the zeroed SSID field in the reflected STAMP test packet. > > > > The Session-Sender MAY stop the session if it receives a zeroed SSID > > > > field. An implementation of a Session-Sender MUST support control of > > > > its behavior in such a scenario. [...] > > > > > > > > This feels like it's somewhat misaligned, in that the MAY would indicate > > > > that the choice is at the implementation's discretion, but the MUST > > > > indicates that it's at the operator's discretion. > > > > > > > GIM>> Thank you for sharing your concern. Our intention was to require an > > > implementation to provide the control over the Session-Sender's behavior in > > > this situation and give an operator option to chose one. Would re-wording > > > s/The Session-Sender MAY stop/The Session-Sender MAY be configured by an > > > operator to stop/ make it clearer? > > > > That seems like an improvement, yes. I suspect that a more drastic > > rewording would yield further improvement, but am not coalescing on a > > particular suggestion right now. > > > > > > > > > > > > > > Should the TLVs field be included in Figures 3 and 4 (as it is in > > > > Figures 1 and 2)? > > > > > > > GIM>> Of course, Done. > > > > > > > > > > > Section 4 > > > > > > > > optional field in the STAMP test packet. Multiple TLVs MAY be placed > > > > in a STAMP test packet. A TLV MAY be enclosed in a TLV. TLVs have a > > > > > > > > Would it be appropriate to instead say something like "Additional TLVs > > > > may be enclosed within a given TLV, subject to the semantics of the > > > > (outer) TLV in question"? > > > > > > > GIM>> Thank you for the suggested text. Took it in. > > > > > > > > > > > The format of the STAMP TLV Flags displayed in Figure 6 and the > > > > location of flags is according to Section 5.2. > > > > > > > > (side note): it's often nice to give a short "mnemonic" expansion for > > > > the bit names, to help people remember what they do. E.g., 'U' could be > > > > "unimplemented" (or "unrecognized"), 'A' could be "authentic", etc. > > > > (assuming that the boolean sense of the interpretation makes sense, of > > > > course). ('L' confuses me a bit, as "length-error" is not quite a > > > > generic enough description to cover all flavors of malformed contents.) > > > > > > > GIM>> Thank you for the suggestion to re-name the L flag to M (Malformed). > > > I'll note that the A flag also renamed to I(Integrity). Would this manner > > > give the expanded name (in addition to the IANA section) help a reader: > > > o U (Unrecognized) - is a one-bit flag. ... > > > > > > o M (Malformed) is a one-bit flag. ... > > > > > > o I (Integrity) - a one-bit flag. ... > > > > Yes, putting the expanded name in parentheses would be a big help! > > > > > > > > > > o U - a one-bit flag. A Session-Sender MUST set the U flag to 0 > > > > before transmitting an extended STAMP test packet. A Session- > > > > Reflector MUST set the U flag to 1 if the Session-Reflector has > > > > not understood the TLV. > > > > > > > > This seems kind of problematic, in that the Session-Sender can only rely > > > > on this ("set to 1") behavior if it already knows as a precondition that > > > > the Session-Reflector supports this document. (IIUC, a pure RFC 8762 > > > > Session-Reflector would just blindly copy any part of the packet after > > > > the base format into the reflected packet, i.e., leave the bit set at > > > > zero.) Wouldn't it be more robust if the semantics were to set the bit > > > > to 1 if it actively was understood? (Yes, this would require a more > > > > complicated specification for recipient behavior when the U flag is set, > > > > since it would differ between Sender and Reflector, but that seems > > > > easier to control for than lack of robustness in the face of mixed > > > > deployment.) > > > > > > > GIM>> Thank you for the idea. As noted earlier, the U flag now required to > > > be set by a Session-Sender to 1. Rest of the operations with the U flag > > > remain the same: > > > o U (Unrecognized) - is a one-bit flag. A Session-Sender MUST set > > > the U flag to 1 before transmitting an extended STAMP test packet. > > > A Session-Reflector MUST set the U flag to 1 if the Session- > > > Reflector has not understood the TLV. Otherwise, the Session- > > > Reflector MUST set the U flag in the reflected packet to 0. > > > > Hmm, I'm not sure this really helps very much. Let me try to step back a > > little. A Session-Sender that implements this spec and is sending a given > > TLV could be talking to any of (1) a stock 8762 Session-Reflector, (2) a > > Session-Reflector that implements TLVs but not the one in question, or (3) > > a Session-Reflector that implements the TLV in question. If we assume that > > the Session-Sender knows (whether from out-of-band means, SSID inspection, > > or otherwise) that its Session-Reflector supports any TLVs at all (and that > > we're not likely to bother sending TLVs to a Session-Reflector that doesn't > > support them), then we only have to care about cases (2) and (3), and > > exactly how distinguish between them doesn't matter, because we assume that > > we fully control all the behavior. What I'm concerned about is the risk of > > a "false positive" -- that we think we know the Session-Reflector supports > > TLVs but it actually does not. With both this formulation and the previous > > one, in the case of such a "false positive" we detect that the we are in > > case (3), because the 8762 behavior is to reflect the whole packet, i.e., > > keep the U flag set to 1. It seems like it might be safer with respect to > > random errors if we detect this situation as case (2), since case (2) means > > that the peer does not support the functionality in question, which is the > > case for a base 8762 implementation. > > > > If the WG does not feel that this risk is worth considering (e.g., due to > > perceived infallibility of the control plane), then perhaps it doesn't > > matter, but applying a general approach to defining safe systems would have > > us detect case (1) as case (2) and treat the peer as not supporting (any) > > TLVs. > > > > > > > > > > > > > Section 4.1 > > > > > > > > o Extra Padding - a pseudo-random sequence of bits. The field MAY > > > > be filled with all zeros. > > > > > > > > "All zeros" is not a "pseudo-random sequence of bits". I suggest > > > > "typically, a pseudo-random sequence of bits" instead. > > > > > > > GIM>> We've received a comment from another reviewer and the edited text > > > now reads as: > > > o Extra Padding - SHOULD be filled by a sequence of a pseudo-random > > > numbers. The field MAY be filled with all zeros. An > > > implementation MUST control the type of filling of the Extra > > > Padding field. > > > Had the change made the text clearer? > > > > Yes, thanks. > > > > > > > > > > Section 4.2 > > > > > > > > STAMP Session-Senders MAY include the Location TLV to request > > > > information from the Session-Reflector. The Session-Sender SHOULD > > > > NOT fill any information fields except for STAMP TLV Flags, Type, and > > > > Length. [...] > > > > > > > > Just to check: "NOT fill any information" means "set all bits to zero", > > > > right? > > > > > > > GIM>> Correct. Would you suggest to explicitly require zeroing all other > > > fields? > > > > From a general point of view, it's better to explicitly say what to fill > > the fields with, since in some implementation languages not doing anything > > means sending the contents of uninitialized memory, which is treated as a > > security vulnerability. > > > > > > > > > > Also, to check: this "to request information" implies that this is > > > > "optional control information" that, per my Discuss point, "MUST NOT be > > > > acted on unless authenticated"? So, we would want to (in addition to my > > > > previous point) say that the fields would be set to all zeros in the > > > > reflected packet if the initial packet was unauthenticated. > > > > > > > GIM>> Would changing the text to "to query information" remove the > > > "optional control information" interpretation? Will add text that > > > > That helps, yes. > > > > > unreported fields in the reflected packet MUST be set to all zeroes. > > > In the DISCUSS thread, two options for more secure use of the Location TLV > > > - authentication and local policies. Following new text is for the latter: > > > The Session-Reflector that received an extended STAMP packet with the > > > Location TLV MUST include the Location TLV in the reflected packet. > > > Based on the local policy, the Session-Reflector MAY some fields > > > unreported by filling them with zeroes. An implementation of the > > > stateful Session-Reflector MUST provide control for managing such > > > policies. > > > > In combination with the above, this sounds good -- thanks! > > > > > > > > > > packet. If the Length field's value is invalid, the Session- > > > > Reflector MUST zero all fields and MUST NOT return any information to > > > > the Session-Sender. The Session-Reflector MUST ignore all other > > > > fields of the received Location TLV. > > > > > > > > nit(?): Grammatically, framing these requirements as standalone > > > > sentences seems to imply that they are independent requirements that > > > > apply separately. That, in turn, would say that the Session-Reflector > > > > MUST ignore everything but the Length, always, which is of course absurd > > > > ... but it might be worth clarifying that this requirement is also > > > > conditional on an invalid Length field. > > > > > > > GIM>> Following on the comment from another IESG reviewer this text was > > > modified and now reads as: > > > The Session-Reflector MUST validate the Length value against > > > the address family of the transport encapsulating the STAMP test > > > packet. If the Length field's value is invalid, the Session- > > > Reflector follows the procedure defined in Section 4 for a malformed > > > TLV. > > > Would you agree with this update? > > > > Yes. > > > > > > > > > > o Source MAC - 6-octet-long field. The Session-Reflector MUST copy > > > > the Source MAC of the received STAMP packet into this field. > > > > > > > > (nit) In my mind, a bare "MAC" here evaluates to Message Authentication > > > > Code, i.e., the authorization HMAC, which is of course 16 octets, not 6. > > > > So I suggest including the word "Address" to disambiguate. > > > > > > > GIM>> Done. > > > > > > > > > > > o Destination IP Address - IPv4 or IPv6 destination address of the > > > > packet received by the STAMP Session-Reflector. > > > > [...] > > > > > > > > (side note): I note that at least in 2008, there were deployed NATs that > > > > rewrote binary payloads containing the NAT's public IP address, > > > > necessitating the creation of the XOR-MAPPED-ADDRESS attribute to > > > > successfully convey the un-NAT-mangled address to the peer > > > > (https://tools.ietf.org/html/rfc5389#section-15.2). Depending on how > > > > reliable the address information (source or destination) needs to be for > > > > STAMP, this may be a relevant consideration. > > > > > > > GIM>> Thank you for the reference. Will discuss this among the authors. > > > > > > > > > > > ports will indicate if there is a NAT router on the path. It allows > > > > the Session-Sender to identify the IP address of the Session- > > > > Reflector behind the NAT, and detect changes in the NAT mapping that > > > > could cause sending the STAMP packets to the wrong Session-Reflector. > > > > > > > > How does this allow the Session-Sender to detect changes in the NAT > > > > mapping that would cause this? > > > > > > GIM>> My understanding of the operational case is that the Location TLV is > > > sparsely included in a test packet. The change in Source IP Address, Source > > > UDP port values would be the indication of changed mapping. > > > > > > > > > > Wouldn't a change in the NAT mapping > > > > that sends packets to the wrong Session-Reflector result in a failure to > > > > look up the session on the Reflector and a lack of any reflected packets > > > > coming back to the Session-Sender? > > > > > > > GIM>> That probably depends on how the "wrong" Session-Reflector is > > > configured. I think that there are legitimate scenarios when such > > > Session-Reflector sends the reflected test packet to the Session-Sender. > > > > Hmm, okay. Thanks for clarifying. > > > > > > > > > > Section 4.3 > > > > > > > > Is just the granularity of "NTP" or "PTP" as time synchronization > > > > information sufficient to be useful? Is the assumption that one would > > > > then go and query, via a different mechanism, (e.g.) what stratum of NTP > > > > source is used, etc.? > > > > > > > GIM>> The quality of the clock synchronization is only one element when > > > considering the accuracy of the collected timestamp. The method of > > > obtaining the timestamp might have a larger impact on accuracy than the > > > quality of the clock synchronization. I think that if the TLV is defined as > > > variable-length, it will allow extend it in the future, if need to be. > > > > That's true (and I see you're adding the sub-TLVs in the editor's copy). > > > > > > > > > > The STAMP Session-Sender MAY include the Timestamp Information TLV to > > > > request information from the Session-Reflector. The Session-Sender > > > > > > > > [ditto re "optional control information" and authentication] > > > > > > > GIM>> Would using "query for information" remove the stigma of "control > > > information"? AFAIK, all the variants of the Echo query do that - query for > > > information. > > > > I don't think I'm allowed to complain if all traffic ends up getting > > authenticated due to us saying that echo requests are control commands :) > > But yes, "query for information" would help some. > > > > > > > > SHOULD NOT fill any information fields except for STAMP TLV Flags, > > > > Type, and Length. The Session-Reflector MUST validate the Length > > > > > > > > [ditto re "NOT fill in"] > > > > > > > GIM>> Added, "all other fields MUST be filled with zeroes". > > > > > > > > > > > value of the TLV. If the value of the Length field is invalid, the > > > > > > > > I know that we expect the Session-Reflector to have relatively little > > > > logic, but the Session-Sender should probably still behave defensively > > > > and also do this kind of validation (not just here; throughout the > > > > document) in case it receives attacker-supplied input. > > > > > > > GIM>> This text was updated as the result of responding to other comments. > > > The working version of the text as follows: > > > If the value of the Length field is invalid, the > > > Session-Reflector follows the procedure defined in Section 4 for a > > > malformed TLV. > > > Is the updated text acceptable? > > > > This still seems to only talk about the Session-Reflector. I want the > > Session-Sender to also be checking for malformed packets. > > > > > > > > > > > > > Section 4.4 > > > > > > > > Could we get some more guidance on how the Session-Sender should set all > > > > these fields, specifically the DSCP2 that is "the received value in the > > > > DSCP field at the Session-Reflector in the forward direction", that in > > > > general the sender cannot know at the time it constructs the packet? > > > > > > > GIM>> The motivation for this TLV came from the field experience with > > > multi-service backhauling. I imagine that one sequence of DSCP2 values can > > > be used in the Service activation testing and a somewhat different sequence > > > would be used in the production network. We don't have any general > > > recommendations to design the sequence or select the particular value. As > > > too often "It depends". > > > > I was just looking for "set the fields to zero that will be filled in but > > not interpreted by the Session-Reflector, e.g., DSCP2. > > > > > > > > > > drops for lower service packets are at a normal level. Using a CoS > > > > TLV in STAMP testing helps to troubleshoot the existing problem and > > > > also verify whether DiffServ policies are processing CoS as required > > > > by the configuration. > > > > > > > > It's not immediately obvious to me how we get from "using a CoS TLV in > > > > STAMP" to "verify whether DiffServ policies are processing CoS as > > > > required by the configuration", though I'm willing to believe it's the > > > > case. > > > > > > > GIM>> This TLV extends the functionality defined in RFC 7750 > > > <https://datatracker.ietf.org/doc/rfc7750/>. To the best of my > > > understanding, there's at least one independent implementation of that RFC. > > > > > > > > > > > Section 4.5 > > > > > > > > While I can perhaps accept that the specifics of "in-profile" are going > > > > to be site-specific, I would greatly appreciate some greater clarity on > > > > what type of thing it's supposed to be doing and at what scope (in time > > > > and, e.g., STAMP session) it is going to be defined/configured. > > > > > > > GIM>> In response to another comment the working version now equates > > > "in-profile packets" to a distinctive data flow: > > > The Direct Measurement TLV enables collection of the number of in- > > > profile packets, i.e., packets that form a specific data flow, that > > > had been transmitted and received by the Session-Sender and Session- > > > Reflector, respectively. > > > Would the updated text be acceptable? > > > > Yes, thanks. > > > > > > > > test packet. The Session-Sender MUST zero the R_RxC and R_TxC fields > > > > before the transmission of the STAMP test packet. If the received > > > > > > > > (This is redundant with the per-field definitions.) > > > > > > > GIM>> Thank you for catching this. Removed the sentence. > > > > > > > > > > > Section 4.6 > > > > > > > > o ID (Access ID) - four-bit-long field that identifies the access > > > > network, e.g., 3GPP (Radio Access Technologies specified by 3GPP) > > > > or Non-3GPP (accesses that are not specified by 3GPP) [TS23501]. > > > > > > > > Does the [TS23501] reference really apply to the "Non-3GPP" case > > > > (whether or not in addition to the 3GPP case)? > > > > > > > GIM>> Yes, it does refer to all access networks other than defined in 3GPP, > > > e.g., WiFi, fixed broadband, as Non-3GPP. > > > > > > > > > > > The value is one of those listed below: > > > > > > > > * 1 - 3GPP Network > > > > > > > > * 2 - Non-3GPP Network > > > > > > > > All other values are invalid and the TLV that contains it MUST be > > > > discarded. > > > > > > > > So there's no interest in future expansion here or need for a registry? > > > > > > > GIM>> This TLV follows the current Rev.16 specification of the PMF. 3GPP > > > might change, add values in the future. In the earlier version, that was > > > another sub-registry. But due to too few values defined and uncertainty of > > > the real need for new values, decided not to use IANA. > > > > > > > > > > > three seconds. An implementation MUST provide control of the > > > > retransmission timer value and the number of retransmissions. > > > > > > > > Is the retransmission timer defined to have a fixed value (i.e., no > > > > back-off)? > > > > > > > GIM>> The text follows TS23501 that defined the PMF. > > > > > > > > > > > Is the retransmission a blind retransmission, i.e., using the original > > > > Return Code even if local conditions have changed? > > > > > > > GIM>> Excellent question, thank you! Will get back. > > > > > > > > > > > Section 4.7 > > > > > > > > in the reflected packet. If the Session-Reflector is in stateless > > > > mode (defined in Section 4.2 [RFC8762]), it MUST zero the Sequence > > > > > > > > Looks like this definition is just in the toplevel Section 4 of RFC 8762. > > > > > > > GIM>> I think that the field's naming identical to the field in the base > > > STAMP packet may be the source of some confusion. Would naming the field > > > > Perhaps, but I'm just searching for the word "stateless" in RFC 8762 and > > finding it in (toplevel) Section 4 and not again until 4.3.1. So if the > > intent is to refer to the definition of "stateless mode", it seems pretty > > clear that Section 4.2 is not the right reference. If the intent is to > > refer to something else (actually in Section 4.2 of RFC8762), then I have > > no idea what that something else is. > > > > > Previous Sequence Number make it clearer while being consistent with the > > > definition: > > > > This renaming is probably worth doing, regardless of the above. > > > > > o Sequence Number - four-octet-long field indicating the sequence > > > number of the last packet reflected in the same STAMP-test > > > session. Since the Session-Reflector runs in the stateful mode > > > (defined in Section 4.2 [RFC8762]), it is the Session-Reflector's > > > Sequence Number of the previous reflected packet. > > > > > > > > > > > o Follow-up Timestamp - eight-octet-long field, with the format > > > > indicated by the Z flag of the Error Estimate field of the packet > > > > transmitted by a Session-Reflector, as described in Section 4.1 > > > > [RFC8762]. It carries the timestamp when the reflected packet > > > > with the specified sequence number was sent. > > > > > > > > We should probably be extremely clear on whether this is the Z flag of > > > > the current/containing packet or the one indicated by the Sequence > > > > Number field. > > > > > > > GIM>> It seems very unlikely that a STAMP node will change timestamp > > > encoding in the course of the test session. I agree that clarification > > > would be helpful: > > > o Follow-up Timestamp - eight-octet-long field, with the format > > > indicated by the Z flag of the Error Estimate field of the STAMP > > > base packet, which is contained in this reflected test packet > > > transmitted by a Session-Reflector, as described in Section 4.2.1 > > > [RFC8762]. It carries the timestamp when the reflected packet > > > with the specified sequence number was sent. > > > > > > > > > > > Section 4.8 > > > > > > > > (I'm happy to see the discussion with Roman about the key-management and > > > > algorithm-agility questions, noting that we have BCPs 107 and 201 to > > > > give guidance for those cases, respectively.) > > > > > > > > The STAMP authenticated mode protects the integrity of data collected > > > > in the STAMP base packet. STAMP extensions are designed to provide > > > > valuable information about the condition of a network, and protecting > > > > the integrity of that data is also essential. The keyed Hashed > > > > Message Authentication Code (HMAC) TLV MUST be included in a STAMP > > > > test packet in the authenticated mode, excluding when the only TLV > > > > present is Extra Padding TLV. The HMAC TLV MUST follow all TLVs > > > > > > > > (editorial?) I think I can convince myself to read this with two different > > > > causalities -- either the HMAC TLV is only allowed to appear in > > > > authenticated-mode packets (but can also appear in unauthenticated-mode > > > > packets where the only other TLV is the Extra Padding TLV); or in the > > > > case when you are sending [this-document] packets in authenticated mode, > > > > you MUST also have an HMAC TLV, unless you're sending unauthenticated > > > > extended packets where the only TLV present is the Extra Padding TLV. > > > > The first interpretation doesn't really make much sense, and the second > > > > one is pretty consistent with the follow-up note about "HMAC TLV MAY be > > > > used [...] in unauthenticated mode". But I would still suggest > > > > rewording for clarity, perhpas "all authenticated STAMP packets > > > > compatible with this specification MUST additionally authenticate the > > > > option TLVs by including the HMAC TLV, with the sole exception of when > > > > there is only one TLV present and it is the Extended Padding TLV". > > > > > > > GIM>> Many thanks for this detailed analysis and the most helpful text. > > > Indeed, the goal was and is that HMAC TLV MUST be used in the authenticated > > > STAMP mode. I've used your text to have the following update: > > > OLD TEXT: > > > The keyed Hashed > > > Message Authentication Code (HMAC) TLV MUST be included in a STAMP > > > test packet in the authenticated mode, excluding the case where the > > > only TLV present is the Extra Padding TLV. > > > NEW TEXT: > > > All authenticated > > > STAMP base packets (per Section 4.2.2 and Section 4.3.2 [RFC8762]) > > > compatible with this specification MUST additionally authenticate the > > > option TLVs by including the keyed Hashed Message Authentication Code > > > (HMAC) TLV, with the sole exception of when there is only one TLV > > > present, and it is the Extended Padding TLV. > > > > Thanks! > > > > > > > > > > fully applicable to the use of the HMAC TLV. HMAC is calculated as > > > > defined in [RFC2104] over text as the concatenation of all preceding > > > > TLVs. [...] > > > > > > > > As the secdir reviewer noted, this makes the options severable from the > > > > base packet (and separately replayable, the "mix and match" nature). > > > > >From a cryptographic point of view it's much preferred to include at > > > > least some of the base packet (ideally all, though that of course makes > > > > precise egress timestamping hard) as HMAC input, to bind the two > > > > together. Even including just the sequence number(s) would be a big > > > > win. > > > > > > > GIM>> Thank you for the detailed explanation of the issue. Would the > > > updated procedure described below be acceptable: > > > HMAC is calculated as > > > defined in [RFC2104] over text as the concatenation of the Sequence > > > Number field of the base STAMP packet and all preceding TLVs. > > > > That would be acceptable, yes; thank you. > > > > > > > > > > packet. The Session-Reflector MUST copy the remainder of the > > > > extended STAMP test packet into the reflected packet. The Session- > > > > Reflector MUST set the A flag in the copy of the HMAC TLV in the > > > > reflected packet to 1 before transmitting the reflected test packet. > > > > > > > > This phrasing is a bit weird -- is "the remainder" of the packet all the > > > > other TLVs, or just the stuff after the HMAC TLV? We're supposed to > > > > process HMAC first, after all, but that's only partially clear from the > > > > rest of the section/document... > > > > > > > GIM>> Thank you for pointing to this. Indeed, none of TLVs are in the > > > reflected packet when HMAC verification fails. > > > Does re-wording make it right: > > > The Session- > > > Reflector MUST copy the TLVs from the received STAMP test packet into > > > the reflected packet. > > > > (IIRC the question of whether or not to set the 'A' flag in all of them is > > under discussion elsewhere. The main change here is fine, though.) > > > > > > > > > > Section 5.1 > > > > > > > > This document defines the following new values in the STAMP Extension > > > > TLV range of the STAMP TLV Type registry: > > > > > > > > This appears to be the only instance of "STAMP Extension TLV range" in > > > > the document; is this perhaps meant to refer to the "IETF Review" or > > > > 1-175 range? > > > > > > > GIM>> Thank you for pointing this out. Will use the "IETF Review". > > > > > > > > > > > Section 5.4 > > > > > > > > Do we feel a need to provide any kind of definition for "HW Assist", "SW > > > > local", and/or "Control plane"? > > > > > > > GIM>> That is the best classification that could produce. Strictly > > > speaking, even SW local does use HW assist to obtain the time stamp. Would > > > much appreciate your suggestions on how to make it clearer, a bit more > > > formal. > > > > I'm not coming up with anything that I'm happy with, sorry. > > > > > > > > > > Section 6 > > > > > > > > This would be a fine place to reiterate that both Sender and Reflector > > > > should have parsers written defensively to protect against malformed > > > > (i.e., bad TLV length) input); as I noted previously, the current text > > > > really only suggests that the reflector should do so, but the sender is > > > > not immune. > > > > > > > GIM>> Propose a new text in the Security Considerations section: > > > To protect against a malformed TLV an implementation of a Session- > > > Sender and Session-Reflector MUST: > > > o check the setting of the M flag; > > > o validate the Length field value. > > > > Thanks! > > > > > > > > > > If we leave the U-flag semantics unchanged, we also need to document the > > > > potential ambiguity between a reflector that blindly reflects the whole > > > > message and one that actually understands all the received TLVs. > > > > > > > GIM>> As mentioned above, the initial setting of the U flag by a > > > Session-Sender now is to 1. > > > > > > > > > > > There's also some interesting considerations about the state of the 'A' > > > > bit not itself being covered by the response's HMAC TLV (if it is only > > > > set in the HMAC TLV vs. all TLVs). I would strongly recommend having > > > > Section 4.8 require that the A flag be set in *all* TLVs if > > > > authentication fails, so that this information is covered by the > > > > response's HMAC TLV. (In the degenerate case of only an HMAC TLV it's > > > > still unprotected, but the HMAC itself is over the empty message in that > > > > case so it's not terribly interesting to mess with.) Also, the > > > > definition of the A flag in Section 4 could probably be tightened up, > > > > whichever way we land on this point -- right now it suggests that it > > > > might be set on more than just the HMAC TLV but is not very clear. > > > > (Interestingly, later on in Section 4 we do seem to say that you have to > > > > *check* the A flag in every TLV.) > > > > > > > GIM>> After re-reading the definition of the I flag (former A flag) I see > > > that it can be interpreted as being set in all TLVs when HMAC verification > > > fails. I've updated the text in Section 4.8 to make the processing of the > > > failed verification consistent with the definition: > > > If the HMAC TLV is present in the extended STAMP test packet, > > > e.g., in the authenticated mode, HMAC MUST be verified before using > > > any data in the included STAMP TLVs. If HMAC verification by the > > > Session-Reflector fails, then the Session-Reflector MUST stop > > > processing the received extended STAMP test packet. The Session- > > > Reflector MUST copy the TLVs from the received STAMP test packet into > > > the reflected packet. The Session-Reflector MUST set the I flag in > > > each TLV copied over into the reflected packet to 1 before > > > transmitting the reflected test packet. If the Session-Sender > > > receives the extended STAMP test packet with I flag set to 1, then > > > > Maybe "set to 1 in any TLV"? There could be more than on I flag, in > > general, I think. > > > > > the Session-Sender MUST stop processing TLVs in the reflected test > > > packet. If HMAC verification by the Session-Sender fails, then the > > > Session-Sender MUST stop processing TLVs in the reflected extended > > > STAMP packet. > > > > > > Does it work now? > > > > I think so, yes. > > > > > > > > > > > > > We might also consider referencing RFC 2474 for the DSCP security > > > > considerations. > > > > > > > GIM>> I propose a short new paragraph appended to the security section: > > > Monitoring and optional control of DSCP does not appear to introduce > > > any additional security threat to hosts that communicate with STAMP > > > as defined in [RFC8762]. As this specification defined the mechanism > > > to test DSCP mapping, this document inherits all the security > > > considerations discussed in [RFC2474]. > > > And RFC 2474 listed as Normative reference. What do you think? > > > > It has a good overall structure, but I'm not entirely sure that it's > > correct. Specifically, adding "optional control of DSCP" might actually be > > a new thing here -- as far as I know, RFC 2474 envisioned it being set > > solely as a local policy (albeit perhaps informed by the inbound value with > > intent to provide continuity of packet policy). The semantics of the -07 > > require setting the supplied DSCP value without any sanity-checking, which > > could cause network instability in certain cases (e.g., with a low-ish > > capacity network and a DSCP value that strongly deprioritizes other > > traffic). > > > > > > > > > > Section 9.1 > > > > > > > > It's not entirely clear that RFC 5357 needs to be normative; we say we > > > > can be compatible with lite-mode and that the extended padding is > > > > similar, but those are just facts and you don't need to know anything > > > > from 5357 to implement this document. > > > > > > > GIM>> I agree with your reasoning. Moved it to the Informational list. > > > > > > > > > > > Similarly, I'm not sure why [TS23501] is listed as normative. > > > > > > > GIM>> The Access Report TLV is based on 3GPP specification of the PMF. On > > > the other hand, the document provides all the necessary information from > > > that spec. I've moved to the Informational list in the working version. > > > > > > > > > > > Section 9.2 > > > > > > > > On the other hand, you do actually need to read RFC 2104 to implement > > > > the HMAC TLV, which makes it a normative reference (similarly for 4868)! > > > > > > > GIM>> Thank you. Moved it up. > > > > Thanks for these and all the updates! > > > > [trimmed the diff, but I read through it and have no further comments since > > you gave the discliamer that Location TLV is still WIP] > > > > -Ben > > > > > > > Network Working Group G. Mirsky > Internet-Draft X. Min > Updates: 8762 (if approved) ZTE Corp. > Intended status: Standards Track H. Nydell > Expires: January 22, 2021 Accedian Networks > R. Foote > Nokia > A. Masputra > Apple Inc. > E. Ruffini > OutSys > July 21, 2020 > > > Simple Two-way Active Measurement Protocol Optional Extensions > draft-ietf-ippm-stamp-option-tlv-08 > > Abstract > > This document describes optional extensions to Simple Two-way Active > Measurement Protocol (STAMP) that enable measurement of performance > metrics. The document also defines a STAMP Test Session Identifier > and thus updates RFC 8762. > > Status of This Memo > > This Internet-Draft is submitted in full conformance with the > provisions of BCP 78 and BCP 79. > > Internet-Drafts are working documents of the Internet Engineering > Task Force (IETF). Note that other groups may also distribute > working documents as Internet-Drafts. The list of current Internet- > Drafts is at https://datatracker.ietf.org/drafts/current/. > > Internet-Drafts are draft documents valid for a maximum of six months > and may be updated, replaced, or obsoleted by other documents at any > time. It is inappropriate to use Internet-Drafts as reference > material or to cite them other than as "work in progress." > > This Internet-Draft will expire on January 22, 2021. > > Copyright Notice > > Copyright (c) 2020 IETF Trust and the persons identified as the > document authors. All rights reserved. > > This document is subject to BCP 78 and the IETF Trust's Legal > Provisions Relating to IETF Documents > > > > Mirsky, et al. Expires January 22, 2021 [Page 1] > > Internet-Draft STAMP Extensions July 2020 > > > (https://trustee.ietf.org/license-info) in effect on the date of > publication of this document. Please review these documents > carefully, as they describe your rights and restrictions with respect > to this document. Code Components extracted from this document must > include Simplified BSD License text as described in Section 4.e of > the Trust Legal Provisions and are provided without warranty as > described in the Simplified BSD License. > > Table of Contents > > 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 > 2. Conventions Used in This Document . . . . . . . . . . . . . . 3 > 2.1. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . 3 > 2.2. Requirements Language . . . . . . . . . . . . . . . . . . 3 > 3. STAMP Test Session Identifier . . . . . . . . . . . . . . . . 4 > 4. TLV Extensions to STAMP . . . . . . . . . . . . . . . . . . . 8 > 4.1. Extra Padding TLV . . . . . . . . . . . . . . . . . . . . 11 > 4.2. Location TLV . . . . . . . . . . . . . . . . . . . . . . 12 > 4.2.1. Location Sub-TLVs . . . . . . . . . . . . . . . . . . 12 > 4.2.2. Theory of Operation of Location TLV . . . . . . . . . 14 > 4.3. Timestamp Information TLV . . . . . . . . . . . . . . . . 16 > 4.4. Class of Service TLV . . . . . . . . . . . . . . . . . . 17 > 4.5. Direct Measurement TLV . . . . . . . . . . . . . . . . . 18 > 4.6. Access Report TLV . . . . . . . . . . . . . . . . . . . . 19 > 4.7. Follow-up Telemetry TLV . . . . . . . . . . . . . . . . . 21 > 4.8. HMAC TLV . . . . . . . . . . . . . . . . . . . . . . . . 23 > 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24 > 5.1. STAMP TLV Registry . . . . . . . . . . . . . . . . . . . 24 > 5.2. STAMP TLV Flags Sub-registry . . . . . . . . . . . . . . 25 > 5.3. Sub-TLV Type Sub-registry . . . . . . . . . . . . . . . . 25 > 5.4. Synchronization Source Sub-registry . . . . . . . . . . . 26 > 5.5. Timestamping Method Sub-registry . . . . . . . . . . . . 27 > 5.6. Return Code Sub-registry . . . . . . . . . . . . . . . . 28 > 6. Security Considerations . . . . . . . . . . . . . . . . . . . 29 > 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 29 > 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 29 > 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 30 > 9.1. Normative References . . . . . . . . . . . . . . . . . . 30 > 9.2. Informative References . . . . . . . . . . . . . . . . . 30 > Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31 > > 1. Introduction > > Simple Two-way Active Measurement Protocol (STAMP) [RFC8762] defined > the STAMP base functionalities. This document specifies the use of > optional extensions that use Type-Length-Value (TLV) encoding. Such > extensions enhance the STAMP base functions, such as measurement of > one-way and round-trip delay, latency, packet loss, packet > > > > Mirsky, et al. Expires January 22, 2021 [Page 2] > > Internet-Draft STAMP Extensions July 2020 > > > duplication, and out-of-order delivery of test packets. This > specification defines optional STAMP extensions, their formats, and > the theory of operation. Also, a STAMP Test Session Identifier is > defined as an update of the base STAMP specification [RFC8762]. > > 2. Conventions Used in This Document > > 2.1. Acronyms > > BDS BeiDou Navigation Satellite System > > BITS Building Integrated Timing Supply > > CoS Class of Service > > DSCP Differentiated Services Code Point > > ECN Explicit Congestion Notification > > GLONASS Global Orbiting Navigation Satellite System > > GPS Global Positioning System [GPS] > > HMAC Hashed Message Authentication Code > > LORAN-C Long Range Navigation System Version C > > MBZ Must Be Zero > > NTP Network Time Protocol [RFC5905] > > PMF Performance Measurement Function > > PTP Precision Time Protocol [IEEE.1588.2008] > > TLV Type-Length-Value > > SSID STAMP Session Identifier > > SSU Synchronization Supply Unit > > STAMP Simple Two-way Active Measurement Protocol > > 2.2. Requirements Language > > The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", > "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and > "OPTIONAL" in this document are to be interpreted as described in BCP > > > > Mirsky, et al. Expires January 22, 2021 [Page 3] > > Internet-Draft STAMP Extensions July 2020 > > > 14 [RFC2119] [RFC8174] when, and only when, they appear in all > capitals, as shown here. > > 3. STAMP Test Session Identifier > > The STAMP Session-Sender transmits test packets to the STAMP Session- > Reflector. The STAMP Session-Reflector receives the Session-Sender's > packet and acts according to the configuration and optional control > information communicated in the Session-Sender's test packet. STAMP > defines two different test packet formats, one for packets > transmitted by the STAMP Session-Sender and one for packets > transmitted by the STAMP Session-Reflector. STAMP supports two > modes: unauthenticated and authenticated. Unauthenticated STAMP test > packets are compatible on the wire with unauthenticated TWAMP-Test > [RFC5357] packets. > > By default, STAMP uses symmetrical packets, i.e., the size of the > packet transmitted by the Session-Reflector equals the size of the > packet received by the Session-Reflector. > > A STAMP Session is identified by the 4-tuple (source and destination > IP addresses, source and destination UDP port numbers). A STAMP > Session-Sender MAY generate a locally unique STAMP Session Identifier > (SSID). The SSID is a two-octet-long non-zero unsigned integer. > SSID generation policy is implementation-specific. > [I-D.gont-numeric-ids-generation] thoroughly analyzes common > algorithms for identifier generation and their vulnerabilities. For > example, an implementation can use algorithms described in > Section 7.1 of [I-D.gont-numeric-ids-generation]. An implementation > MUST NOT assign the same identifier to different STAMP test sessions. > A Session-Sender MAY use the SSID to identify a STAMP test session. > If the SSID is used, it MUST be present in each test packet of the > given test session. In the unauthenticated mode, the SSID is located > as displayed in Figure 1. > > > > > > > > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 4] > > Internet-Draft STAMP Extensions July 2020 > > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Error Estimate | SSID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | > | | > | MBZ (28 octets) | > | | > | | > | | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 1: The format of an extended STAMP Session-Sender test packet > in unauthenticated mode > > An implementation of the STAMP Session-Reflector that supports this > specification MUST identify a STAMP Session using the SSID in > combination with elements of the usual 4-tuple for the session. > Before a test session commences, a Session-Reflector MUST be > provisioned with all the elements that identify the STAMP Session. A > STAMP Session-Reflector MUST discard non-matching STAMP test > packet(s). The means of provisioning the STAMP Session > identification is outside the scope of this specification. A > conforming implementation of STAMP Session-Reflector MUST copy the > SSID value from the received test packet and put it into the > reflected packet, as displayed in Figure 2. > > > > > > > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 5] > > Internet-Draft STAMP Extensions July 2020 > > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Error Estimate | SSID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Receive Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Error Estimate | MBZ | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |Ses-Sender TTL | MBZ | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 2: The format of an extended STAMP Session-Reflector test > packet in unauthenticated mode > > A STAMP Session-Reflector that does not support this specification > will return the zeroed SSID field in the reflected STAMP test packet. > The Session-Sender MAY stop the session if it receives a zeroed SSID > field. An implementation of a Session-Sender MUST support control of > its behavior in such a scenario. If the test session is not stopped, > the Session-Sender, can, for example, send a base STAMP packet > [RFC8762] or continue transmitting STAMP test packets with the SSID. > > Location of the SSID field in the authenticated mode is shown in > Figure 3 and Figure 4. > > > > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 6] > > Internet-Draft STAMP Extensions July 2020 > > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | > | MBZ (12 octets) | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Error Estimate | SSID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ ~ > | MBZ (68 octets) | > ~ ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | > | HMAC (16 octets) | > | | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 3: Base STAMP Session-Sender test packet format in > authenticated mode > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | MBZ (12 octets) | > | | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Error Estimate | SSID | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | MBZ (4 octets) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Receive Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > > > Mirsky, et al. Expires January 22, 2021 [Page 7] > > Internet-Draft STAMP Extensions July 2020 > > > | MBZ (8 octets) | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | MBZ (12 octets) | > | | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Error Estimate | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + > | MBZ (6 octets) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |Ses-Sender TTL | | > +-+-+-+-+-+-+-+-+ + > | | > | MBZ (15 octets) | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | HMAC (16 octets) | > | | > | | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > > Figure 4: Base STAMP Session-Reflector test packet format in > authenticated mode > > 4. TLV Extensions to STAMP > > The Type-Length-Value (TLV) encoding scheme provides a flexible > extension mechanism for optional informational elements. TLV is an > optional field in the STAMP test packet. Multiple TLVs MAY be placed > in a STAMP test packet. Additional TLVs may be enclosed within a > given TLV, subject to the semantics of the (outer) TLV in question. > TLVs have a one-octet-long STAMP TLV Flags field, a one-octet-long > Type field, and a two-octet-long Length field that is equal to the > length of the Value field in octets. If a Type value for TLV or sub- > TLV is in the range for Vendor Private Use, the Length MUST be at > least 4, and the first four octets MUST be that vendor's Structure of > Management Information (SMI) Private Enterprise Code, as recorded in > IANA's SMI Private Enterprise Codes sub-registry, in network octet > > > > Mirsky, et al. Expires January 22, 2021 [Page 8] > > Internet-Draft STAMP Extensions July 2020 > > > order. The rest of the Value field is private to the vendor. The > following sections describe the use of TLVs for STAMP that extend the > STAMP capability beyond its base specification. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ Value ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 5: TLV Format in a STAMP Extended Packet > > where fields are defined as the following: > > o STAMP TLV Flags - eight-bit-long field. Detailed format and > interpretation of flags defined in this specification is below. > > o Type - one-octet-long field that characterizes the interpretation > of the Value field. It is allocated by IANA, as specified in > Section 5.1. > > o Length - two-octet-long field equal to the length of the Value > field in octets. > > o Value - a variable-length field. Its interpretation and encoding > is determined by the value of the Type field. > > All multibyte fields in the defined in this specification TLVs are in > network byte order. > > The format of the STAMP TLV Flags displayed in Figure 6 and the > location of flags is according to Section 5.2. > > 0 1 2 3 4 5 6 7 > +-+-+-+-+-+-+-+-+ > |U|M|I|R|R|R|R|R| > +-+-+-+-+-+-+-+-+ > > Figure 6: STAMP TLV Flags Format > > where fields are defined as the following: > > o U (Unrecognized) is a one-bit flag. A Session-Sender MUST set the > U flag to 1 before transmitting an extended STAMP test packet. A > Session-Reflector MUST set the U flag to 1 if the Session- > > > > > Mirsky, et al. Expires January 22, 2021 [Page 9] > > Internet-Draft STAMP Extensions July 2020 > > > Reflector has not understood the TLV. Otherwise, the Session- > Reflector MUST set the U flag in the reflected packet to 0. > > o M (Malformed) is a one-bit flag. A Session-Sender MUST set the M > flag to 0 before transmitting an extended STAMP test packet. A > Session-Reflector MUST set the M flag to 1 if the Session- > Reflector determined the TLV is malformed, i.e., the Length field > value is not valid for the particular type, or the remaining > length of the extended STAMP packet is less than the size of the > TLV. Otherwise, the Session-Reflector MUST set the M flag in the > reflected packet to 0. > > o I (Integrity) is a one-bit flag. A Session-Sender MUST set the I > flag to 0 before transmitting an extended STAMP test packet. A > Session-Reflector MUST set the I flag to 1 if the STAMP extensions > have failed HMAC verification (Section 4.8). Otherwise, the > Session-Reflector MUST set the I flag in the reflected packet to > 0. > > o R - reserved flags for future use. These flags MUST be zeroed on > transmit and ignored on receipt. > > A STAMP node, whether Session-Sender or Session-Reflector, receiving > a test packet MUST determine whether the packet is a base STAMP > packet or includes one or more TLVs. The node MUST compare the value > in the Length field of the UDP header and the length of the base > STAMP test packet in the mode, unauthenticated or authenticated based > on the configuration of the particular STAMP test session. If the > difference between the two values is larger than the length of the > UDP header, then the test packet includes one or more STAMP TLVs that > immediately follow the base STAMP test packet. A Session-Reflector > that does not support STAMP extensions will not process but copy them > into the reflected packet, as defined in Section 4.3 [RFC8762]. The > Session-Sender receives unprocessed TLV indicated by the U flag being > set to 1. > > A STAMP system, i.e., either a Session-Sender or a Session-Reflector, > that has received a STAMP test packet with extension TLVs MUST > validate each TLV: > > If the U flag is set, the STAMP system MUST skip the processing of > the TLV. > > If the M flag is set, the STAMP system MUST stop processing the > remainder of the extended STAMP packet. > > If the I flag is set, the STAMP system MUST discard all TLVs and > MUST stop processing the remainder of the extended STAMP packet. > > > > Mirsky, et al. Expires January 22, 2021 [Page 10] > > Internet-Draft STAMP Extensions July 2020 > > > If an implementation of a Session-Reflector does not recognize the > Type field value, it MUST include a copy of the TLV into the > reflected STAMP packet. The Session-Reflector MUST set the U flag > to 1. The Session-Reflector MUST skip the processing of the > unrecognized TLV. > > If a TLV is malformed, the processing of extension TLVs MUST be > stopped. The Session-Reflector MUST copy the remainder of the > received extended STAMP packet into the reflected STAMP packet. > The Session-Reflector MUST set the M flag to 1. > > 4.1. Extra Padding TLV > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags|Extra Pad Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | > ~ Extra Padding ~ > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 7: Extra Padding TLV > > where fields are defined as the following: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > o Extra Padding Type - is a one-octet-long field, value TBA1 > allocated by IANA Section 5.1. > > o Length - two-octet-long field equal to the length of the Extra > Padding field in octets. > > o Extra Padding - SHOULD be filled by a sequence of a pseudo-random > numbers. The field MAY be filled with all zeros. An > implementation MUST control the type of filling of the Extra > Padding field. > > The Extra Padding TLV is similar to the Packet Padding field in a > TWAMP-Test packet [RFC5357]. The use of the Extra Padding TLV is > RECOMMENDED to perform a STAMP test using test packets of larger size > than the base STAMP packet [RFC8762]. The length of the base STAMP > packet is 44 octets in the unauthenticated mode or 112 octets in the > authenticated mode. The Extra Padding TLV MAY be present more than > one time in an extended STAMP test packet. > > > > Mirsky, et al. Expires January 22, 2021 [Page 11] > > Internet-Draft STAMP Extensions July 2020 > > > 4.2. Location TLV > > STAMP Session-Senders MAY include the variable-size Location TLV to > query location information from the Session-Reflector. The Session- > Sender MUST NOT fill any information fields except for STAMP TLV > Flags, Type, and Length. The Session-Reflector MUST validate the > Length value against the address family of the transport > encapsulating the STAMP test packet. If the Length field's value is > invalid, the Session-Reflector follows the procedure defined in > Section 4 for a malformed TLV. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| Location Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Destination Port | Source Port | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ Sub-TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 8: Location TLV > > where fields are defined as the following: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > o Location Type - is a one-octet-long field, value TBA2 allocated by > IANA Section 5.1. > > o Length - two-octet-long field equal to the length of the Value > field in octets. > > o Destination Port - two-octet-long UDP destination port number of > the received STAMP packet. > > o Source Port - two-octet-long UDP source port number of the > received STAMP packet. > > o Sub-TLVs - a sequence of sub-TLVs, as defined further in this > section. > > 4.2.1. Location Sub-TLVs > > A sub-TLV in the Location TLV uses the format displayed in Figure 5. > Handling of the U and M flags in the sub-TLV is as defined in > Section 4. The I flag MUST be set by a Session-Sender and Session- > > > > Mirsky, et al. Expires January 22, 2021 [Page 12] > > Internet-Draft STAMP Extensions July 2020 > > > Reflector to 0 before transmission and its value ignored on receipt. > The following types of sub-TLV for the Location TLV are defined in > this specification (type values are assigned according to Table 5): > > o Source MAC Address sub-TLV - is a 12-octet-long sub-TLV. The Type > value is TBA9. The value of the Length field MUST equal to 8. > The Value field is a 12-octet-long MBZ field that MUST be zeroed > on transmission and ignored on receipt. > > o Source EUI-48 Address sub-TLV - is a 12-octet-long sub-TLV that > includes the EUI-48 source MAC address. The Type value is TBA10. > The value of the Length field MUST equal to 8. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | EUI-48 Address | > + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | MBZ | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 9: The Value Field of the Source EUI-48 Address sub-TLV > > The Value field consists of the following fields (Figure 9): > > * The EUI-48 is a six-octet-long field. > > * Two-octet-ling MBZ field MUST be zeroed on transmission and > ignored on receipt. > > o Source EUI-64 Address sub-TLV - is a 12-octet-long sub-TLV that > includes the EUI-64 source MAC address. The Type value is TBA11. > The value of the Length field MUST equal to 12. The Value field > consists of an eight-octet-long EUI-64 field. > > o Destination IP Address sub-TLV - is a 20-octet-long sub-TLV. The > Type value is TBA12. The value of the Length field MUST equal to > 16. The Value field consists of a 16-octet-long MBZ field that > MUST be zeroed on transmit and ignored on receipt > > o Destination IPv4 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv4 destination address. The Type value is TBA13. The > value of the Length field MUST equal to 16. > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 13] > > Internet-Draft STAMP Extensions July 2020 > > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | IPv4 Address | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ MBZ (12 octets) ~ > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 10: IPv4 Address in a Sub-TLV's Value Field > > The Value field consists of the following fields (Figure 10): > > * The IPv4 Address is a four-octet-long field. > > * 12-octet-long MBZ field MUST be zeroed on transmit and ignored > on receipt. > > o Destination IPv6 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv6 destination address. The Type value is TBA14. The > value of the Length field MUST equal to 16. The Value field is a > 16-octet-long IP v6 Address field. > > o Source IP Address sub-TLV - is a 20-octet-long sub-TLV. The Type > value is TBA15. The value of the Length field MUST equal to 16. > The Value field is a 16-octet-long MBZ field that MUST be zeroed > on transmit and ignored on receipt > > o Source IPv4 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv4 source address. The Type value is TBA16. The value > of the Length field MUST equal to 16. The Value field consists of > the following fields (Figure 10): > > * The IPv4 Address is a four-octet-long field. > > * 12-octet-long MBZ field that MUST be zeroed on transmit and > ignored on receipt. > > o Source IPv6 Address sub-TLV - is a 20-octet-long sub-TLV that > includes IPv6 source address. The Type value is TBA17. The value > of the Length field MUST equal to 16. The Value field is a 16- > octet-long IPv6 Address field. > > 4.2.2. Theory of Operation of Location TLV > > The Session-Reflector that received an extended STAMP packet with the > Location TLV MUST include the Location TLV of the size equal to the > size of Location TLV in the received packet in the reflected packet. > > > > Mirsky, et al. Expires January 22, 2021 [Page 14] > > Internet-Draft STAMP Extensions July 2020 > > > Based on the local policy, the Session-Reflector MAY leave some > fields unreported by filling them with zeroes. An implementation of > the stateful Session-Reflector MUST provide control for managing such > policies. > > A Session-Sender MAY include the Source MAC Address sub-TLV is the > Location TLV. If the Session-Reflector receives the Location TLV > that includes the Source MAC Address sub-TLV, it MUST include the > Source EUI-48 Address sub-TLV if the source MAC address of the > received extended test packet is in EUI-48 format. And the Session- > Reflector MUST copy the value of the source MAC address in the EUI-48 > field. Otherwise, the Session-Reflector MUST use the Source EUI-64 > Address sub-TLV and MUST copy the value of the Source MAC address > from the received packet into the EUI-64 field. If the received > extended STAMP test packet does not have the Source MAC address, the > Session-Reflector MUST zero the EUI-64 field before transmitting the > reflected packet. > > A Session-Sender MAY include the Destination IP Address sub-TLV is > the Location TLV. If the Session-Reflector receives the Location TLV > that includes the Destination IP Address sub-TLV, it MUST include the > Destination IPv4 Address sub-TLV if the source IP address of the > received extended test packet is of IPv4 address family. And the > Session-Reflector MUST copy the value of the destination IP address > in the IPv4 Address field. Otherwise, the Session-Reflector MUST use > the Destination IPv6 Address sub-TLV and MUST copy the value of the > destination IP address from the received packet into the IPv6 Address > field. > > A Session-Sender MAY include the Source IP Address sub-TLV is the > Location TLV. If the Session-Reflector receives the Location TLV > that includes the Source IP Address sub-TLV, it MUST include the > Source IPv4 Address sub-TLV if the source IP address of the received > extended test packet is of IPv4 address family. And the Session- > Reflector MUST copy the value of the source IP address in the IPv4 > Address field. Otherwise, the Session-Reflector MUST use the Source > IPv6 Address sub-TLV and MUST copy the value of the source IP address > from the received packet into the IPv6 Address field. > > The Location TLV MAY be used to determine the last-hop IP addresses, > ports, and last-hop MAC address for STAMP packets. The MAC address > can indicate a path switch on the last hop. The IP addresses and UDP > ports will indicate if there is a NAT router on the path. It allows > the Session-Sender to identify the IP address of the Session- > Reflector behind the NAT, and detect changes in the NAT mapping that > could cause sending the STAMP packets to the wrong Session-Reflector. > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 15] > > Internet-Draft STAMP Extensions July 2020 > > > 4.3. Timestamp Information TLV > > The STAMP Session-Sender MAY include the Timestamp Information TLV to > request information from the Session-Reflector. The Session-Sender > MUST NOT fill any information fields except for STAMP TLV Flags, > Type, and Length. All other fields MUST be filled with zeroes The > Session-Reflector MUST validate the Length value of the TLV. If the > value of the Length field is invalid, the Session-Reflector follows > the procedure defined in Section 4 for a malformed TLV. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags|Times Info Type| Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Sync. Src In | Timestamp In | Sync. Src Out | Timestamp Out | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > ~ Optional sub-TLVs ~ > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 11: Timestamp Information TLV > > where fields are defined as the following: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > o Timestamp Information Type - is a one-octet-long field, value TBA3 > allocated by IANA Section 5.1. > > o Length - two-octet-long field, set equal to the length of the > Value field in octets (Figure 5). > > o Sync Src In - one-octet-long field that characterizes the source > of clock synchronization at the ingress of a Session-Reflector. > There are several methods to synchronize the clock, e.g., Network > Time Protocol (NTP) [RFC5905]. The value is one of those listed > in Table 7. > > o Timestamp In - one-octet-long field that characterizes the method > by which the ingress of the Session-Reflector obtained the > timestamp T2. A timestamp may be obtained with hardware > assistance, via software API from a local wall clock, or from a > remote clock (the latter is referred to as "control plane"). The > value is one of those listed in Table 9. > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 16] > > Internet-Draft STAMP Extensions July 2020 > > > o Sync Src Out - one-octet-long field that characterizes the source > of clock synchronization at the egress of the Session-Reflector. > The value is one of those listed in Table 7. > > o Timestamp Out - one-octet-long field that characterizes the method > by which the egress of the Session-Reflector obtained the > timestamp T3. The value is one of those listed in Table 9. > > o Optional sub-TLVs - optional variable-length field. > > 4.4. Class of Service TLV > > The STAMP Session-Sender MAY include a Class of Service (CoS) TLV in > the STAMP test packet. The format of the CoS TLV is presented in > Figure 12. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| CoS Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | DSCP1 | DSCP2 |ECN| Reserved | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 12: Class of Service TLV > > where fields are defined as the following: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > o CoS (Class of Service) Type - is a one-octet-long field, value > TBA4 allocated by IANA Section 5.1. > > o Length - two-octet-long field, set equal to the value 4. > > o DSCP1 - The Differentiated Services Code Point (DSCP) intended by > the Session-Sender to be used as the DSCP value of the reflected > test packet. > > o DSCP2 - The received value in the DSCP field at the Session- > Reflector in the forward direction. > > o ECN - The received value in the ECN field at the Session-Reflector > in the forward direction. > > o Reserved - 18-bit-long field, MUST be zeroed on transmission and > ignored on receipt. > > > > Mirsky, et al. Expires January 22, 2021 [Page 17] > > Internet-Draft STAMP Extensions July 2020 > > > A STAMP Session-Reflector that receives a test packet with the CoS > TLV MUST include the CoS TLV in the reflected test packet. Also, the > Session-Reflector MUST copy the value of the DSCP and ECN fields of > the IP header of the received STAMP test packet into the DSCP2 field > in the reflected test packet. Finally, the Session-Reflector MUST > set the DSCP field's value in the IP header of the reflected test > packet equal to the value of the DSCP1 field of the received test > packet. Upon receiving the reflected packet, the Session-Sender will > save the DSCP and ECN values for analysis of the CoS in the reverse > direction. > > Re-mapping of CoS can be used to provide multiple services (e,g., 2G, > 3G, LTE in mobile backhaul networks) over the same network. But if > it is misconfigured, then it is often difficult to diagnose the root > cause of excessive packet drops of higher-level service while packet > drops for lower service packets are at a normal level. Using a CoS > TLV in STAMP testing helps to troubleshoot the existing problem and > also verify whether DiffServ policies are processing CoS as required > by the configuration. > > 4.5. Direct Measurement TLV > > The Direct Measurement TLV enables collection of the number of in- > profile packets, i.e., packets that form a specific data flow, that > had been transmitted and received by the Session-Sender and Session- > Reflector, respectively. The definition of "in-profile packet" is > outside the scope of this document and is left to the test operators > to determine. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| Direct Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Sender Tx counter (S_TxC) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Reflector Rx counter (R_RxC) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Session-Reflector Tx counter (R_TxC) | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 13: Direct Measurement TLV > > where fields are defined as the following: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > > > > Mirsky, et al. Expires January 22, 2021 [Page 18] > > Internet-Draft STAMP Extensions July 2020 > > > o Direct (Measurement) Type - is a one-octet-long field, value TBA5 > allocated by IANA Section 5.1. > > o Length - two-octet-long field equals the length of the Value field > in octets. The Length field value MUST equal 12 octets. > > o Session-Sender Tx counter (S_TxC) is a four-octet-long field. The > Session-Sender MUST set its value equal to the number of the > transmitted in-profile packets. > > o Session-Reflector Rx counter (R_RxC) is a four-octet-long field. > MUST be zeroed by the Session-Sender on transmit and ignored by > the Session-Reflector on receipt. The Session-Reflector MUST fill > it with the value of in-profile packets received. > > o Session-Reflector Tx counter (R_TxC) is a four-octet-long field. > MUST be zeroed by the Session-Sender and ignored by the Session- > Reflector on receipt. The Session-Reflector MUST fill it with the > value of the transmitted in-profile packets. > > A Session-Sender MAY include the Direct Measurement TLV in a STAMP > test packet. If the received STAMP test packet includes the Direct > Measurement TLV, the Session-Reflector MUST include it in the > reflected test packet. The Session-Reflector MUST copy the value > from the S_TxC field of the received test packet into the same field > of the reflected packet before its transmission. > > 4.6. Access Report TLV > > A STAMP Session-Sender MAY include an Access Report TLV (Figure 14) > to indicate changes to the access network status to the Session- > Reflector. The definition of an access network is outside the scope > of this document. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags|Acc Report Type| Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | ID | Resv | Return Code | Reserved | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 14: Access Report TLV > > where fields are defined as follows: > > o STAMP TLV Flags - is an eight-bit-long field. Its format > presented in Figure 6. > > > > Mirsky, et al. Expires January 22, 2021 [Page 19] > > Internet-Draft STAMP Extensions July 2020 > > > o Access Report Type - is a one-octet-long field, value TBA6 > allocated by IANA Section 5.1. > > o Length - two-octet-long field, set equal to the value 4. > > o ID (Access ID) - four-bit-long field that identifies the access > network, e.g., 3GPP (Radio Access Technologies specified by 3GPP) > or Non-3GPP (accesses that are not specified by 3GPP) [TS23501]. > The value is one of those listed below: > > * 1 - 3GPP Network > > * 2 - Non-3GPP Network > > All other values are invalid and the TLV that contains it MUST be > discarded. > > o Resv - four-bit-long field, MUST be zeroed on transmission and > ignored on receipt. > > o Return Code - one-octet-long field that identifies the report > signal, e.g., available or unavailable. The value is supplied to > the STAMP end-point through some mechanism that is outside the > scope of this document. The value is one of those listed in > Section 5.6. > > o Reserved - two-octet-long field, MUST be zeroed on transmission > and ignored on receipt. > > The STAMP Session-Sender that includes the Access Report TLV sets the > value of the Access ID field according to the type of access network > it reports on. Also, the Session-Sender sets the value of the Return > Code field to reflect the operational state of the access network. > The mechanism to determine the state of the access network is outside > the scope of this specification. A STAMP Session-Reflector that > received the test packet with the Access Report TLV MUST include the > Access Report TLV in the reflected test packet. The Session- > Reflector MUST set the value of the Access ID and Return Code fields > equal to the values of the corresponding fields from the test packet > it has received. > > The Session-Sender MUST also arm a retransmission timer after sending > a test packet that includes the Access Report TLV. This timer MUST > be disarmed upon reception of the reflected STAMP test packet that > includes the Access Report TLV. In the event the timer expires > before such a packet is received, the Session-Sender MUST retransmit > the STAMP test packet that contains the Access Report TLV. This > retransmission SHOULD be repeated up to four times before the > > > > Mirsky, et al. Expires January 22, 2021 [Page 20] > > Internet-Draft STAMP Extensions July 2020 > > > procedure is aborted. Setting the value for the retransmission timer > is based on local policies and network environment. The default > value of the retransmission timer for the Access Report TLV SHOULD be > three seconds. An implementation MUST provide control of the > retransmission timer value and the number of retransmissions. > > The Access Report TLV is used by the Performance Measurement Function > (PMF) components of the Access Steering, Switching and Splitting > feature for 5G networks [TS23501]. The PMF component in the User > Equipment acts as the STAMP Session-Sender, and the PMF component in > the User Plane Function acts as the STAMP Session-Reflector. > > 4.7. Follow-up Telemetry TLV > > A Session-Reflector might be able to put in the Timestamp field only > an "SW Local" (see Table 9) timestamp. But the hosting system might > provide a timestamp closer to the start of the actual packet > transmission even though it is not possible to deliver the > information to the Session-Sender in time for the packet itself. > This timestamp might nevertheless be important for the Session- > Sender, as it improves the accuracy of measuring network delay by > minimizing the impact of egress queuing delays on the measurement. > > A STAMP Session-Sender MAY include the Follow-up Telemetry TLV to > request information from the Session-Reflector. The Session-Sender > MUST set the Follow-up Telemetry Type and Length fields to their > appropriate values. The Sequence Number and Timestamp fields MUST be > zeroed on transmission by the Session-Sender and ignored by the > Session-Reflector upon receipt of the STAMP test packet that includes > the Follow-up Telemetry TLV. The Session-Reflector MUST validate the > Length value of the STAMP test packet. If the value of the Length > field is invalid, the Session-Reflector MUST zero the Sequence Number > and Timestamp fields and set the M flag in the STAMP TLV Flags field > in the reflected packet. If the Session-Reflector is in stateless > mode (defined in Section 4.2 [RFC8762]), it MUST zero the Sequence > Number and Timestamp fields. > > > > > > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 21] > > Internet-Draft STAMP Extensions July 2020 > > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| Follow-up Type| Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Sequence Number | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Follow-up Timestamp | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | Timestamp M | Reserved | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 15: Follow-up Telemetry TLV > > where fields are defined as follows: > > o STAMP TLV Flags - is an eight-bit-long field. Its format > presented in Figure 6. > > o Follow-up (Telemetry) Type - is a one-octet-long field, value TBA7 > allocated by IANA Section 5.1. > > o Length - two-octet-long field, set equal to the value 16 octets. > > o Sequence Number - four-octet-long field indicating the sequence > number of the last packet reflected in the same STAMP-test > session. Since the Session-Reflector runs in the stateful mode > (defined in Section 4.2 [RFC8762]), it is the Session-Reflector's > Sequence Number of the previous reflected packet. > > o Follow-up Timestamp - eight-octet-long field, with the format > indicated by the Z flag of the Error Estimate field of the STAMP > base packet, which is contained in this reflected test packet > transmitted by a Session-Reflector, as described in Section 4.2.1 > [RFC8762]. It carries the timestamp when the reflected packet > with the specified sequence number was sent. > > o Timestamp M(ode) - one-octet-long field that characterizes the > method by which the entity that transmits a reflected STAMP packet > obtained the Follow-up Timestamp. The value is one of those > listed in Table 9. > > o Reserved - three-octet-long field. Its value MUST be zeroed on > transmission and ignored on receipt. > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 22] > > Internet-Draft STAMP Extensions July 2020 > > > 4.8. HMAC TLV > > The STAMP authenticated mode protects the integrity of data collected > in the STAMP base packet. STAMP extensions are designed to provide > valuable information about the condition of a network, and protecting > the integrity of that data is also essential. All authenticated > STAMP base packets (per Section 4.2.2 and Section 4.3.2 [RFC8762]) > compatible with this specification MUST additionally authenticate the > option TLVs by including the keyed Hashed Message Authentication Code > (HMAC) TLV, with the sole exception of when there is only one TLV > present, and it is the Extended Padding TLV. The HMAC TLV MUST > follow all TLVs included in a STAMP test packet, except for the Extra > Padding TLV. If the HMAC TLV appears in any other position in a > STAMP extended test packet, then the situation MUST be processed as > HMAC verification failure, as defined in this section, further below. > The HMAC TLV MAY be used to protect the integrity of STAMP extensions > in STAMP unauthenticated mode. > > 0 1 2 3 > 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > |STAMP TLV Flags| HMAC Type | Length | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > | | > | HMAC | > | | > | | > +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ > > Figure 16: HMAC TLV > > where fields are defined as follows: > > o STAMP TLV Flags - is an eight-bit-long field. Its format is > presented in Figure 6. > > o HMAC Type - is a one-octet-long field, value TBA8 allocated by > IANA Section 5.1. > > o Length - two-octet-long field, set equal to 16 octets. > > o HMAC - is a 16-octet-long field that carries HMAC digest of the > text of all preceding TLVs. > > As defined in [RFC8762], STAMP uses HMAC-SHA-256 truncated to 128 > bits ([RFC4868]). All considerations regarding using the key and key > distribution and management listed in Section 4.4 of [RFC8762] are > fully applicable to the use of the HMAC TLV. HMAC TLV is anticipated > > > > Mirsky, et al. Expires January 22, 2021 [Page 23] > > Internet-Draft STAMP Extensions July 2020 > > > to track updates in the base STAMP protocol [RFC8762], including the > use of more advanced cryptographic algorithms. HMAC is calculated as > defined in [RFC2104] over text as the concatenation of the Sequence > Number field of the base STAMP packet and all preceding TLVs. The > digest then MUST be truncated to 128 bits and written into the HMAC > field. If the HMAC TLV is present in the extended STAMP test packet, > e.g., in the authenticated mode, HMAC MUST be verified before using > any data in the included STAMP TLVs. If HMAC verification by the > Session-Reflector fails, then the Session-Reflector MUST stop > processing the received extended STAMP test packet. The Session- > Reflector MUST copy the TLVs from the received STAMP test packet into > the reflected packet. The Session-Reflector MUST set the I flag in > each TLV copied over into the reflected packet to 1 before > transmitting the reflected test packet. If the Session-Sender > receives the extended STAMP test packet with I flag set to 1, then > the Session-Sender MUST stop processing TLVs in the reflected test > packet. If HMAC verification by the Session-Sender fails, then the > Session-Sender MUST stop processing TLVs in the reflected extended > STAMP packet. > > 5. IANA Considerations > > 5.1. STAMP TLV Registry > > IANA is requested to create the STAMP TLV Type registry. All code > points in the range 1 through 175 in this registry shall be allocated > according to the "IETF Review" procedure as specified in [RFC8126]. > Code points in the range 176 through 239 in this registry shall be > allocated according to the "First Come First Served" procedure as > specified in [RFC8126]. The remaining code points are allocated > according to Table 1: > > +-----------+--------------+---------------+ > | Value | Description | Reference | > +-----------+--------------+---------------+ > | 0 | Reserved | This document | > | 1- 175 | Unassigned | This document | > | 176 - 239 | Unassigned | This document | > | 240 - 251 | Experimental | This document | > | 252 - 254 | Private Use | This document | > | 255 | Reserved | This document | > +-----------+--------------+---------------+ > > Table 1: STAMP TLV Type Registry > > This document defines the following new values in the IETF Review > range of the STAMP TLV Type registry: > > > > > Mirsky, et al. Expires January 22, 2021 [Page 24] > > Internet-Draft STAMP Extensions July 2020 > > > +-------+-----------------------+---------------+ > | Value | Description | Reference | > +-------+-----------------------+---------------+ > | TBA1 | Extra Padding | This document | > | TBA2 | Location | This document | > | TBA3 | Timestamp Information | This document | > | TBA4 | Class of Service | This document | > | TBA5 | Direct Measurement | This document | > | TBA6 | Access Report | This document | > | TBA7 | Follow-up Telemetry | This document | > | TBA8 | HMAC | This document | > +-------+-----------------------+---------------+ > > Table 2: STAMP TLV Types > > 5.2. STAMP TLV Flags Sub-registry > > IANA is requested to create the STAMP TLV Flags sub-registry as part > of the STAMP TLV Type registry. The registration procedure is "IETF > Review" [RFC8126]. Flags are 8 bits. This document defines the > following bit positions in the STAMP TLV Flags sub-registry: > > +--------------+--------+------------------------+---------------+ > | Bit position | Symbol | Description | Reference | > +--------------+--------+------------------------+---------------+ > | 0 | U | Unrecognized TLV | This document | > | 1 | M | Malformed TLV | This document | > | 2 | I | Integrity check failed | This document | > +--------------+--------+------------------------+---------------+ > > Table 3: STAMP TLV Flags > > 5.3. Sub-TLV Type Sub-registry > > IANA is requested to create the sub-TLV Type sub-registry as part of > the STAMP TLV Type registry. All code points in the range 1 through > 175 in this registry shall be allocated according to the "IETF > Review" procedure as specified in [RFC8126]. Code points in the > range 176 through 239 in this registry shall be allocated according > to the "First Come First Served" procedure as specified in [RFC8126]. > The remaining code points are allocated according to Table 4: > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 25] > > Internet-Draft STAMP Extensions July 2020 > > > +-----------+--------------+---------------+ > | Value | Description | Reference | > +-----------+--------------+---------------+ > | 0 | Reserved | This document | > | 1- 175 | Unassigned | This document | > | 176 - 239 | Unassigned | This document | > | 240 - 251 | Experimental | This document | > | 252 - 254 | Private Use | This document | > | 255 | Reserved | This document | > +-----------+--------------+---------------+ > > Table 4: Location Sub-TLV Type Sub-registry > > This document defines the following new values in the IETF Review > range of the Location sub-TLV Type sub-registry: > > +-------+--------------------------+----------+---------------+ > | Value | Description | TLV Used | Reference | > +-------+--------------------------+----------+---------------+ > | TBA9 | Source MAC Address | Location | This document | > | TBA10 | Source EUI-48 Address | Location | This document | > | TBA11 | Source EUI-64 Address | Location | This document | > | TBA12 | Destination IP Address | Location | This document | > | TBA13 | Destination IPv4 Address | Location | This document | > | TBA14 | Destination IPv6 Address | Location | This document | > | TBA15 | Source IP Address | Location | This document | > | TBA16 | Source IPv4 Address | Location | This document | > | TBA17 | Source IPv6 Address | Location | This document | > +-------+--------------------------+----------+---------------+ > > Table 5: STAMP sub-TLV Types > > 5.4. Synchronization Source Sub-registry > > IANA is requested to create the Synchronization Source sub-registry > as part of the STAMP TLV Type registry. All code points in the range > 1 through 127 in this registry shall be allocated according to the > "IETF Review" procedure as specified in [RFC8126]. Code points in > the range 128 through 239 in this registry shall be allocated > according to the "First Come First Served" procedure as specified in > [RFC8126]. Remaining code points are allocated according to Table 6: > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 26] > > Internet-Draft STAMP Extensions July 2020 > > > +-----------+--------------+---------------+ > | Value | Description | Reference | > +-----------+--------------+---------------+ > | 0 | Reserved | This document | > | 1- 127 | Unassigned | This document | > | 128 - 239 | Unassigned | This document | > | 240 - 249 | Experimental | This document | > | 250 - 254 | Private Use | This document | > | 255 | Reserved | This document | > +-----------+--------------+---------------+ > > Table 6: Synchronization Source Sub-registry > > This document defines the following new values in the Synchronization > Source sub-registry: > > +-------+---------------------------------+---------------+ > | Value | Description | Reference | > +-------+---------------------------------+---------------+ > | 1 | NTP | This document | > | 2 | PTP | This document | > | 3 | SSU/BITS | This document | > | 4 | GPS/GLONASS/LORAN-C/BDS/Galileo | This document | > | 5 | Local free-running | This document | > +-------+---------------------------------+---------------+ > > Table 7: Synchronization Sources > > 5.5. Timestamping Method Sub-registry > > IANA is requested to create the Timestamping Method sub-registry as > part of the STAMP TLV Type registry. All code points in the range 1 > through 127 in this registry shall be allocated according to the > "IETF Review" procedure as specified in [RFC8126]. Code points in > the range 128 through 239 in this registry shall be allocated > according to the "First Come First Served" procedure as specified in > [RFC8126]. Remaining code points are allocated according to Table 8: > > > > > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 27] > > Internet-Draft STAMP Extensions July 2020 > > > +-----------+--------------+---------------+ > | Value | Description | Reference | > +-----------+--------------+---------------+ > | 0 | Reserved | This document | > | 1- 127 | Unassigned | This document | > | 128 - 239 | Unassigned | This document | > | 240 - 249 | Experimental | This document | > | 250 - 254 | Private Use | This document | > | 255 | Reserved | This document | > +-----------+--------------+---------------+ > > Table 8: Timestamping Method Sub-registry > > This document defines the following new values in the Timestamping > Methods sub-registry: > > +-------+---------------+---------------+ > | Value | Description | Reference | > +-------+---------------+---------------+ > | 1 | HW Assist | This document | > | 2 | SW local | This document | > | 3 | Control plane | This document | > +-------+---------------+---------------+ > > Table 9: Timestamping Methods > > 5.6. Return Code Sub-registry > > IANA is requested to create the Return Code sub-registry as part of > the STAMP TLV Type registry. All code points in the range 1 through > 127 in this registry shall be allocated according to the "IETF > Review" procedure as specified in [RFC8126]. Code points in the > range 128 through 239 in this registry shall be allocated according > to the "First Come First Served" procedure as specified in [RFC8126]. > Remaining code points are allocated according to Table 10: > > +-----------+--------------+---------------+ > | Value | Description | Reference | > +-----------+--------------+---------------+ > | 0 | Reserved | This document | > | 1- 127 | Unassigned | This document | > | 128 - 239 | Unassigned | This document | > | 240 - 249 | Experimental | This document | > | 250 - 254 | Private Use | This document | > | 255 | Reserved | This document | > +-----------+--------------+---------------+ > > Table 10: Return Code Sub-registry > > > > Mirsky, et al. Expires January 22, 2021 [Page 28] > > Internet-Draft STAMP Extensions July 2020 > > > This document defines the following new values in the Return Code > sub-registry: > > +-------+---------------------+---------------+ > | Value | Description | Reference | > +-------+---------------------+---------------+ > | 1 | Network available | This document | > | 2 | Network unavailable | This document | > +-------+---------------------+---------------+ > > Table 11: Return Codes > > 6. Security Considerations > > This document defines extensions to STAMP [RFC8762] and inherits all > the security considerations applicable to the base protocol. > Additionally, the HMAC TLV is defined in this document to protect the > integrity of optional STAMP extensions. The use of HMAC TLV is > discussed in detail in Section 4.8. > > To protect against a malformed TLV an implementation of a Session- > Sender and Session-Reflector MUST: > > o check the setting of the M flag; > > o validate the Length field value. > > Monitoring and optional control of DSCP do not appear to introduce > any additional security threat to hosts that communicate with STAMP > as defined in [RFC8762]. As this specification defined the mechanism > to test DSCP mapping, this document inherits all the security > considerations discussed in [RFC2474]. > > 7. Acknowledgments > > Authors much appreciate the thorough review and thoughtful comments > received from Tianran Zhou, Rakesh Gandhi, Yuezhong Song and Yali > Wang. The authors express their gratitude to Al Morton for his > comments and the most valuable suggestions. The authors greatly > appreciate comments and thoughtful suggestions received from Martin > Duke. > > 8. Contributors > > The following people contributed text to this document: > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 29] > > Internet-Draft STAMP Extensions July 2020 > > > Guo Jun > ZTE Corporation > 68# Zijinghua Road > Nanjing, Jiangsu 210012 > P.R.China > > Phone: +86 18105183663 > Email: guo.jun2@zte.com.cn > > 9. References > > 9.1. Normative References > > [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- > Hashing for Message Authentication", RFC 2104, > DOI 10.17487/RFC2104, February 1997, > <https://www.rfc-editor.org/info/rfc2104>. > > [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate > Requirement Levels", BCP 14, RFC 2119, > DOI 10.17487/RFC2119, March 1997, > <https://www.rfc-editor.org/info/rfc2119>. > > [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for > Writing an IANA Considerations Section in RFCs", BCP 26, > RFC 8126, DOI 10.17487/RFC8126, June 2017, > <https://www.rfc-editor.org/info/rfc8126>. > > [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC > 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, > May 2017, <https://www.rfc-editor.org/info/rfc8174>. > > [RFC8762] Mirsky, G., Jun, G., Nydell, H., and R. Foote, "Simple > Two-Way Active Measurement Protocol", RFC 8762, > DOI 10.17487/RFC8762, March 2020, > <https://www.rfc-editor.org/info/rfc8762>. > > 9.2. Informative References > > [GPS] "Global Positioning System (GPS) Standard Positioning > Service (SPS) Performance Standard", GPS SPS 5th Edition, > April 2020. > > [I-D.gont-numeric-ids-generation] > Gont, F. and I. Arce, "On the Generation of Transient > Numeric Identifiers", draft-gont-numeric-ids-generation-04 > (work in progress), July 2019. > > > > > Mirsky, et al. Expires January 22, 2021 [Page 30] > > Internet-Draft STAMP Extensions July 2020 > > > [IEEE.1588.2008] > "Standard for a Precision Clock Synchronization Protocol > for Networked Measurement and Control Systems", > IEEE Standard 1588, March 2008. > > [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, > "Definition of the Differentiated Services Field (DS > Field) in the IPv4 and IPv6 Headers", RFC 2474, > DOI 10.17487/RFC2474, December 1998, > <https://www.rfc-editor.org/info/rfc2474>. > > [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- > 384, and HMAC-SHA-512 with IPsec", RFC 4868, > DOI 10.17487/RFC4868, May 2007, > <https://www.rfc-editor.org/info/rfc4868>. > > [RFC5357] Hedayat, K., Krzanowski, R., Morton, A., Yum, K., and J. > Babiarz, "A Two-Way Active Measurement Protocol (TWAMP)", > RFC 5357, DOI 10.17487/RFC5357, October 2008, > <https://www.rfc-editor.org/info/rfc5357>. > > [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, > "Network Time Protocol Version 4: Protocol and Algorithms > Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, > <https://www.rfc-editor.org/info/rfc5905>. > > [TS23501] 3GPP (3rd Generation Partnership Project), "Technical > Specification Group Services and System Aspects; System > Architecture for the 5G System; Stage 2 (Release 16)", > 3GPP TS23501, 2019. > > Authors' Addresses > > Greg Mirsky > ZTE Corp. > > Email: gregimirsky@gmail.com > > > Xiao Min > ZTE Corp. > > Email: xiao.min2@zte.com.cn > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 31] > > Internet-Draft STAMP Extensions July 2020 > > > Henrik Nydell > Accedian Networks > > Email: hnydell@accedian.com > > > Richard Foote > Nokia > > Email: footer.foote@nokia.com > > > Adi Masputra > Apple Inc. > One Apple Park Way > Cupertino, CA 95014 > USA > > Email: adi@apple.com > > > Ernesto Ruffini > OutSys > via Caracciolo, 65 > Milano 20155 > Italy > > Email: eruffini@outsys.org > > > > > > > > > > > > > > > > > > > > > > > > Mirsky, et al. Expires January 22, 2021 [Page 32]
- [ippm] Benjamin Kaduk's Discuss on draft-ietf-ipp… Benjamin Kaduk via Datatracker
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Greg Mirsky
- Re: [ippm] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk