IETF Logo Mail Archive

Re: I-D Action: draft-ietf-6man-default-iids-04.txt

Kerry Lynn <kerlyn@ieee.org> Tue, 14 July 2015 20:20 UTC

Return-Path: <kerlyn2001@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D60B11B2C70; Tue, 14 Jul 2015 13:20:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.027
X-Spam-Level:
X-Spam-Status: No, score=-1.027 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C8LEILaovLuQ; Tue, 14 Jul 2015 13:20:01 -0700 (PDT)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com [IPv6:2607:f8b0:4003:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA03B1B2C1E; Tue, 14 Jul 2015 13:20:00 -0700 (PDT)
Received: by oige126 with SMTP id e126so14513951oig.0; Tue, 14 Jul 2015 13:20:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Mw89Buo3sx3uRlEbj4mEtFt8y1Fc4pAVOnv4lnQJBJw=; b=fUeVTvfUsJBrMuii/wDjAjMT42huxUBF8OrJIr0jY179cuJcSoFK/JRLZvfkMPEJXb UBIX+AeQYygWAV6g1hvlb4ampviHKjilwM1NgIWzgug/IcD9V7YDfIM22sRNhThYppe1 P00y0LC5TZjV00Phv2v7JK+Kmmc9jcQGJhe9chb0KDTgKymSGnUSBVGTURh9HKRv57MJ ++1b9kWJ/zQr+lSlxO0bsHNKLBSbyrAaYrKV3JSsF/ckSBB02Z0rOGEW/qXQgx7uIs4e nU7Nz26/YSrSecKFfufkPPg4Ss6Z+ceEoXYEKAKe7viiE5j7gc3cSWitgtGqUpIh5lHw 9uhQ==
MIME-Version: 1.0
X-Received: by 10.60.41.138 with SMTP id f10mr319195oel.84.1436905200175; Tue, 14 Jul 2015 13:20:00 -0700 (PDT)
Sender: kerlyn2001@gmail.com
Received: by 10.60.179.227 with HTTP; Tue, 14 Jul 2015 13:19:59 -0700 (PDT)
In-Reply-To: <DM2PR0301MB0655593F8FD755752940BC40A89B0@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <20150626053554.16572.72663.idtracker@ietfa.amsl.com> <926657903.827241.1435374995889.JavaMail.yahoo@mail.yahoo.com> <5591BF9C.8080307@si6networks.com> <CAO42Z2zf5-g1aOAWfaDxX47H9w9Kyc0QEX+0oKyzL9nwzCb_DQ@mail.gmail.com> <5592370E.6070705@si6networks.com> <CAO42Z2xacdABghT5W269V9y3aucmh2QQd6AHNLK+MpsaLzeB8g@mail.gmail.com> <55931DAE.8000701@si6networks.com> <CAO42Z2ywMEfXKSSFeSd5DNvEW4URfmTKvaWgxNw6odXRHWW=Jw@mail.gmail.com> <559378AE.70506@si6networks.com> <ECA43DA70480A3498E43C3471FB2E1F01C39900A@eusaamb103.ericsson.se> <559B1197.20201@si6networks.com> <ECA43DA70480A3498E43C3471FB2E1F01C399850@eusaamb103.ericsson.se> <559B26D2.6050709@si6networks.com> <4E066FF0-1E74-4CF8-B10F-F93E2BBE87AC@gmail.com> <3FECE5A4-C340-4C2F-A426-030B5F1AB52E@cooperw.in> <757299EF-C134-4A4E-A5F5-1D5476174F19@gmail.com> <CAO6tK47QX9t8KWi23WEQ7EkhzQSwFDob2Q-uznaSjGVbdHm_vg@mail.gmail.com> <DM2PR0301MB0655593F8FD755752940BC40A89B0@DM2PR0301MB0655.namprd03.prod.outlook.com>
Date: Tue, 14 Jul 2015 16:19:59 -0400
X-Google-Sender-Auth: ylcos8DqBl6yC8YtNCOXpps_eQ4
Message-ID: <CABOxzu0VZOFxoQFk1gP5+h8oCXnVLnnuXsNLCOi_E+iE1+6CiA@mail.gmail.com>
Subject: Re: I-D Action: draft-ietf-6man-default-iids-04.txt
From: Kerry Lynn <kerlyn@ieee.org>
To: Christian Huitema <huitema@microsoft.com>
Content-Type: multipart/alternative; boundary="089e01494654085359051adb90c8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/1dACJYMjsyQERa62VvoLLJH_ivA>
Cc: "6lo@ietf.org" <6lo@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, Ralph Droms <rdroms.ietf@gmail.com>, "draft-ietf-6man-default-iids@tools.ietf.org" <draft-ietf-6man-default-iids@tools.ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Jul 2015 20:20:03 -0000

On Tue, Jul 14, 2015 at 3:24 PM, Christian Huitema <huitema@microsoft.com>
wrote:

> > "Future specifications SHOULD NOT specify IPv6 address generation
> schemes that
> > embed the underlying link-layer address in the IID. In some cases,
> embedding the
> > link-layer address in the IID may reduce resource requirements such as
> energy,
> > bandwidth and packet transmission by facilitating header compression in
> constrained
> > devices. In such cases, future specifications MAY include address
> generation schemes
> > that embed the link-layer address in the IID, but MUST also specify an
> alternative
> > address generation scheme.”
>
> That's too weak a restriction. It does not include the part about "MUST
> NOT embed a globally unique identifier," which is the core of the issue.
>
> I would rather go for:
>
> "Future specifications SHOULD NOT specify IPv6 address generation schemes
> that
> embed the underlying link-layer address in the IID. There MAY be some
> exceptions
> in cases where network technologies works under very restrictive
> constraints.
> These exceptions MUST be reviewed on a case by case basis. Specifications
> allowing address generation schemes that embed the link-layer address in
> the IID
> under such exceptions MUST also specify an alternative address generation
> scheme.”
>
> I strongly disagree; I think Ralph's wording more closely reflects the
consensus
that has developed over several meetings now.  As I understand that
consensus,
the directive is SHOULD NOT embed L2 addresses in IIDs and MUST specify a
scheme by which privacy IIDs can be generated.  At that point, it seems to
be a
local matter whether privacy IIDs are configured or not.  The simplest IoT
devices
will probably not have a UI nor a good source of entropy, so injecting
secret keys
into these devices becomes an operational consideration.

I also do not agree that every new IP-over-6lo proposal should need to
repeat the
same arguments ("We'd really like to be able to use RFC 6282 compression"),
subject to the constitution of the IESG at the time.  Instead, I think it
would be
helpful for those who understand the issue best (the I-D authors and other
subject matter experts) to agree on language that could be included in
future
proposals as BCP to implementers.  Something like:

   A 64-bit privacy IID is RECOMMENDED for routable addresses and SHOULD
   be locally generated according to [I-D.ietf-6man-default-iids
<https://tools.ietf.org/html/draft-ietf-6lo-6lobac-02#ref-I-D.ietf-6man-default-iids>].
A
   node that generates a 64-bit privacy IID MUST register it with its
   local router(s) by sending a Neighbor Solicitation (NS) message with
   the Address Registration Option (ARO) and process Neighbor
   Advertisements (NA) according to [RFC6775
<https://tools.ietf.org/html/rfc6775>].


The acceptable alternatives (including managed opaque DHCPv6 addresses)
would
be spelled out in ID-ietf-6man-default-iids.  This statement would be
something like
the Surgeon General's warning that appears on every pack of cigs in the US;
we
can't stop you from smoking, but we want you to know it's a very bad idea.

Regards, Kerry Lynn

-- Christian Huitema
>
>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email