RE: Next steps for draft-gont-6man-predictable-fragment-id
"Will Liu (Shucheng)" <liushucheng@huawei.com> Fri, 08 March 2013 10:25 UTC
Return-Path: <liushucheng@huawei.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A958A21F8675 for <ipv6@ietfa.amsl.com>; Fri, 8 Mar 2013 02:25:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WOHx27zYm8k2 for <ipv6@ietfa.amsl.com>; Fri, 8 Mar 2013 02:25:47 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 9325D21F8634 for <ipv6@ietf.org>; Fri, 8 Mar 2013 02:25:46 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml203-edg.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id AQK77309; Fri, 08 Mar 2013 10:25:45 +0000 (GMT)
Received: from LHREML401-HUB.china.huawei.com (10.201.5.240) by lhreml203-edg.huawei.com (172.18.7.221) with Microsoft SMTP Server (TLS) id 14.1.323.7; Fri, 8 Mar 2013 10:25:27 +0000
Received: from SZXEML453-HUB.china.huawei.com (10.82.67.196) by lhreml401-hub.china.huawei.com (10.201.5.240) with Microsoft SMTP Server (TLS) id 14.1.323.7; Fri, 8 Mar 2013 10:25:44 +0000
Received: from SZXEML546-MBX.china.huawei.com ([169.254.3.21]) by SZXEML453-HUB.china.huawei.com ([10.82.67.196]) with mapi id 14.01.0323.007; Fri, 8 Mar 2013 18:25:40 +0800
From: "Will Liu (Shucheng)" <liushucheng@huawei.com>
To: "ipv6@ietf.org" <ipv6@ietf.org>
Subject: RE: Next steps for draft-gont-6man-predictable-fragment-id
Thread-Topic: Next steps for draft-gont-6man-predictable-fragment-id
Thread-Index: AQHOG576ESMxSfqlokKfyamFzc7CX5ibkGSA
Date: Fri, 08 Mar 2013 10:25:38 +0000
Message-ID: <C9B5F12337F6F841B35C404CF0554ACB2BA45841@szxeml546-mbx.china.huawei.com>
References: <CAG9chD=Hq1do2ERBCxkc3rLu3OJVP_5eUZnDRawk6QaDDH4+Dg@mail.gmail.com>
In-Reply-To: <CAG9chD=Hq1do2ERBCxkc3rLu3OJVP_5eUZnDRawk6QaDDH4+Dg@mail.gmail.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.66.78.117]
Content-Type: multipart/alternative; boundary="_000_C9B5F12337F6F841B35C404CF0554ACB2BA45841szxeml546mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Cc: Juan Antonio Matos <juanmatos@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2013 10:25:50 -0000
Firstly, I agree with Juan. Though this work proposed a mitigation to a known flaw, the use of predictable fragment IDs, just as Tina said, such document can be really instructive to the IPv6 protocol implementation, especially when considering the longstanding slogan of IPv6, the security. Secondly, if we look at the IPv4 history, the lack of similar work at this point results in the fragility of implementation and the possibility of generation fragment id by incorporating other flawed schemes. We should be enlightened to push forward such works, to avoid repeating the history of vulnerable IPv4. In the end, a tiny comment: the author might consider to expand Appendix B to make this work more universal by including other implementations. Regards, Shucheng LIU (Will) From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Juan Antonio Matos Sent: Friday, March 08, 2013 9:48 AM To: ipv6@ietf.org Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Le 2013-02-28 20:51, Ole Troan a ?crit : > - Is there interest in working on it in 6man? > (if yes, you must be willing to contribute, if no, then say why) Yes, Someone said: Why do a document for IPv6 for Things That Were Well Known in IPv4? and i wonder: Why not do it right in IPv6, even though we know it is a problem that has existed for IPv4? IPv6 is a new protocol, and probably in a few years the new generation of internet professionals might hear about IPv4, as we hear today about IPX, (as History). I understand that this is a known weakness, even so could affect some systems, so why not correct this? I think this topic deserves further discussed regards Juan Antonio Matos Dominican Civil Aviation Institute 1. Re: 6MAN Agenda for IETF86 (Fernando Gont) 2. Re: Next steps for draft-gont-6man-predictable-fragment-id (Simon Perreault) 3. Re: Next steps for draft-gont-6man-predictable-fragment-id (Ole Troan) 4. Re: Next steps for draft-gont-6man-predictable-fragment-id (Simon Perreault) 5. Re: Next steps for draft-gont-6man-predictable-fragment-id (Fernando Gont) 6. Re: Next steps for draft-gont-6man-predictable-fragment-id (Simon Perreault) 7. Re: Next steps for draft-gont-6man-predictable-fragment-id (Ole Troan) ---------------------------------------------------------------------- Message: 1 Date: Thu, 07 Mar 2013 00:27:11 -0300 From: Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com>> To: Bob Hinden <bob.hinden@gmail.com<mailto:bob.hinden@gmail.com>> Cc: ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: 6MAN Agenda for IETF86 Message-ID: <5138090F.9030007@si6networks.com<mailto:5138090F.9030007@si6networks.com>> Content-Type: text/plain; charset=ISO-8859-1 Bob, On 03/05/2013 07:42 PM, Bob Hinden wrote: > >> draft-gont-6man-ipv6-smurf-amplifier : 2 discussion on the list : >> 15 mins > > This was the chairs call as we thought there would be interest in it. > Given the discussion on the list, there appears to be more interest > in <draft-liu-bonica-dhcpv6-slaac-problem-01.txt> and we propose to > swap them. There isn't time for everything. > > Comments? I personally oppose to such idea. This is my reasoning: * draft-gont-6man-ipv6-smurf-amplifier has already been in the position of "this will be discussed if time permits" (and at the time, time didn't permit). Hence it's time to allocate a slot to this I-D. The same reasoning should apply to draft-liu-bonica-dhcpv6-slaac-problem-01.txt for the next IETF meeting. * draft-gont-6man-ipv6-smurf-amplifier is pretty much straight-forward so that may be one reason for which you didn't see more discussion about it. I'd expect that discussion during the 6man wg meeting will be brief, and hence we'll be able to move forward to the next document even before the allocated time is used. * Changing agendas once published is, IMO, a bad idea (unless really necessary). FWIW, I should note that I do support draft-liu-bonica-dhcpv6-slaac-problem-01.txt -- i.e., the reasoning above doesn't have anything to do with the contents of draft-liu-bonica-dhcpv6-slaac-problem-01.txt itself. Thanks, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com<mailto:fgont@si6networks.com> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 ------------------------------ Message: 2 Date: Thu, 07 Mar 2013 10:44:27 +0100 From: Simon Perreault <simon.perreault@viagenie.ca<mailto:simon.perreault@viagenie.ca>> To: ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Message-ID: <5138617B.5020207@viagenie.ca<mailto:5138617B.5020207@viagenie.ca>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Le 2013-02-28 20:51, Ole Troan a ?crit : > - Is there interest in working on it in 6man? > (if yes, you must be willing to contribute, if no, then say why) Yes. I think the document is very useful. The fact that there are so many popular implementations out there that get this kind of thing wrong shows a need for good documentation. This draft explains the problem, says clearly what needs to be done, and describes good and practical algorithms. And there's a survey of current implementations as a bonus in the appendix. This is exactly the kind of good quality information that the IETF needs to provide. Simon ------------------------------ Message: 3 Date: Thu, 7 Mar 2013 11:09:55 +0100 From: Ole Troan <ot@cisco.com<mailto:ot@cisco.com>> To: Simon Perreault <simon.perreault@viagenie.ca<mailto:simon.perreault@viagenie.ca>> Cc: ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Message-ID: <65CB8751-4CBF-46DE-9860-8964BE8AA20F@cisco.com<mailto:65CB8751-4CBF-46DE-9860-8964BE8AA20F@cisco.com>> Content-Type: text/plain; charset=iso-8859-1 Simon, >> - Is there interest in working on it in 6man? >> (if yes, you must be willing to contribute, if no, then say why) > > Yes. > > I think the document is very useful. The fact that there are so many popular implementations out there that get this kind of thing wrong shows a need for good documentation. This draft explains the problem, says clearly what needs to be done, and describes good and practical algorithms. And there's a survey of current implementations as a bonus in the appendix. This is exactly the kind of good quality information that the IETF needs to provide. - are you willing to work on the document? - do you think this should be done in 6man or elsewhere? cheers, Ole ------------------------------ Message: 4 Date: Thu, 07 Mar 2013 11:13:47 +0100 From: Simon Perreault <simon.perreault@viagenie.ca<mailto:simon.perreault@viagenie.ca>> To: Ole Troan <ot@cisco.com<mailto:ot@cisco.com>> Cc: ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Message-ID: <5138685B.4040603@viagenie.ca<mailto:5138685B.4040603@viagenie.ca>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Le 2013-03-07 11:09, Ole Troan a ?crit : > Simon, > >>> - Is there interest in working on it in 6man? >>> (if yes, you must be willing to contribute, if no, then say why) >> >> Yes. >> >> I think the document is very useful. The fact that there are so many popular implementations out there that get this kind of thing wrong shows a need for good documentation. This draft explains the problem, says clearly what needs to be done, and describes good and practical algorithms. And there's a survey of current implementations as a bonus in the appendix. This is exactly the kind of good quality information that the IETF needs to provide. > > - are you willing to work on the document? Yes. > - do you think this should be done in 6man or elsewhere? 6man Simon ------------------------------ Message: 5 Date: Thu, 07 Mar 2013 07:28:24 -0300 From: Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com>> To: Ole Troan <ot@cisco.com<mailto:ot@cisco.com>> Cc: ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Message-ID: <51386BC8.4090104@si6networks.com<mailto:51386BC8.4090104@si6networks.com>> Content-Type: text/plain; charset=ISO-8859-1 Ole, On 03/07/2013 07:09 AM, Ole Troan wrote: > > - are you willing to work on the document? I'm really curious about these questions. What does "working on a document" mean? For instance, it's probably the first time I see this question asked when polling the wg for support of a document. > - do you think this should be done in 6man or elsewhere? That aside, this document aims to update RFC 2460. Where else should that be done, if not in 6man?? Thanks, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com<mailto:fgont@si6networks.com> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 ------------------------------ Message: 6 Date: Thu, 07 Mar 2013 11:44:08 +0100 From: Simon Perreault <simon.perreault@viagenie.ca<mailto:simon.perreault@viagenie.ca>> To: Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com>> Cc: Ole Troan <ot@cisco.com<mailto:ot@cisco.com>>, ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Message-ID: <51386F78.8010203@viagenie.ca<mailto:51386F78.8010203@viagenie.ca>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Le 2013-03-07 11:28, Fernando Gont a ?crit : > What does "working on a document" mean? For instance, it's probably the > first time I see this question asked when polling the wg for support of > a document. It's common. I understand it to mean reviewing the draft, providing comments, etc. > That aside, this document aims to update RFC 2460. Where else should > that be done, if not in 6man?? That's a technicality. What's more important is that the relevant expertise is in 6man. Simon ------------------------------ Message: 7 Date: Thu, 7 Mar 2013 12:02:27 +0100 From: Ole Troan <ot@cisco.com<mailto:ot@cisco.com>> To: Simon Perreault <simon.perreault@viagenie.ca<mailto:simon.perreault@viagenie.ca>> Cc: Fernando Gont <fgont@si6networks.com<mailto:fgont@si6networks.com>>, ipv6@ietf.org<mailto:ipv6@ietf.org> Subject: Re: Next steps for draft-gont-6man-predictable-fragment-id Message-ID: <BE2D7D21-963F-4215-8389-0005064A6B7B@cisco.com<mailto:BE2D7D21-963F-4215-8389-0005064A6B7B@cisco.com>> Content-Type: text/plain; charset=iso-8859-1 Simon, >> What does "working on a document" mean? For instance, it's probably the >> first time I see this question asked when polling the wg for support of >> a document. > > It's common. I understand it to mean reviewing the draft, providing comments, etc. yes. >> That aside, this document aims to update RFC 2460. Where else should >> that be done, if not in 6man?? > > That's a technicality. What's more important is that the relevant expertise is in 6man. when this document was presented in 6man at IETF84, there were suggestions that a more generic document could be written. e.g. in intarea. I don't want us to end up with an RFC per field per protocol. there isn't an equivalent document for IPv4, right? there are other alternatives too, e.g. an errata to 2460, or an update to the nodes requirement document. cheers, Ole ------------------------------ _______________________________________________ ipv6 mailing list ipv6@ietf.org<mailto:ipv6@ietf.org> https://www.ietf.org/mailman/listinfo/ipv6 End of ipv6 Digest, Vol 107, Issue 9 ************************************
- Next steps for draft-gont-6man-predictable-fragme… Ole Troan
- RE: Next steps for draft-gont-6man-predictable-fr… Tina TSOU
- Re: Next steps for draft-gont-6man-predictable-fr… Simon Perreault
- Re: Next steps for draft-gont-6man-predictable-fr… Ole Troan
- Re: Next steps for draft-gont-6man-predictable-fr… Simon Perreault
- Re: Next steps for draft-gont-6man-predictable-fr… Fernando Gont
- Re: Next steps for draft-gont-6man-predictable-fr… Simon Perreault
- Re: Next steps for draft-gont-6man-predictable-fr… Ole Troan
- Re: Next steps for draft-gont-6man-predictable-fr… Fernando Gont
- Re: Next steps for draft-gont-6man-predictable-fr… Ole Troan
- Re: Next steps for draft-gont-6man-predictable-fr… Fernando Gont
- Re: Next steps for draft-gont-6man-predictable-fr… Juan Antonio Matos
- RE: Next steps for draft-gont-6man-predictable-fr… Will Liu (Shucheng)
- Re: Next steps for draft-gont-6man-predictable-fr… Arturo Servin
- RE: Next steps for draft-gont-6man-predictable-fr… RJ Atkinson
- RE: Next steps for draft-gont-6man-predictable-fr… Ronald Bonica
- RE: Next steps for draft-gont-6man-predictable-fr… Dmitry Anipko
- Re: Next steps for draft-gont-6man-predictable-fr… Mark Andrews
- Re: Next steps for draft-gont-6man-predictable-fr… Fernando Gont
- Re: Next steps for draft-gont-6man-predictable-fr… Tassos Chatzithomaoglou
- RE: Next steps for draft-gont-6man-predictable-fr… John Day
- RE: Next steps for draft-gont-6man-predictable-fr… John Day
- Re: Next steps for draft-gont-6man-predictable-fr… Simon Perreault
- RE: Next steps for draft-gont-6man-predictable-fr… Ronald Bonica
- Re: Next steps for draft-gont-6man-predictable-fr… Merike Kaeo