IETF Logo Mail Archive

Re: New Version Notification for draft-troan-6man-universal-ra-option-03.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 07 October 2020 20:01 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1607E3A132E for <ipv6@ietfa.amsl.com>; Wed, 7 Oct 2020 13:01:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.311
X-Spam-Level:
X-Spam-Status: No, score=-2.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.213, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fvVIE-Xg16-2 for <ipv6@ietfa.amsl.com>; Wed, 7 Oct 2020 13:01:43 -0700 (PDT)
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A51F3A132F for <ipv6@ietf.org>; Wed, 7 Oct 2020 13:01:43 -0700 (PDT)
Received: by mail-pl1-x634.google.com with SMTP id bb1so1570428plb.2 for <ipv6@ietf.org>; Wed, 07 Oct 2020 13:01:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=nksnTc+bp5aaSr/TqGVts1iWcvkmoYgCRp+IBfcbvWk=; b=Q0yDbVq2OD5hI2dEmoCmKAD5Lj7I9aphGJAYnkZIYNFufztMKfL4L3nCn0+DtNOxRI ckUfSPrk7a1RFWhtz/Eg/wxyjIHGx916ClgLqWIbHeSwPJj/6S85lG3dUYELPCBvhmkO 42t2KIE4VdMkWn4bxNElN8CSAPgQkK8FD9wEqXGNGVw6yV11QUpz8pxqbYgyFuQDqDjS i9F3FodDO3QH9tI0hUQvTT62wO9R3xpAbY4Iq1E7VscDRHOVCzAthxsASsqOwV2Ptn/X q1dTFJE5w5/Im7hNmp5vPFnGNuXV7ejcv78ZAqkRJJN06aY1UwUqDWW3/CFZOhYHt9yY cdDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=nksnTc+bp5aaSr/TqGVts1iWcvkmoYgCRp+IBfcbvWk=; b=eZLf/gX1KUiFVwfcwWSWhp28P/fThhq0LrYFPABBLrPHH9OqF9PLWMFwubBht5ibQ9 aqrw0/Gcg/CQPG28P9LSzlrnFPeCJUtIj5tIWV/AJ3nj7VCS05wTI3SDOBSTz+SXSJ8p 8tnTskWJWSTvJ4rlTUoEgry8XheSVEdthkMD/T1waACE7WJHJNCHwXymm1hTLgbW/ajH wS3zTvMXdTZFD7BP0xIW0Q5i1gKenhMq5OdWopWxcAwtR059y6FK1pWhsQmbn+RLLmp1 Apa1rqJpwZuWWU3w8n+fZCkH+nswiSedfGrn8aqSHwZOMAKx5zEdvoAwRPkOgE+sV+tF quzw==
X-Gm-Message-State: AOAM533g2rXY8FQEax0yCHl9DzbgwND3TN6Gf6emUeJvpCu6Y2R7ozFT 0YTzJ8MaeJIRWzLi9vAOp8O1sHOgTHuaTQ==
X-Google-Smtp-Source: ABdhPJzQ1zebOPBbY/SQWC66zmew189TFFFrN1cd1osxkqzjN8WMOZ++1OoeFPSH8gBcv+e6LRtLAw==
X-Received: by 2002:a17:902:aa44:b029:d3:8b4f:5083 with SMTP id c4-20020a170902aa44b02900d38b4f5083mr4157506plr.78.1602100902154; Wed, 07 Oct 2020 13:01:42 -0700 (PDT)
Received: from [192.168.178.20] ([151.210.138.136]) by smtp.gmail.com with ESMTPSA id 9sm4124090pfx.138.2020.10.07.13.01.39 for <ipv6@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Oct 2020 13:01:40 -0700 (PDT)
Subject: Re: New Version Notification for draft-troan-6man-universal-ra-option-03.txt
To: ipv6@ietf.org
References: <160201571921.22183.2288394613501535041@ietfa.amsl.com> <FAA42031-FAF9-4F1E-A702-3B4F27375F4F@employees.org> <m1kQ8qM-0000FiC@stereo.hq.phicoh.net> <066A5931-E009-4610-B679-86A8F495A131@employees.org> <m1kQ9tr-0000KEC@stereo.hq.phicoh.net> <9FB26236-5D9F-433C-8B79-B17F6D337664@employees.org>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <818fb13b-5ddd-be02-40f4-e7f395c0bcca@gmail.com>
Date: Thu, 08 Oct 2020 09:01:37 +1300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <9FB26236-5D9F-433C-8B79-B17F6D337664@employees.org>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/UGTElja8Hcppu-tSDfqDdc0qAhI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2020 20:01:45 -0000

On 08-Oct-20 03:47, otroan@employees.org wrote:
> Philip,
> 
>>> The idea of the encoding is to use a higher level more modern level
>>> abstraction.  Parsing implementation would be done once for all
>>> possible options, and most likely an implementor of the general
>>> option could use existing libraries for that.
>>
>> This means extra code which could be an issue for embedded systems. For 
>> systems that process RAs in the operation system kernel, this may mean linking
>> with a library that potentially causes remotely expoitable security holes.
> 
> The CBOR parser is quite simple. Having one parser for all options is possibly more efficient that having to parse each option separately with it's different representations of IPV6 prefixes etc. Same thing might apply security wise too, although allowing for passing "anything" might also open new security issues in implementation.

I think it's worth re-reading the Abstract of the CBOR spec:

   The Concise Binary Object Representation (CBOR) is a data format
   whose design goals include the possibility of extremely small code
   size, fairly small message size, and extensibility without the need
   for version negotiation.

That's why future embedded systems are highly likely to include a CBOR
encoder/decoder anyway, and as anyone who has used them knows, cbor
loads() and dumps() make life very easy for the programmer.

(I happen to have written a Python package to simulate loads() and dumps() 
for TLVs. That made it possible to play with a direct comparison between
coding a CBOR application or a TLV application for the same purpose.
If you care, https://github.com/becarpenter/tlv )

>>> So while the work of supporting the option infrastructure in itself
>>> is more work than the simple TVL option, 

I'm not sure that's even true.

>>> adding new data to the
>>> option has very little overhead.  The architectural change that
>>> this brings, is that no longer is changes to router operating
>>> systems or the host stack kernel required.  
>>
>> I don't think something like CBOR is required for this. A router can have
>> a setup where an external service supplies options. 
>>
>> The DHCP world never felt the need to come up with a high level encoding and
>> DHCP has a huge number of options.
> 
> No, CBOR isn't required. The original proposal was to carry text encoded JSON objects.
> The previous discussions on this draft resulted in CBOR as a more effective encoding.

Which supports JSON trivially, if needed.

    Brian

> Using CDDL also gives us a modelling language.
> 
>>
>>>> However, the complete syntax for an option still needs the names of fields,
>>>> use of arrays and dicts, etc.
>>>
>>> Right, that's modelled in CDDL in the IANA registry.
>>
>> I don't think it is progress to publish protocols in the IANA registry.
>> The IANA registry should be for code points (private or public) and data
>> extracted from RFCs.
>>
>> I think it would be really bad if IANA would be the sole place where 
>> essential RAs options are decribed. 
> 
> It depends.
> If I develop an application that just needs a configuration option from the network, then fine.
> Like e.g. the boot URL option that's been suggested in 6man.
> If it's an option that revamps the behaviour of the whole host stack, whatever that would be, perhaps not.
> 
>>
>>> Why would an option be "standards track"? Nothing prohibiting
>>> standards track for a universal configuration option either, but
>>> the proposal here is that only expert review is required to define
>>> new options.
>>
>> To give a couple of examples:
>> 1) For some reason we don't have a DHCPv6 option for default router. This is
>>   commonly requested, is not a particularly complex option, and DHCPv6 
>>   has plenty of code points. This is a discussion we should have out in the
>>   open, but as some expert review for an IANA registry.
>>
>> 2) We have a DHCPv6 IA_PD with poorly defined semantics. Again, a simple
>>   option but with complex semantics. This is again a case where we should
>>   have a public discussion.
>>
>> 3) We had an endless discussion about an 'IPV4-only' option. Again this 
>>   requires more discussion than just a bit of expert review.
>>
>> I think that all options that we want to rely on in other RFCs should be
>> standards track. Yes, if some vendor has a private light bulb protocol, it
>> should be easy to get a code point for that. But anything that is required
>> for most routers or hosts should have rough consensus.
> 
> This option would resolve all those discussions. It's partly a proposal to free all the time spent on 6man solutions. ;-)
> (only partly tongue in cheek).
> 
> Best regards,
> Ole
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
> .
>

v2.23.0 | Report a Bug | By Email