IETF Logo Mail Archive

Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>

神明達哉 <jinmei@wide.ad.jp> Fri, 13 May 2016 17:55 UTC

Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4750312D647 for <ipv6@ietfa.amsl.com>; Fri, 13 May 2016 10:55:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.4
X-Spam-Level:
X-Spam-Status: No, score=-2.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ffja_EeTQFXN for <ipv6@ietfa.amsl.com>; Fri, 13 May 2016 10:55:17 -0700 (PDT)
Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F11412D0C3 for <ipv6@ietf.org>; Fri, 13 May 2016 10:55:17 -0700 (PDT)
Received: by mail-io0-x22a.google.com with SMTP id 190so142165119iow.1 for <ipv6@ietf.org>; Fri, 13 May 2016 10:55:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=ZbxMG3cU9Fsx9zI/FdPcRZInqjCeePMHhWFruNd066I=; b=0xOfbYi0pFzcPv66oirmdPqRGjSy1VbgFczhADw4Tsu8dJ/V55RsesXK1gn/zQdn7W b93RU3tAJpu9iX7rRq2bpMrBeiOnZ0dTVRj0myBZ4G4mZU105qPkusXHQ9h2giVvvsK0 C/gmF+Cc4w6RTKUqAV9KEjdkMJhjBFFsCdBOb079zJUL2Aj3EFipywvzF4uBt0qupv/u 0UVjHoOvoAcoKI1zFVrJ+yj9KBFobYh1bm+nt/tppX1/lPvuUAvLhVosGlqc38K03aPI 02u+X2/zQ2U0OVZIuUcETp3P8YfgSGjVMjlBlRcdNxeLdH2i59DXlPrukcRoMsD3vEkP IzdA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=ZbxMG3cU9Fsx9zI/FdPcRZInqjCeePMHhWFruNd066I=; b=hUkplpCZSX0mftD3pN8eOJmOBvuNnGWasFjW5+k0z+oDxhVhdPBfuBVHdWCLCfXRCP VWjsFo41nkpR4prRbk4bLWE+f9mkjtU5mtAJr0+7w9RLiStjrbMwUhW93u6E+a41RHUV bjqcu3Kg3P0jub7C6S5qDyhLohYjlFadZcJfB6iryNKx83FfOyhrl72l1nQqN701wmUK 77RVRzsKjf//eeRq4LDEGFOebMXCrerwS3YRJ211pPkpu5KL98w9CvT21fJSk9Goydov hIjj5IavkFRW3+Gm4cfVuTCwwbovNuS0Y/I6E4gtrtXFcyq8zoBykIq1tkdrecNu+/Um vZpg==
X-Gm-Message-State: AOPr4FUCaHDngPt6klRYs3KJB2Vl8ewY4pJWxrYUg4A/69u3+M1X0bm1dO+CHqRsME3pHUZ1ZnrBUGqFupcjTw==
MIME-Version: 1.0
X-Received: by 10.107.35.66 with SMTP id j63mr13934906ioj.4.1463162116408; Fri, 13 May 2016 10:55:16 -0700 (PDT)
Sender: jinmei.tatuya@gmail.com
Received: by 10.107.19.218 with HTTP; Fri, 13 May 2016 10:55:16 -0700 (PDT)
In-Reply-To: <89CA2C18-AE61-4D40-8997-221201835944@gmail.com>
References: <20160428004904.25189.43047.idtracker@ietfa.amsl.com> <89CA2C18-AE61-4D40-8997-221201835944@gmail.com>
Date: Fri, 13 May 2016 10:55:16 -0700
X-Google-Sender-Auth: AjFWAI6NOMzbrBjS07kH_fEqgWI
Message-ID: <CAJE_bqdZ_D7jsDdWQ2FJpLH9cXveYfcye0W2J_mSi-7bYBrOKA@mail.gmail.com>
Subject: Re: 6man w.g. last call for <draft-ietf-6man-default-iids-11.txt>
From: 神明達哉 <jinmei@wide.ad.jp>
To: Bob Hinden <bob.hinden@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/b1-TWV5w4syQpS7sxAEZeM6_tq4>
Cc: IPv6 List <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 May 2016 17:55:19 -0000

At Wed, 11 May 2016 20:19:01 -0700,
Bob Hinden <bob.hinden@gmail.com> wrote:

>        Title           : Recommendation on Stable IPv6 Interface Identifiers
>        Authors         : Fernando Gont
>                          Alissa Cooper
>                          Dave Thaler
>                          Will Liu
>     Filename        : draft-ietf-6man-default-iids-11.txt
>     Pages           : 23
>     Date            : 2016-04-27
>
>         https://tools.ietf.org/html/draft-ietf-6man-default-iids-11
>
> as a Proposed Standard.  Substantive comments and statements of support for publishing this document should be directed to the mailing list.  Editorial suggestions can be sent to the authors.  This last call will end on 25 May 2016.

I've read version 11 of the document.  Personally I don't have a
strong objection to publishing it, but, if I understand the past
concerns correctly, I suspect this version don't fully address them.
I also have one non-trivial point, which I would like to be address
before publication.

If my understanding is correct, one major concern raised in the past
was that some implementors may simply not see the need for the
stability and just want to address the security/privacy issues in a
different way (such as just using randomized link-layer addresses).  I
don't have a strong opinion on this particular concern myself, but I
see the point of such concerns.  If the intent of this document is not
to refuse the concern (which I'm not sure about), the current tone
still seems to be too normative.  Again, I'm not sure if the intent is
to address the concern, but if it is, I think something like the
following will be necessary:

- clarify that this recommendation is only for environments where
  address stability is needed
- clarify that this document assumes "link layer addresses" are
  something permanent, such as MAC addresses that don't change
  throughout the lifetime of the node using the hardware
- update the requirement level and wording to existing RFCs.  For
  example, replaced text for RFC2462 provided in Section 6.1

   The Interface Identifier [AARCH] for an Ethernet interface MUST be
   generated as specified in [RFCXXXX].

  is probably too strong, since this would invalidate any
  implementation that doesn't implement or use RFCXXXX.  The same
  sense of comment applies to all similar changes.

And, one other point I want to be addressed: in Section 4 it states:

   By default, DHCPv6 server implementations SHOULD NOT generate
   predictable IPv6 addresses (such as IPv6 addresses where the IIDs are
   consecutive small numbers).  [I-D.ietf-dhc-stable-privacy-addresses]
   specifies one possible algorithm that could be employed to comply
   with this requirement.  Another possible algorithm would be to select
   a pseudo-random value chosen from a discrete uniform distribution,
   while avoiding the reserved IPv6 Interface Identifiers [RFC5453]
   [IANA-RESERVED-IID].

 I suggest just removing the second sentence.
 ietf-dhc-stable-privacy-addresses is not a dhc wg item anymore due to
 some controversy, and it's not clear what will happen to its
 successor in the form of individual submission:
 draft-gont-dhcpv6-stable-privacy-addresses-01
 Since this sentence is only to show an example, just showing the
 "another possible algorithm" would suffice.

Finally, one minor editorial nit: in section 6.14

   for instance, using a method described in [8], to autoconfigure one
   or more global unicast addresses.

there should be a 'cut here' line after this text.

--
JINMEI, Tatuya

v2.23.0 | Report a Bug | By Email