IETF Logo Mail Archive

Re: RA extension review requested for draft-wkumari-dhc-capport

Mark ZZZ Smith <markzzzsmith@yahoo.com.au> Tue, 17 March 2015 00:44 UTC

Return-Path: <markzzzsmith@yahoo.com.au>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1A681ACD86 for <ipv6@ietfa.amsl.com>; Mon, 16 Mar 2015 17:44:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.499
X-Spam-Level:
X-Spam-Status: No, score=-0.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_REPLYTO=0.999, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nb_id-usnoAv for <ipv6@ietfa.amsl.com>; Mon, 16 Mar 2015 17:44:13 -0700 (PDT)
Received: from nm50-vm0.bullet.mail.ne1.yahoo.com (nm50-vm0.bullet.mail.ne1.yahoo.com [98.138.121.144]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2576E1A1BEC for <ipv6@ietf.org>; Mon, 16 Mar 2015 17:44:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com.au; s=s2048; t=1426553052; bh=o1nYfiDSctk+wdpGnebV7LS/J78gSPT1MPjMz+/8HnY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:From:Subject; b=VNrp3yvOASWvthPQkcaFIBapGB+ZB2mBk7W8sNrCKmbmQb6UTgTDZb1pohPsQUTagkXmStVr7ax+oWSU144j8NmKhXRMnIFOF0VHLGubx8bwZBpSYF/JkQDNNpDMV0SaCb/q4U31y+FW42U2BQ3jYM3Boo/ZANrSANqN5swlrrWkQTsCfY5/+3EX+kElziRUkaIpUujLAGX49raLGraWrO8BRdjZsWHQQ/IF4wOJhOK5ZtFzGdd54ngQyhklNaoEglwdNy2CZZ1hBZWtiibW2n5SnkJQ6xlyesjNKgD271FkWDcntFfXQjgm90s8EpBItel9na8wh3l4qbOcDjwhzg==
Received: from [127.0.0.1] by nm50.bullet.mail.ne1.yahoo.com with NNFMP; 17 Mar 2015 00:44:12 -0000
Received: from [98.138.100.115] by nm50.bullet.mail.ne1.yahoo.com with NNFMP; 17 Mar 2015 00:41:12 -0000
Received: from [98.139.215.140] by tm106.bullet.mail.ne1.yahoo.com with NNFMP; 17 Mar 2015 00:41:12 -0000
Received: from [98.139.212.215] by tm11.bullet.mail.bf1.yahoo.com with NNFMP; 17 Mar 2015 00:41:12 -0000
Received: from [127.0.0.1] by omp1024.mail.bf1.yahoo.com with NNFMP; 17 Mar 2015 00:41:12 -0000
X-Yahoo-Newman-Property: ymail-4
X-Yahoo-Newman-Id: 264254.48726.bm@omp1024.mail.bf1.yahoo.com
X-YMail-OSG: FXO0gYYVM1mytCu5TL54a44paGUpTIHmpLQg6apXc3AVLKK0SSdBnS5MRjKwlD6 yI2hMdSjVNmWcdrXeWUskNslENT5SyzrwHYrco_9PVwoV9I4uHbR8ihuq0IPiYKoGV2dIOduKtpG zPmZ82xpEIAZgrHiRljgAWeAESRyd8vrcJj.6mzfLkBq4ScK3a82gWi_iHtz6L1pFbdvsUQXmCzt d9yxMNOHhn6LZiAUlrbBBbcwqYP_ET5nZQCMkLe9wEhCRiFbbMHNCd0AQbP1SDMWtl_U0ABXcHgc chwIwzDLc.3cP8ZOhX25JR9PreY9.PY5PIZ77rayX3.quc6HWzbmNtFHCm46P1NAFY_MfGEFADpm uCW.y02Ab6Mb3Kfq21jmj39Z4IaDGhHyiDG.iGwCCVSgWFE9hu7SAb_Nq_Zc777JPpIuZWH9Ao2G XQJtst_pAzxwP_vjfWz1yKQ.ETpj35GnmEfq0C.fVb5iNsKIg4hFTXp6KE4KDafvmC_V6WxB8jfz h0uZR2AHBzewsqcgW7FL6xWGdgz.cF7BbYMFBYiFdt9bp2EPbrmkNNUW_
Received: by 76.13.26.109; Tue, 17 Mar 2015 00:41:11 +0000
Date: Tue, 17 Mar 2015 00:41:04 +0000
From: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
To: Ted Lemon <Ted.Lemon@nominum.com>
Message-ID: <1462886431.1057932.1426552864933.JavaMail.yahoo@mail.yahoo.com>
In-Reply-To: <845DFCA3-7CF9-4813-ACC2-9387B90FAFDC@nominum.com>
References: <845DFCA3-7CF9-4813-ACC2-9387B90FAFDC@nominum.com>
Subject: Re: RA extension review requested for draft-wkumari-dhc-capport
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/cwyyo9DYEHfro0M8PMYy-eQWlpM>
Cc: IPv6 List <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Mar 2015 00:44:14 -0000

Hi Ted,



Sorry not to get back to you sooner.
----- Original Message -----
From: Ted Lemon <Ted.Lemon@nominum.com>
To: Mark ZZZ Smith <markzzzsmith@yahoo.com.au>
Cc: Bob Hinden <bob.hinden@gmail.com>; IPv6 List <ipv6@ietf.org>
Sent: Friday, 6 March 2015, 0:08
Subject: Re: RA extension review requested for draft-wkumari-dhc-capport

> o that the receiving device is single homed, downstream of the IPv6 router/DHCPv6 server supplying the Captive Portal option

I raised the same issue with multiple interfaces in my doc shepherd review, and the new version addresses that point; I'd be curious to know if you have additional text to suggest, or if you are satisfied with the changes.


/ That wasn't obvious to me, and I find that the abstract and introduction, which set the context for the rest of the document, implied to me that the device was single homed by using the term "behind" (I'd even interpret that a multihomed device being described as "behind" a captive portal means that all of its interfaces are downstream of the captive portal).

> o the protocol being used for the reachability status and Captive Portal is HTTP (hence supplying a URI)

URIs are not http-only, although I tend to agree that http is the likely transport.

/ My first concern was that encoding URIs in RAs means that this option could be pretty large.


/ I'm also of the view that RAs should only contain subnet specific network layer configuration information, as I described in section 2, "Internet Transparency and Application Configuration" of "IPv6 CE Device DHCPv6 Option Transparency" (https://tools.ietf.org/html/draft-smith-v6ops-ce-dhcpv6-transparency-00#section-2). I think describing a limited network reachability prefix via RA options to a host, and then letting the host decide what to do with that information is consistent with using RAs to describe subnet specific network layer configuration information.

/ More basically, I think encoding application or application class parameters in RAs is a layer violation.
/ I think DHCPv6 is a better place for larger options that are application specific or application-class specific (i.e., layer 4+ options), such as URIs.

> o that the receiving device provides a quite capable interactive user interface where text/numbers can be entered (e.g., computer screen/a web browser). 

I think the answer here is that the receiving device will likely only be able to authenticate to the captive portal if it has a UI or else if some new mechanism is provided that supports automatic authentication.   However, the target for this particular document is devices with user interfaces, not IoT devices, so I think within that realm we are okay.   Perhaps the document should be clearer on this point.

I think that the amount of work that would be required to define a mechanism for automatic authentication is really substantial, and would have limited value: we don't even know if captive portal folks will implement this very simple mechanism.   So I think that should be out of scope for this document.   The presence of the URI option already indicates that a captive portal is present, so IoT devices that recognize this option can avoid using the captive interface.

/ It seems to me that solutions to problems should be made as general as possible. In this case, I think there are really two problems (a) indicating to a device that one of its interfaces has limited reachability (which may be its only external interface) and (b) indicating to the device operator that their is limited reachability and possibly providing methods of resolving that if desired. They seem to me to be separate problems that are occurring at different layers in the stack.

I think the discussion of multipath and other mechanisms is also out of scope, and is more appropriate in the context of multiple provisioning domains.   If you are interested in that topic, it's being worked on in the MIF working group.   The latest version of Android has a preliminary implementation of what is described in the MPvD architecture document (http://datatracker.ietf.org/doc/draft-ietf-mif-mpvd-arch/
).


/ I haven't really had time to look at the MIF work although it interests me. One perspective is that a single interface host could be considered to be a special case of a multiple interface  host (although if you include loopback, most if not all hosts are multihomed), so if MIF solve this problem for multiple interface hosts then the solution would also be applicable to single interface hosts.


Regards,
Mark.

v2.23.0 | Report a Bug | By Email