Re: Review of draft-ietf-6man-rfc4941bis-01
Fernando Gont <fgont@si6networks.com> Tue, 09 July 2019 01:40 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9B1F1200E6; Mon, 8 Jul 2019 18:40:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HaG5ijq1JKdS; Mon, 8 Jul 2019 18:40:07 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BE5C120091; Mon, 8 Jul 2019 18:40:04 -0700 (PDT)
Received: from [192.168.1.16] (unknown [41.143.218.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 4A9FB82ED8; Tue, 9 Jul 2019 03:40:00 +0200 (CEST)
Subject: Re: Review of draft-ietf-6man-rfc4941bis-01
To: Christian Huitema <huitema@huitema.net>, IETF IPv6 Mailing List <ipv6@ietf.org>, draft-ietf-6man-rfc4941bis@ietf.org, "6man@ietf.org" <6man@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
References: <97eb8994-c56e-beba-98d5-19d9f2de3e0d@huitema.net>
From: Fernando Gont <fgont@si6networks.com>
Openpgp: preference=signencrypt
Autocrypt: addr=fgont@si6networks.com; prefer-encrypt=mutual; keydata= mQINBE5so2gBEACzBQBLUy8nzgAzSZn6ViXT6TmZBFNYNqTpPRvTVtUqF6+tkI+IEd9N2E8p pXUXCd0W4dkxz6o7pagnK63m4QSueggvp881RVVHOF8oTSHOdnGxLfLeLNJFKE1FOutU3vod GK/wG/Fwzkv9MebdXpMlLV8nnJuAt66XGl/lU1JrNfrKO4SoYQi4TsB/waUQcygh7OR/PEO0 EttiU8kZUbZNv58WH+PAj/rdZCrgUSiGXiWUQQKShqKnJxLuAcTcg5YRwL8se/V6ciW0QR9i /sr52gSmLLbW5N3hAoO+nv1V/9SjJAUvzXu43k8sua/XlCXkqU7uLj41CRR72JeUZ4DQsYfP LfNPC98ZGTVxbWbFtLXxpzzDDT8i3uo7w1LJ2Ij/d5ezcARqw01HGljWWxnidUrjbTpxkJ9X EllcsH94mer728j/HKzC9OcTuz6WUBP3Crgl6Q47gY5ZIiF0lsmd9/wxbaq5NiJ+lGuBRZrD v0dQx9KmyI0/pH2AF8cW897/6ypvcyD/1/11CJcN+uAGIrklwJlVpRSbKbFtGC6In592lhu7 wnK8cgyP5cTU+vva9+g6P1wehi4bylXdlKc6mMphbtSA+T3WBNP557+mh3L62l4pGaEGidcZ DLYT2Ud18eAJmxU3HnM8P3iZZgeoK7oqgb53/eg96vkONXNIOwARAQABtCVGZXJuYW5kbyBH b250IDxmZ29udEBzaTZuZXR3b3Jrcy5jb20+iQJBBBMBAgArAhsjBQkSzAMABgsJCAcDAgYV CAIJCgsEFgIDAQIeAQIXgAUCTmylpQIZAQAKCRCuJQ1VHU50kv7wD/9fuNtTfxSLk3B3Hs3p ixTy8YXVjdkVwWlnJjFd7BOWmg7sI+LDhpjGfT6+ddOiwkumnvUZpObodj4ysH0i8c7P4C5t F9yu7WjklSlrB5Rth2CGChg5bKt541z2WHkFFxys9qBLmCSYDeKQkzLqhCjIUJizY2kOJ2GI MnSFDzJjhSFEh//oW830Y8fel1xnf/NVF+lBVtRMtMOfoWUqDjvP3sJ1G4zgkDCnF0CfncLx +hq2Mv26Uq9OTzvLH9aSQQ/f067BOkKAJKsfHdborX4E96ISTz57/4xECRSMr5dVsKVm4Y// uVIsb+L5z+a32FaiBZIAKDgnJO7Z8j6CV5e5yfuBTtX52Yi9HjYYqnYJGSDxYd6igD4bWu+7 xmJPHjkdqZgGV6dQIgiUfqkU+s5Cv350vK48CMaT/ZLo2BdsMhWsmaHmb+waePUMyq6E4E9x 9Js+EJb9ZiCfxS9exgieZQpet1L36IvhiwByvkQM009ywfa30JeMOltUtfLi5V06WQWsTzPL 5C+4cpkguSuAJVDTctjCA0moIeVDOpJ8WH9voQ4IeWapQnX35OIoj1jGJqqYdx65gc1ygbyx b8vw+pJ9E5GLse5TQnYifOWpXzX9053dtbwp/2OVhU4KLlzfCPCEsoTyfu9nIZxdI2PMwiL5 M85BfjX4NmwBLmPGoLkCDQRObKNoARAAqqXCkr250BchRDmi+05F5UQFgylUh10XTAJxBeaQ UNtdxZiZRm6jgomSrqeYtricM9t9K0qb4X2ZXmAMW8o8AYW3RrQHTjcBwMnAKzUIEXXWaLfG cid/ygmvWzIHgMDQKP+MUq1AGQrnvt/MRLvZLyczAV1RTXS58qNaxtaSpc3K/yrDozh/a4pu WcUsVvIkzyx43sqcwamDSBb6U8JFoZizuLXiARLLASgyHrrCedNIZdWSx0z0iHEpZIelA2ih AGLiSMtmtikVEyrJICgO81DkKNCbBbPg+7fi23V6M24+3syHk3IdQibTtBMxinIPyLFF0byJ aGm0fmjefhnmVJyCIl/FDkCHprVhTme57G2/WdoGnUvnT7mcwDRb8XY5nNRkOJsqqLPemKjz kx8mXdQbunXtX9bKyVgd1gIl+LLsxbdzRCch773UBVoortPdK3kMyLtZ4uMeDX3comjx+6VL bztUdJ1Zc9/njwVG8fgmQ+0Kj5+bzQfUY+MmX0HTXIx3B4R1I1a8QoOwi1N+iZNdewV5Zfq+ 29NlQLnVPjCRCKbaz9k6RJ2oIti55YUI6zSsL3lmlOXsRbXN5bRswFczkNSCJxJMlDiyAUIC WOay7ymzvgzPa+BY/mYn94vRaurDQ4/ljOfj6oqgfjts+dJev4Jj89vp8MQI3KJpZPEAEQEA AYkCJQQYAQIADwUCTmyjaAIbDAUJEswDAAAKCRCuJQ1VHU50km4xEACho45PZrUjY4Zl2opR DFNo5a6roTOPpgwO9PcBb3I5F8yX2Dnew+9OhgWXbBhAFq4DCx+9Gjs43Bn60qbZTDbLGJ/m 8N4PwEiq0e5MKceYcbetEdEUWhm5L6psU9ZZ82GR3UGxPXYe+oifEoJjOXQ39avf9S8p3yKP Diil0E79rn7LbJjMcgMLyjFg9SDoJ6pHLtniJoDhEAaSSgeV7Y745+gyMIdtQmrFHfqrFdjq D6G0HE+Z68ywc5KN67YxhvhBmSycs1ZSKAXv1zLDlXdmjHDHkU3xMcB+RkuiTba8yRFYwb/n j62CC4NhFTuIKOc4ta3dJsyXTGh/hO9UjWUnmAGfd0fnzTBZF8Qlnw/8ftx5lt4/O+eqY1EN RITScnPzXE/wMOlTtdkddQ+QN6xt6jyR2XtAIi7aAFHypIqA3lLI9hF9x+lj4UQ2yA9LqpoX 6URpPOd13JhAyDe47cwsP1u9Y+OBvQTVLSvw7Liu2b4KjqL4lx++VdBi7dXsjJ6kjIRjI6Lb WVpxe8LumMCuVDepTafBZ49gr7Fgc4F9ZSCo6ChgQNLn6WDzIkqFX+42KuHz90AHWhuW+KZR 1aJylERWeTcMCGUSBptd48KniWmD6kPKpzwoMkJtEXTuO2lVuborxzwuqOTNuYg9lWDl7zKt wPI9brGzquUHy4qRrA==
Message-ID: <1b2c0407-5c90-c32e-79a6-22d3632a7452@si6networks.com>
Date: Tue, 09 Jul 2019 02:31:32 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <97eb8994-c56e-beba-98d5-19d9f2de3e0d@huitema.net>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/dmgw52k5Pfe-RJ5dLQHUiiyzxkY>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jul 2019 01:40:12 -0000
Hello, Christian, I've already applied some of your suggestions. But while going through your feedback once again (to double-check), I had the following questions: On 29/3/19 10:01, Christian Huitema wrote: > This is my review of draft-ietf-6man-rfc4941bis-01, as promised in the > WG session. > > I think the draft is almost ready, but I would like to see a couple of > changes: > > 1) Simplify the IID generation spec by treating the "hash based" > generation as just an alternative PNRG. You mean merging the two subsections? Changing the title of the subsections? Something else? > 2) Discuss the temporary address life time and what to do when > "quickly" reconnecting to the network that the node just left. What we have done so far is to say that you should regenerate the addresses when attaching to a new (different) link. The details are left rather unspecified -- although we do point to DNAv6 as a hint on how to detect a different link. Quick reconnection to the same link, as per the current spec, should not cause changes. > 3) Simplify the discussion of the DNS reverse tree by just stating > that temporary addresses should not be registered in that tree, > and that applications subject to address control should just use > static address. I would most likely agree with you. Although one could also envision an SMTP MTA that employs temporary addresses when relaying email. > I would also like to discuss the use case of "different temporary > addresses for different application contexts", but I suspect > this would have to be done in a different draft. I agree in that I'd like this to be discussed, and also that it should be discussed in a different draft. > > Detailed comments follow. > > Section 2.1 discusses a list of ways users and devices can be tracked. > I assume this is intended to motivate the need for temporary addresses, > but I when reading it I was wandering how much text we really need here. > For example, there is a discussion of web cookies, but no discussion > of other tracking techniques such as finger printing. But then, there > is no way to provide an extensive list of such tracking methods, you > would need to write a book. The real point is that addresses allow > "chained tracking": tracker uses a cookie to link a newly appearing > address to an existing identity; the address now becomes a tracked > address; tracker now uses the tracked address to correlate activities. > Defeating that requires frequent address rotation. Maybe we should > say something about this requirement. You mean about this example, or about the reuse of an address in different contexts? > > Section 2.2 discusses the use of the same address in multiple > contexts, when the same node is used as client and as server. > Then, there are p2p connections such as web RTC, which have > properties of clients or servers. The consequence there is the > need for multiple temporary addresses per host, so as to not need > sharing an address between multiple contexts. This leads to "one > address per service", or maybe "one address per container". > > Do we really want to discuss that, or should we just keep the > motivation to a minimum, and concetrate on how to acquire > temporary addresses? I think this is stuff worth exploring, but that should be left for a separate document. Once you start exploring it, you probably also need to think about an API, and other details -- all of which would be really out of the scope of this rfc4941bis which we're working on to address flaws/shortcomings in rfc4941/implementations. [....] > I am not sure that we need to distinguish between generating > IID with a PRNG (section 3.2.1) and with a hash function > (section 3.2.2). At some level, the hash function is just > a different way to build a PNRG. In both cases, you get > a random string of bits, and then you have to use DAD and > test for uniqueness. But then, if my purpose is to use a > hash function as a PNRG, then hash(random secret, counter++) > would work just as well as the complex generation presented > in 3.2.1. My suggestion is to combine the two sections, and > present the hash as just an alternative way to obtain random > numbers, e.g. on devices that do not have access to a good > PRNG. Point taken. WIll do. > Section 3.3 discusses generation of temporary addresses. > The trigger event appears to be, learning a new prefix > in a new RA. That's fine, but that's not the only case: > another trigger could be, bringing up an application > that requires a separate address context. My take is that 4941bis will address the default case where you have one temp address per prefix. For cases such as the one you describe, much more work is needed. e.g., APIs and associated semantics for requesting a new address, removing the address, etc. > Section 3.3 discusses the life time of addresses. There is > a related question of intermittent connectivity. Suppose > a node oscillates between two access points A and B. > Should it get a new set of addresses each time it goes > back to A, or just reuse the address it was using a few > seconds before? I think in that case, the appropriate thing is to generate a new one. i.e., there's a difference between link down/up events (which should not regenerate addresses), and roaming across networks (which, no matter how fast you do it, should lead to new addresses) > Section 4 describes the potential need for registration of > a PTR record for the temporary address. That seems really > counter productive. I wonder about the statement that > "Some servers refuse to grant access to clients for which no > DNS name exists." Isn't it the case that applications in > that category should just use the non-temporary address? > SMTP MTA for example may want to do that; I don't know > many other applications with that constraint. Well, an MTA *might* want to use temporary addresses for relaying mail. I'm not saying this does happen nowadays, but I see the value in it. Thanks! Cheers, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- Review of draft-ietf-6man-rfc4941bis-01 Christian Huitema
- Re: Review of draft-ietf-6man-rfc4941bis-01 Fernando Gont
- Re: Review of draft-ietf-6man-rfc4941bis-01 Christian Huitema
- Re: Review of draft-ietf-6man-rfc4941bis-01 Fernando Gont