Re: rfc2460bis and Frag ID generation
Fernando Gont <fgont@si6networks.com> Thu, 04 February 2016 19:37 UTC
Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55E431ACD39 for <ipv6@ietfa.amsl.com>; Thu, 4 Feb 2016 11:37:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bc0VcsWTWpux for <ipv6@ietfa.amsl.com>; Thu, 4 Feb 2016 11:37:19 -0800 (PST)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D68F1ACE38 for <6man@ietf.org>; Thu, 4 Feb 2016 11:37:19 -0800 (PST)
Received: from [192.168.3.107] (unknown [181.165.125.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id B5C34206ABF; Thu, 4 Feb 2016 20:37:16 +0100 (CET)
Subject: Re: rfc2460bis and Frag ID generation
To: Bob Hinden <bob.hinden@gmail.com>
References: <56B39FB8.4090604@si6networks.com> <6EF1C55C-FE16-4019-A6C9-6AD67DA42E84@gmail.com>
From: Fernando Gont <fgont@si6networks.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <56B3A84C.3090307@si6networks.com>
Date: Thu, 04 Feb 2016 16:36:44 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <6EF1C55C-FE16-4019-A6C9-6AD67DA42E84@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/dugzm_8vQRrorjDkvL3M8Tf5_NU>
Cc: "6man@ietf.org" <6man@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Feb 2016 19:37:21 -0000
Hi, Bob, On 02/04/2016 04:24 PM, Bob Hinden wrote: > Fernando, > >> On Feb 4, 2016, at 11:00 AM, Fernando Gont <fgont@si6networks.com> >> wrote: >> >> Bob/folks, >> >> The current text regarding frag ID generation in rfc2460bis says: >> >> ---- cut here ---- * "recently" means within the maximum likely >> lifetime of a packet, including transit time from source to >> destination and time spent awaiting reassembly with other fragments >> of the same packet. However, it is not required that a source node >> know the maximum packet lifetime. Rather, it is assumed that the >> requirement can be met by maintaining the Identification value as a >> simple, 32-bit, "wrap-around" counter, incremented each time a >> packet must be fragmented. It is an implementation choice whether >> to maintain a single counter for the node or multiple counters, >> e.g., one for each of the node's possible source addresses, or one >> for each active (source address, destination address) combination. >> ---- cut here ---- >> >> >> I suggest changing the text to: >> >> ---- cut here ---- * "recently" means within the maximum likely >> lifetime of a packet, including transit time from source to >> destination and time spent awaiting reassembly with other fragments >> of the same packet. However, it is not required that a source node >> know the maximum packet lifetime. Rather, it is assumed that the >> requirement can be met by implementing an algorithm that results in >> a low identification reuse frequency. [RFC7739] discusses possible >> algorithms that can meet this requirement while avoiding possible >> security and privacy issues. ---- cut here ---- >> >> (where the ref to RFC7739 is obviously informative, rather than >> normative). >> >> -- Bottom-line is that rfc2460bis shouldn't suggest algorithms >> that have known issues, and it's better to have an informative >> reference to RFC7739, where possible algorithms are discussed. >> >> Thoughts? > > I looked at this earlier and also thought the 32-bit wrap around > counter text was dated. I am OK with something similar to what you > proposed. My read of the current text is that it is describes the > 32-bit wrap around counter as an example, as opposed the only way to > do it, so an update like this would be OK. That's my take as well. So this change would essentially just remove the current example, and point to RFC7739 for examples, where different algorithms and pros/cons of each of them are analyzed. Thanks! Cheers, -- Fernando Gont SI6 Networks e-mail: fgont@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
- rfc2460bis and Frag ID generation Fernando Gont
- Re: rfc2460bis and Frag ID generation Fernando Gont
- Re: rfc2460bis and Frag ID generation Bob Hinden
- Re: rfc2460bis and Frag ID generation Fernando Gont
- Re: rfc2460bis and Frag ID generation Fernando Gont
- Re: rfc2460bis and Frag ID generation Bob Hinden
- Re: rfc2460bis and Frag ID generation Bob Hinden
- Re: rfc2460bis and Frag ID generation Fernando Gont