IETF Logo Mail Archive

AD Evaluation: draft-ietf-6man-predictable-fragment-id

Brian Haberman <brian@innovationslab.net> Fri, 21 August 2015 18:16 UTC

Return-Path: <brian@innovationslab.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C800F1ACD0B; Fri, 21 Aug 2015 11:16:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uBZyk85OsZzA; Fri, 21 Aug 2015 11:16:38 -0700 (PDT)
Received: from uillean.fuaim.com (uillean.fuaim.com [206.197.161.140]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 989491ACD0A; Fri, 21 Aug 2015 11:16:35 -0700 (PDT)
Received: from clairseach.fuaim.com (clairseach-high.fuaim.com [206.197.161.158]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by uillean.fuaim.com (Postfix) with ESMTP id 7822F880E3; Fri, 21 Aug 2015 11:16:35 -0700 (PDT)
Received: from clemson.jhuapl.edu (swifi-nat.jhuapl.edu [128.244.87.133]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by clairseach.fuaim.com (Postfix) with ESMTP id C3EA6328081A; Fri, 21 Aug 2015 11:16:34 -0700 (PDT)
To: draft-ietf-6man-predictable-fragment-id@ietf.org, "ipv6@ietf.org" <ipv6@ietf.org>
From: Brian Haberman <brian@innovationslab.net>
Subject: AD Evaluation: draft-ietf-6man-predictable-fragment-id
X-Enigmail-Draft-Status: N1110
Message-ID: <55D76AFD.2070000@innovationslab.net>
Date: Fri, 21 Aug 2015 14:16:29 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="9PBvse8pFjvWAE1UlRH2DEm9DpQowoarI"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipv6/fYwcdBQOsrZjzWOefI4Y2AnDHCQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Aug 2015 18:16:42 -0000

All,
     I have completed my AD evaluation of this draft as a part of the
publication process.  I only have two comments/questions on this draft.
Once those are resolved, it can move along in the publication process.

* Section 4 says the following:

   As a result, at least during the IPv6/IPv4 transition/co-existence
   phase, it is probably safer to assume that only the low-order 16 bits
   of the IPv6 Fragment Identification are of use to the destination
   system.

I think that statement is making an ill-advised generalization.  The
above is true if one is looking at an atomic fragment. However, even if
we are talking about a transition/co-existence phase, there will still
be significant amounts of fragmented traffic between IPv6 nodes where
the full 32 bits of the fragment id are useful. What was the rationale
for the above generalization?

* Section 5.3's discussion of a hash-based id generation scheme says
this in the drawbacks:

   o  Since the Fragment Identification values are predictable by the
      destination host...

How are the ID values predicted by the destination host?  The source is
using secret values that presumably are not shared with the destination.
So how does this prediction work?

Regards,
Brian

v2.23.0 | Report a Bug | By Email