Re: [ipwave] [Gen-art] Genart last call review of draft-ietf-ipwave-ipv6-over-80211ocb-46
Brian E Carpenter <brian.e.carpenter@gmail.com> Sun, 23 June 2019 20:35 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: its@ietfa.amsl.com
Delivered-To: its@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A777120092; Sun, 23 Jun 2019 13:35:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uayDRY0Mwaq8; Sun, 23 Jun 2019 13:35:40 -0700 (PDT)
Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D31A512016C; Sun, 23 Jun 2019 13:35:40 -0700 (PDT)
Received: by mail-pg1-x531.google.com with SMTP id f25so5927551pgv.10; Sun, 23 Jun 2019 13:35:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=qc/UnKG56H0yIAAYMQCgQDRo5AUm0/jFsFXG0w95G8s=; b=mEk+QyNu1hYpbuF67bkKu7kNkp3aqPc0GzBFbL3s4tNgsBOwufGIklyUzIkP7RIrkI v95syKgmwx/DbjX3AOger7nfd//YCyyj78nv078MgFsXUdbhl6sO4SpcjLfS00wo0u/M 8DiECxI3p2O8mD/1Dlll5wBZEMJ1ax51W52WTCy+AzMFL2As2SB0AtJ05UgQoThIaHZe KVn0uepeu6tcQbgsGfBPS/+7Jyehzl54vFYNrCeTsLhfRe49uy1qMyFGizEt87SCOZey dktb/wCaBcUncwQoay79B0ObPWvGxygHlCyES0PU3F3WZRUrjRYXZr4U0CSlCBPiOhHV Dt+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=qc/UnKG56H0yIAAYMQCgQDRo5AUm0/jFsFXG0w95G8s=; b=eu8qKCdD22LYjfK+eT1okKqR2oBnQ/x5rUicl9YBD0Y3ZpazBDGmDf3UInKZexfN41 Ems+eneJgpuXQRzBTbYeO420ZXToX1LDIIaTr5LVSAHQ4461Hi2PCmBJAyOJqiR4Fz5s iLpR1UlVpO7WEbPW2MpbcRfRUqXSeYmhNzMs1NyzymmTxj/c50+zhrhIKj9ckbWlePzw QjuN0vEDtE1rl8Uoq5OO1UHhwpxaOa7PkWeBaRe5XkQhB9/J7MhYWavlL6qfoYtexFZD a5mOSoz9oEoXG4uvn5GPlLJxsrpGUi9m4pzbCi9G0a+sCWmxYksOy8iXw7+XmnDCfo48 rruQ==
X-Gm-Message-State: APjAAAU30KY/lwWcBPMA3k0FniPCiHCcYIMK9LiTXdhRvtj01MU12I5e VDarCRBrrzu8BJHL2hoLQh8mr0CI
X-Google-Smtp-Source: APXvYqw1kFrQpPoarye5cvg6DDnOsO5OSfYieoYLLBdWb0pyUbc4C9xqZQdy//Y04L0iYZhlYvSm4Q==
X-Received: by 2002:a63:a1f:: with SMTP id 31mr10082614pgk.66.1561322139777; Sun, 23 Jun 2019 13:35:39 -0700 (PDT)
Received: from [192.168.178.30] (32.23.255.123.dynamic.snap.net.nz. [123.255.23.32]) by smtp.gmail.com with ESMTPSA id t2sm9252433pfh.166.2019.06.23.13.35.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 23 Jun 2019 13:35:38 -0700 (PDT)
To: "Roni Even (A)" <roni.even@huawei.com>, "dickroy@alum.mit.edu" <dickroy@alum.mit.edu>, 'NABIL BENAMAR' <n.benamar@est.umi.ac.ma>, 'Roni Even' <ron.even.tlv@gmail.com>
Cc: "gen-art@ietf.org" <gen-art@ietf.org>, 'IETF Discussion' <ietf@ietf.org>, "its@ietf.org" <its@ietf.org>, "draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org" <draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org>
References: <156067514313.12185.6559961431451739070@ietfa.amsl.com> <CAD8vqFcngv75CvQTSY1vnL1TsLWoFVtw8b_q6hvBRRdSMDZZsw@mail.gmail.com> <6E58094ECC8D8344914996DAD28F1CCD18D37579@dggemm526-mbx.china.huawei.com> <9B1442B71BF74C83924B8C818D014A95@SRA6> <6E58094ECC8D8344914996DAD28F1CCD18D37922@dggemm526-mbx.china.huawei.com> <33F9CD4AECD240EE9E0DE94D4C081501@SRA6> <6E58094ECC8D8344914996DAD28F1CCD18D39376@dggemm526-mbx.china.huawei.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <143b4540-d1e6-1219-ca20-0dd41ace42dd@gmail.com>
Date: Mon, 24 Jun 2019 08:35:34 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <6E58094ECC8D8344914996DAD28F1CCD18D39376@dggemm526-mbx.china.huawei.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/its/B9UJxzmFIgnEjWqI0SUf6KekfI8>
Subject: Re: [ipwave] [Gen-art] Genart last call review of draft-ietf-ipwave-ipv6-over-80211ocb-46
X-BeenThere: its@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IPWAVE - IP Wireless Access in Vehicular Environments WG at IETF <its.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/its>, <mailto:its-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/its/>
List-Post: <mailto:its@ietf.org>
List-Help: <mailto:its-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/its>, <mailto:its-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Jun 2019 20:35:43 -0000
Because of the non-plain text and the commenting styles used, I am
unclear who wrote what below, but please see my comment in line:
On 23-Jun-19 18:18, Roni Even (A) wrote:
>
> Inline
>
> ________________________________
> From: Roni Even (A) [mailto:roni.even@huawei.com]
> Sent: Tuesday, June 18, 2019 1:41 AM
> To: dickroy@alum.mit.edu<mailto:dickroy@alum.mit.edu>; 'NABIL BENAMAR'; 'Roni Even'
> Cc: gen-art@ietf.org<mailto:gen-art@ietf.org>; 'IETF Discussion'; its@ietf.org<mailto:its@ietf.org>; draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org<mailto:draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org>
> Subject: RE: [ipwave] [Gen-art] Genart last call review of draft-ietf-ipwave-ipv6-over-80211ocb-46
>
> Hi,
> I am not a security expert, I was just trying to reflect that when reading the document I got the impression that privacy is a major concern since the IP-OBU is moving and its location can be traced by sniffing the MAC addresses.
> [RR] FYI ... there is no such thing as an IP-OBU unless this group chooses to define one. I highly recommend against it for a variety of reasons including adding a network protocol identifier in front of a device identifier makes no sense.
>
> [RE] IP-OBU is defined in section 2 and is used in 5.1 when discussing privacy
>
>
> Maybe it will be good to have a security review of the document. I also noticed that there is support in IEEE SA - 1609.4-2016 for MAC address change.
>
> [RR] Yes, but it does NOT make such changes mandatory! I made sure of that for the same reasons stated below.
The draft says, in section 5:
For this reason, in the 802.11-OCB
deployments, there is a strong necessity to use protection tools such
as dynamically changing MAC addresses Section 5.2, semantically
opaque Interface Identifiers and stable Interface Identifiers
Section 4.4. This may help mitigate privacy risks to a certain
level.
I'm not quite sure how "strong necessity" relates to RFC2119 terminology,
but the current text seems to say that changing MAC addresses is at
least RECOMMENDED.
Also the quoted text is very hard to parse. Does "semantically opaque"
qualify "Interface Identifiers" or "Interface Identifiers and stable
"Interface Identifiers"? And how do stable Interface Identifiers help
to protect privacy?
(FYI, the data tracker does show that a SECDIR review has been requested.)
Regards
Brian Carpenter
>
>
>
> Roni Even
>
> From: Dick Roy [mailto:dickroy@alum.mit.edu]
> Sent: Monday, June 17, 2019 10:48 PM
> To: Roni Even (A); 'NABIL BENAMAR'; 'Roni Even'
> Cc: gen-art@ietf.org<mailto:gen-art@ietf.org>; 'IETF Discussion'; its@ietf.org<mailto:its@ietf.org>; draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org<mailto:draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org>
> Subject: RE: [ipwave] [Gen-art] Genart last call review of draft-ietf-ipwave-ipv6-over-80211ocb-46
>
>
>
> ________________________________
> From: its [mailto:its-bounces@ietf.org] On Behalf Of Roni Even (A)
> Sent: Monday, June 17, 2019 6:26 AM
> To: NABIL BENAMAR; Roni Even
> Cc: gen-art@ietf.org<mailto:gen-art@ietf.org>; IETF Discussion; its@ietf.org<mailto:its@ietf.org>; draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org<mailto:draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org>
> Subject: Re: [ipwave] [Gen-art] Genart last call review of draft-ietf-ipwave-ipv6-over-80211ocb-46
>
> Thanks,
> The only comment left is:
>
> 2. In section 5.2 "The policy dictating when the MAC address is changed on the
> 802.11-OCB interface is to-be-determined.". Reading the next sentence it looks
> to me that this is needed as part of the solution and should not be left for
> the unknown future.
>
> Should we reformulate here?
>
> I was expecting some recommendation since the changing of MAC address is important to address privacy issues (discussed in section 5). Currently it is left open with no recommendation , only saying that dynamic change of MAC address is needed.
> Maybe the document should have some normative language for example in section 5.1 that will say that IP-OBU MUST dynamic change their MAC addresses
> [RR] I highly recommend AGAINST this! There will be a number OBU and RSU implementations that DO NOT require anonymity, and don't want it either. Furthermore, immutable identifier change must be coordinated with all other interfaces and protocols otherwise changing them is useless.
>
> Did the document go through security area review?
> [RR] If it did, and the above was not mentioned, then something was missed.
>
> Roni
>
>
> From: Gen-art [mailto:gen-art-bounces@ietf.org] On Behalf Of NABIL BENAMAR
> Sent: Monday, June 17, 2019 12:48 PM
> To: Roni Even
> Cc: gen-art@ietf.org<mailto:gen-art@ietf.org>; IETF Discussion; its@ietf.org<mailto:its@ietf.org>; draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org<mailto:draft-ietf-ipwave-ipv6-over-80211ocb.all@ietf.org>
> Subject: Re: [Gen-art] Genart last call review of draft-ietf-ipwave-ipv6-over-80211ocb-46
>
> Dear Roni,
>
> Thank you for your review.
> Please, see my answers below.
>
>
>
>
>
> On Sun, Jun 16, 2019, 09:52 Roni Even via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote:
> Reviewer: Roni Even
> Review result: Almost Ready
>
> I am the assigned Gen-ART reviewer for this draft. The General Area
> Review Team (Gen-ART) reviews all IETF documents being processed
> by the IESG for the IETF Chair. Please treat these comments just
> like any other last call comments.
>
> For more information, please see the FAQ at
>
> <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>.
>
> Document: draft-ietf-ipwave-ipv6-over-80211ocb-??
> Reviewer: Roni Even
> Review Date: 2019-06-16
> IETF LC End Date: 2019-06-26
> IESG Telechat date: Not scheduled for a telechat
>
> Summary:
> The document is almost ready for publication as a standard track RFC
>
> Major issues:
>
> Minor issues:
>
> 1. Section 4.2 says "IP packets MUST be transmitted over 802.11-OCB media as
> QoS Data" while appendix F say "The STA may send data frames of subtype Data,
> Null, QoS Data, and
> QoS Null.
>
> I will update the appendix to reflect the text in section 4.2.
>
> 2. In section 5.2 "The policy dictating when the MAC address is changed on the
> 802.11-OCB interface is to-be-determined.". Reading the next sentence it looks
> to me that this is needed as part of the solution and should not be left for
> the unknown future.
>
> Should we reformulate here?
>
> 3. In Appendix I 4th paragraph " However, this does not apply if TBD TBD TBD. "
> ... What are the TBDs?
>
> The whole sentence will be removed.
>
> Nits/editorial comments:
> 1. In appendix I last paragraph "Support of RFC 8505 is may be implemented on
> OCB." should be "Support of RFC 8505 may be implemented on OCB." 2. In Appendix
> I "OCB nodes that support RFC 8505 would support the 6LN operation in order to
> act as a host". I think that instead of "would" it should be "should" also if
> this is a recommendation why not have this paragraph not in an appendix with
> "MAY" and "SHOULD
>
>
> Agreed.
>
>
>
> _______________________________________________
> Gen-art mailing list
> Gen-art@ietf.org
> https://www.ietf.org/mailman/listinfo/gen-art
>
- [ipwave] Genart last call review of draft-ietf-ip… Roni Even via Datatracker
- Re: [ipwave] Genart last call review of draft-iet… NABIL BENAMAR
- Re: [ipwave] [Gen-art] Genart last call review of… Roni Even (A)
- Re: [ipwave] [Gen-art] Genart last call review of… Alexandre Petrescu
- Re: [ipwave] [Gen-art] Genart last call review of… NABIL BENAMAR
- Re: [ipwave] [Gen-art] Genart last call review of… Roni Even (A)
- Re: [ipwave] [Gen-art] Genart last call review of… Alexandre Petrescu
- Re: [ipwave] [Gen-art] Genart last call review of… NABIL BENAMAR
- Re: [ipwave] [Gen-art] Genart last call review of… Roni Even (A)
- Re: [ipwave] [Gen-art] Genart last call review of… Brian E Carpenter
- Re: [ipwave] [Gen-art] Genart last call review of… Alexandre Petrescu