IETF Logo Mail Archive

Re: [lp-wan] [Schc] Fwd: draft-architecture-02-inputs "better match"

Laurent Toutain <Laurent@touta.in> Thu, 08 June 2023 16:55 UTC

Return-Path: <laurent.toutain@gmail.com>
X-Original-To: lp-wan@ietfa.amsl.com
Delivered-To: lp-wan@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23ABDC14F738; Thu, 8 Jun 2023 09:55:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.549
X-Spam-Level:
X-Spam-Status: No, score=-1.549 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.096, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VIbYECpuEaKm; Thu, 8 Jun 2023 09:54:58 -0700 (PDT)
Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEC0CC14CEFF; Thu, 8 Jun 2023 09:54:12 -0700 (PDT)
Received: by mail-wr1-f49.google.com with SMTP id ffacd0b85a97d-30aeee7c8a0so678787f8f.1; Thu, 08 Jun 2023 09:54:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686243251; x=1688835251; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Jy1wcOrynaSYeWoaMSftNBwfZEI0RoXKZ99D2HX+hAc=; b=lPWWnPdA+UPXQpsSiRT/ZUdDvKIpFhfdu72AyopKes4JSKuZlUYrD+chtcFxWo+Dbg Jfqd1IE9yC5bUJqTp7OiWX5JBMfZxHk85/jsbjIFQHj66ZhUtYj+sP8OGfajGTzh5psZ phEAxr8s820AiDa/HHQk92VUNcNrHdKnoQn8RZGm8CvIajQG/icoBq53ViM9BxQjzFUG cHhWy7hx6pEwp+6Na9vHn707lovoCTmdPVeI5vD9lWxjc7ngkN39gj350hL+RvbWBCAQ hdAdeMxsAV4uhHI9gyqN/v4E2YLTdMPwEToIl0YDhYs2Xf1DXeaa39CscE1h1XOxY/+f GijQ==
X-Gm-Message-State: AC+VfDxtTpKLOGvhK7epCO1we69PvUKTvWSYprRZdhjoQoVmR6igu6y2 y6Tn5L5Ugl9i+f03QI6s8xpdpPOEf3eZmucYcr0=
X-Google-Smtp-Source: ACHHUZ5IVKD6bU2QzasrVQvH7W7VNT1puoaA7mVp5g3DgRPvmaD7zKRcN7C07LylKMdVUjX7TeJs4gn4G9hHzWpsaas=
X-Received: by 2002:adf:dfd0:0:b0:30a:f1dd:697b with SMTP id q16-20020adfdfd0000000b0030af1dd697bmr2088372wrn.6.1686243250617; Thu, 08 Jun 2023 09:54:10 -0700 (PDT)
MIME-Version: 1.0
References: <CAAbr+nQ0k4Ny=sPy+EpeEo=fBxQQqo0ZY3s1ajQUNz_J7CkqAg@mail.gmail.com> <CAAbr+nSbfq9kJ_rZVR-GmGyk1iaBse=r=Cv1p74dy4zZZ3CHOA@mail.gmail.com> <CAKUuZYQPSU72TaSEN_c=ZgteqTZ3J2SHHrCz1a0AQ+rfPCy_4Q@mail.gmail.com> <AS5PR07MB98950764AD18D7E865ACBBBAD253A@AS5PR07MB9895.eurprd07.prod.outlook.com>
In-Reply-To: <AS5PR07MB98950764AD18D7E865ACBBBAD253A@AS5PR07MB9895.eurprd07.prod.outlook.com>
From: Laurent Toutain <Laurent@touta.in>
Date: Thu, 08 Jun 2023 18:53:33 +0200
Message-ID: <CABONVQaZKYXw81WOXsHMU2q4ASoT3jounUnYi1W+gkqv529bwA@mail.gmail.com>
To: "Ivan Martinez Bolivar (Nokia)" <ivan.martinez_bolivar@nokia-bell-labs.com>
Cc: "schc@ietf.org" <schc@ietf.org>, "lp-wan@ietf.org" <lp-wan@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f5412905fda11957"
Archived-At: <https://mailarchive.ietf.org/arch/msg/lp-wan/B6y9hAF9YtzD_zwJusGqGqfQy5E>
Subject: Re: [lp-wan] [Schc] Fwd: draft-architecture-02-inputs "better match"
X-BeenThere: lp-wan@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Low-Power Wide Area Networking \(LP-WAN\), also known as LPWA or Low-Rate WAN \(LR-WAN\)" <lp-wan.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lp-wan>, <mailto:lp-wan-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lp-wan/>
List-Post: <mailto:lp-wan@ietf.org>
List-Help: <mailto:lp-wan-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lp-wan>, <mailto:lp-wan-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Jun 2023 16:55:02 -0000

Hi Ivan,

It can be, Quentin showed it, if we have a metric to select rules that is
only based on the length. Destructive compression concerns a lot of packet
to compress since we ignore the value of fields to select a rule, and very
efficient since we don't sent the fields. May be we can introduce a kind of
hamming distance in a metric to select the rule. A packet which differs too
much from the original are penalized.

In my view, destructive compression is good for HL if we are sure of no
risk of loops after the decompressor. Can be applied also to the FL, but
writing the value with management could be better.

Laurent

On Wed, Jun 7, 2023 at 2:56 PM Ivan Martinez Bolivar (Nokia) <
ivan.martinez_bolivar@nokia-bell-labs.com> wrote:

> Hello SCHCers,
>
> This is a crucial aspect for the Access Control draft that Ana, Laurent
> and I are working on.
>
> I suggest keeping it as it is in RFC8724, allowing implementers to choose
> the Rule as they want, and addressing the scenarios that require careful
> consideration in our draft.
>
> Hence, we shall introduce the notion of "destructive compression", for
> those cases where there are rules including "ignore - not_sent" and tell
> the implementers in which cases this combination is suitable or not.
> Looking at the examples of RFC8724. We got IPv6 Hop Limit, this may not
> be important in a star topology but can be problematic in other cases.
>
> If you think of other cases where this "destructive compression" can be an
> attack vector please let us know, we'll be happy to discuss about it.
>
> Ivan
>
>
> ---------- Forwarded message ---------
> De: *Ana Minaburo* <ana@ackl.io>
> Date: mar, 23 may 2023 a las 20:20
> Subject: [lp-wan] Fwd: draft-architecture-02-inputs "better match"
> To: lp-wan <lp-wan@ietf.org>
>
>
> This too.
>
> ---------- Forwarded message ---------
> From: *Ana Minaburo* <ana@ackl.io>
> Date: Tue, May 23, 2023 at 4:39 PM
> Subject: draft-architecture-02-inputs "better match"
> To: Pascal Thubert (pthubert) <pthubert@cisco.com>
> Cc: <lpwan@ietf.org>, <schc@ietf.org>
>
>
> Hello Pascal,
> This is the second thread.
>
>
>    - 2. Section 3. In the Static Context Header Compression, in the first
>    paragraph, it is mentioned: "The rule that matches best is used to
>    compress."
>
>  *[Ana] *It is very ambiguous because it can be misinterpreted. Does it
> refer to the Rule that matches the complete header, i.e., the Rule with the
> same FIDs as the header format? Or do you mean the best compression
> residue? RFC8724 leaves to the implementation the choice of the Rule to be
> used when multiple valid Rules match.
>
>
>
> Agreed. This should be discussed on the list since it is an attack vector.
> Someone inserting a "better match" can turn a decompressor into a bomber.
> Let us start a thread on this.
>
>
> [Ana] If the best compression residue is what you mean, I agree that it
> introduces an attack vector that needs to be solved by a deeper discussion
> together with the modification of the Rules during the session.
>
> But In a context, several Rules may match the header and may be used to
> compress it. For instance, deciding which one is used is an implementation
> problem.
>
>
> _______________________________________________
> lp-wan mailing list
> lp-wan@ietf.org
> https://www.ietf.org/mailman/listinfo/lp-wan
>
>
> --
> Gracias
> Ivan Marino
> --
> Schc mailing list
> Schc@ietf.org
> https://www.ietf.org/mailman/listinfo/schc
>


-- 
Laurent Toutain
+------ VoIP (recommended) ---+--- Télécom Bretagne --- +
| Tel: +33 2 22 06 8156             | Tel: + 33 2 99 12 7026    | Visit :
| Fax: +33 2 22 06 8445            | Fax: +33 2 99 12 7030   |
http://class.touta.in
| Laurent@Touta.in                   | Laurent.Toutain@Telecom-Bretagne.eu
+----------------------------------------+--------------------------------+

v2.23.0 | Report a Bug | By Email