Re: [lp-wan] draft-ietf-lpwan-coap-static-context-hc-14.txt and Magnus Westerlund Discuss
"Eric Vyncke (evyncke)" <evyncke@cisco.com> Fri, 03 July 2020 08:02 UTC
Return-Path: <evyncke@cisco.com>
X-Original-To: lp-wan@ietfa.amsl.com
Delivered-To: lp-wan@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D5FA3A082D; Fri, 3 Jul 2020 01:02:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.598
X-Spam-Level:
X-Spam-Status: No, score=-9.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=AqmHrmcZ; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=CCt2uSxw
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oOt8l_5aZKe4; Fri, 3 Jul 2020 01:02:31 -0700 (PDT)
Received: from rcdn-iport-8.cisco.com (rcdn-iport-8.cisco.com [173.37.86.79]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E07513A0820; Fri, 3 Jul 2020 01:02:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=29678; q=dns/txt; s=iport; t=1593763350; x=1594972950; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=Mi+RAEpplb/NP8/FzAi6PW6AcRIZlHhIz8tFFKi3RF0=; b=AqmHrmcZOAIr9X5XogNnq2LAMmVYP46J4UHCAhHas8Y5xExszpoBJb/k Gc/nBfzJ51i/g4n03BAP0Nbmla/wkDvyPh7vo68IvkBi75KawKbexY4qr maD121VH6zY089cH+0tI41TmjX0EgZkC2UR4/O0T78+1EwozNVJo+itQh A=;
IronPort-PHdr: 9a23:mo2alx+8XG1bov9uRHGN82YQeigqvan1NQcJ650hzqhDabmn44+7ZhSN6O9sh0TSWoOd4PVB2KLasKHlDGoH55vJ8HUPa4dFWBJNj8IK1xchD8iIBQyeTrbqYiU2Ed4EWApj+He2YkVPGc3lfFrU5Ha16G1aFhD2LwEgIOPzF8bbhNi20Obn/ZrVbk1IiTOxbKk0Ig+xqFDat9Idhs1pLaNixw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0C2AADc5P5e/4YNJK1WChkBAQEBAQEBAQEBAQEBAQEBAQESAQEBAQEBAQEBAQEBQIFKgVIpKAdvWC8shDGDRgONJiWBAZdZgUKBEANVCwEBAQwBARgLCgIEAQGERwIXgggCJDgTAgMBAQsBAQUBAQECAQYEbYUuCCUMhW4BAQEBAwEBEBERDAEBLAYFAQsCAgIBCBEBAgEBAQECAhESAwICAhkMCxQBAgYIAgQBCQQFGweDBAGCSwMuAQ6fNgKBOYhhdoEygwEBAQWBRkGDNxiCDgMGBYEJKgGCaIJMRoZQHRqBQT+BEScMEIIYNT6CXAEBAgEBgRQJEQ8GGBcoglczgi2PJAMGgw2hY3EKglyIS4YuilEDHYJziTCECo5wkVmKHJAkhCACBAIEBQIOAQEFgWoigVZwFRohKgGCCgEzUBcCDY1BXQwXFG4BCIJDhRSFQnQCNQIGAQcBAQMJfI9aAQE
X-IronPort-AV: E=Sophos;i="5.75,307,1589241600"; d="scan'208";a="792523669"
Received: from alln-core-12.cisco.com ([173.36.13.134]) by rcdn-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 03 Jul 2020 08:02:29 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by alln-core-12.cisco.com (8.15.2/8.15.2) with ESMTPS id 06382TXO024069 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 3 Jul 2020 08:02:29 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 3 Jul 2020 03:02:28 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 3 Jul 2020 03:02:27 -0500
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 3 Jul 2020 03:02:27 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GH3N/tF2iMSTNBQCKA9LfSrH2oWhk0pZ6Bv8PbVHOnu7wxXRQgZmWuNG4fPNuviyD3GoMowemB+rn5tqWR8nwCxehnslCHIrQJdmoR0cyydGIRfhM4DTEpx3ZLHaU4IOuXfX3KP1/clSZ9WzwEzRxsBPTVuWXL5YoTYh8CVD0Pz/mj+q5IbZFfbuMZdcsVdTahetIcQjrOqP95N3KCPUpQt8ezApBhouXuxXb+5/T0l3Cbrqv364D7oktXAVvVZjSiFZgE21CHhZvutLdeJp2UtJ2O/uQSoY9iO0AsBtlfSJ9GSX55etHZaXxktjvAB3aWW/pohCYP+bAdlPvJU90Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Mi+RAEpplb/NP8/FzAi6PW6AcRIZlHhIz8tFFKi3RF0=; b=JDyfm1gWM8jnN5EFIWVRdZVHjj+eUnZpWaEF/DJzrR+fxXrUb7YCV2l7h5CqHW6f3eru0s3buY7bJ9+r+YKh5VNAEbA8b2f+toJ4goZ6drYGFs1eRNQc4ti0KwChbqW2Jxlw/AibnxrumvTeJoTAER2o5PJb/ThF75ks2TBtT5zQjkJRQOXVtQfCvJxlxTRrRyYixjv7TF58pKflv9fZoceCVwPcYj8qh3jeXBT0RAbWD1ULs3qhPnlJ6X5tL5scbrOVomLFlVTvAq0ut6QUW2EceND9MkObKiC11aRzNLy3AoA7fCyZX86GSgQV0jReNCJNWKoc4gegsDOL7fyEjA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Mi+RAEpplb/NP8/FzAi6PW6AcRIZlHhIz8tFFKi3RF0=; b=CCt2uSxwXq+tSJ9otTx3n/hNR93c+vBNtWR7I2N/JgM2xoIlM52TR2IKM4187ab3TI6AJFpiJwcqmjKX+fRj9xmi1kOWdPBDu46zHIH78zC6F+9QTbbP/ml53KnZmAWUAo6cXIsIXCuu0z2DB+u7i/kP5x/XOUfkof2+p4/NHQM=
Received: from DM5PR11MB1753.namprd11.prod.outlook.com (2603:10b6:3:10d::13) by DM6PR11MB4250.namprd11.prod.outlook.com (2603:10b6:5:1df::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.23; Fri, 3 Jul 2020 08:02:26 +0000
Received: from DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::a14c:59b6:47b0:f630]) by DM5PR11MB1753.namprd11.prod.outlook.com ([fe80::a14c:59b6:47b0:f630%7]) with mapi id 15.20.3153.028; Fri, 3 Jul 2020 08:02:26 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, "ana@ackl.io" <ana@ackl.io>
CC: "laurent.toutain@imt-atlantique.fr" <laurent.toutain@imt-atlantique.fr>, "draft-ietf-lpwan-coap-static-context-hc@ietf.org" <draft-ietf-lpwan-coap-static-context-hc@ietf.org>, "lp-wan@ietf.org" <lp-wan@ietf.org>, "Pascal Thubert (pthubert)" <pthubert@cisco.com>
Thread-Topic: draft-ietf-lpwan-coap-static-context-hc-14.txt and Magnus Westerlund Discuss
Thread-Index: AQHWNQVC04PA8u5vh060kvOFfaGiGajFfEWAgAFs9YCALsEVAIAAA/oAgAApxoA=
Date: Fri, 03 Jul 2020 08:02:26 +0000
Message-ID: <AC94B019-0817-4018-B3CD-83FCCB5B1140@cisco.com>
References: <159051093254.21121.16926703305000099981@ietfa.amsl.com> <5dac4a2a45ae78b7b7d6926545aab9533f457c08.camel@ericsson.com> <MN2PR11MB35656543D6AAC7CBB942F9CFD88B0@MN2PR11MB3565.namprd11.prod.outlook.com> <cc849a919dfe78a8c96041d3035d99be6ec00158.camel@ericsson.com> <CAAbr+nRLY0Nc-SHM878x4buZcG=50RUcPZLCkJvF9H7it09P+Q@mail.gmail.com> <9ba96143dbef136765507782c47660aa7e8d548c.camel@ericsson.com>
In-Reply-To: <9ba96143dbef136765507782c47660aa7e8d548c.camel@ericsson.com>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.38.20061401
authentication-results: ericsson.com; dkim=none (message not signed) header.d=none;ericsson.com; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c1:36:795b:9be4:252c:d5fa]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cb315816-a01c-42a5-68ec-08d81f276d24
x-ms-traffictypediagnostic: DM6PR11MB4250:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM6PR11MB425056486BD30215EA77664DA96A0@DM6PR11MB4250.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 045315E1EE
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: T1sQpZMYrfVTsGQi+BMSYxjLZ6bB84CbajtDQAWuR0AeCYf2nNYX6xn7pwda1tw6H5W4l9Q3ltUMvoKrRvYX/NJlQXUWKOke8Y0L2iGg1JTZSNgFpa+7eF+DdwN0LIqNm+DpoorEOGb6QrzxpOlCO1gSBY8UO6QvvsW9M4HjIL+dVP2lKR63fHGUK8/pqa9E89pXfor3l7ZpUx2V20PDw3xlqQli5tt6WBgihLdK5WgfBcNc0+DQ9x90cDYewkh5ceKq0dEFiO8tqyQofXgpelFGQEcnV22V4N+/Ux8BfiALTgEOg9m/Bk9skfXNATEyw3j7Tm6TpHRg85k6LanCVwecxFlPlO/biYFEHsiUVPHDL8zquXAiEtMVUIgUyilDVSkT+hBP7/Syn8VQhJRnXQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR11MB1753.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(376002)(39860400002)(346002)(396003)(366004)(6486002)(30864003)(8676002)(5660300002)(33656002)(2906002)(8936002)(186003)(6506007)(53546011)(86362001)(66574015)(91956017)(76116006)(36756003)(478600001)(107886003)(71200400001)(316002)(64756008)(110136005)(66446008)(66476007)(2616005)(66946007)(54906003)(66556008)(83380400001)(4326008)(966005)(6512007)(579004); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: tM0aMrho9JY0czjWjsHqcLKrDcE+NuZBDVqTvbarfO9TuiRe0vDCIPtVxANHxstY51Zrm9+y2iVw+/GD4GLR+GHUPciDKJoRF9yHf9FgPW4d8GJteOAZP1AxOzdIejjCKZ8jgC6FH+5N8zIJ7MfWwdL4922LqaROgqq2COVSsRwwnRVR/lcP6GbW0fSPozsboYBObkeIzWdpNHqhcH37hCqSCATxKVU1EWFtG3DFrwQb21IXnhYDXJGwLHoHIqIj9obYZvywejCEnVIptT5ml0Uu2dqchpDyPGutGsEFglr+81Bo6El3xV7P6qLQYGvrkJRcVp2+MkhzqZ7nrtFHHdnMYVZDFIA1GpfjvaDqAFmjYKHyafa7MHMW1QzlAlYToaJyXQTct+H7xI5i47M9ABR2+idI7hhMeqYh6vHdExLdP+n0wcKBRKAqdxFlTptL3yM5pSJogR/iHn0ZIGnu+HGTYS4ldC2XRpknqPfid53mWcigFZodXVrfgTlvYIWbIw1apW9H7tbiAP+S4baWKQh7L5TZtrW2lQGZsCTPHcQ=
Content-Type: text/plain; charset="utf-8"
Content-ID: <41AB7C4721EA2444B4271FA4370D25B3@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM5PR11MB1753.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cb315816-a01c-42a5-68ec-08d81f276d24
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Jul 2020 08:02:26.5904 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Weou75ok82v3FlXYq8FBX94e6YJMtQRdxlRSLE01g4gGtYT5JaEEVqBnajABfWOqTMa5k11mKUkmvn/4p3uLIg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB4250
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.12, xch-aln-002.cisco.com
X-Outbound-Node: alln-core-12.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/lp-wan/gcGzaRTpvV7XHpHX7eh1lqXKyms>
Subject: Re: [lp-wan] draft-ietf-lpwan-coap-static-context-hc-14.txt and Magnus Westerlund Discuss
X-BeenThere: lp-wan@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Low-Power Wide Area Networking \(LP-WAN\), also known as LPWA or Low-Rate WAN \(LR-WAN\)" <lp-wan.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lp-wan>, <mailto:lp-wan-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lp-wan/>
List-Post: <mailto:lp-wan@ietf.org>
List-Help: <mailto:lp-wan-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lp-wan>, <mailto:lp-wan-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Jul 2020 08:02:34 -0000
Thank you Ana and authors for this revised I-D addressing all the remaining concerns. Thank you Magnus for a quick review of the changes. I will put this I-D back on the telechat -éric -----Original Message----- From: Magnus Westerlund <magnus.westerlund@ericsson.com> Date: Friday, 3 July 2020 at 09:33 To: "ana@ackl.io" <ana@ackl.io> Cc: "laurent.toutain@imt-atlantique.fr" <laurent.toutain@imt-atlantique.fr>, "pthubert=40cisco.com@dmarc.ietf.org" <pthubert=40cisco.com@dmarc.ietf.org>, "draft-ietf-lpwan-coap-static-context-hc@ietf.org" <draft-ietf-lpwan-coap-static-context-hc@ietf.org>, Eric Vyncke <evyncke@cisco.com>, "lp-wan@ietf.org" <lp-wan@ietf.org> Subject: Re: draft-ietf-lpwan-coap-static-context-hc-14.txt and Magnus Westerlund Discuss Hi, I think this new text looks good and would resolve my discuss. I assume these changes will be available in -15 when submitted. I am happy to clear my discuss then. Cheers Magnus On Fri, 2020-07-03 at 09:18 +0200, Ana Minaburo wrote: > Hello Magnus, > > We try to reflect your input in the document, we have done changes in the > following sections. > > Introduction > new text: > CoAP {{rfc7252}} is designed to easily interop with HTTP (Hypertext Transfer > Protocol) and is optimized for REST-based (Representational state transfer) > services. Although CoAP was designed for constrained devices, the size of a > CoAP header still is too large for the constraints of LPWAN (Low Power Wide > Area Networks) and some compression is needed to reduce the header size. > > The {{rfc8724}} defines SCHC, a header compression mechanism for LPWAN network > based on a static context. Section 5 of the {{rfc8724}} explains the > architecture where compression and decompression are done. The context is > known by both ends before transmission. The way the context is configured, > provisioned or exchanged is out of the scope of this document. > > CoAP is an End-to-End protocol at the application level, so CoAP compression > requires to install common Rules between two hosts and IP Routing may be > needed to allow End-to-End communication. Therefore, SCHC compression may > apply at two different levels, one to compress IP and UDP as described in > {{rfc8724}} in the LPWAN network and another at the application level. These > two compressions may be independent. The Compression Rules can be set up by > two independent entities and are out of the scope of this document. In both > cases, the SCHC mechanism remains the same. > > SCHC compresses and decompresses headers based on shared contexts between > devices. Each context consists of multiple Rules. Each Rule can match header > fields and specific values or ranges of values. If a Rule matches, the matched > header fields are substituted by the RuleID and optionally some residual bits. > Thus, different Rules may correspond to different types of packets that a > device expects to send or receive. > > A Rule describes the complete header of the packet with an ordered list of > fields descriptions, see section 7 of {{rfc8724}}, thereby each description > contains the field ID (FID), its length (FL) and its position (FP), a > direction indicator (DI) (upstream, downstream and bidirectional) and some > associated Target Values (TV). > > .... > > Section 2. Applying SCHC to CoAP headers > > We have divided the Figure 1, into three different figures, in order to show > the architecture of each use case. > > New text: > > Applying SCHC to CoAP headers > The SCHC Compression Rules can be applied to CoAP headers. SCHC Compression of > the CoAP header MAY be done in conjunction with the lower layers (IPv6/UDP) or > independently. The SCHC adaptation layers as described in Section 5 of > {{rfc8724}} and may be used as shown in {{Fig-SCHCCOAP1}}, {{Fig-SCHCCOAP2}} > and {{Fig-SCHCCOAP3}}. > > In the first example {{Fig-SCHCCOAP1}}, a Rule compresses the complete header > stack from IPv6 to CoAP. In this case, SCHC C/D (Static Context Header > Compression Compressor/Decompressor) is performed at the Sender and at the > Receiver. The host communicating with the device does not implement SCHC C/D. > > > (device) (NGW) (internet) (App) > > +--------+ +--------+ > | CoAP | | CoAP | > +--------+ +--------+ > | UDP | | UDP | > +--------+ +----------------+ +--------+ > | IPv6 | | IPv6 | | IPv6 | > +--------+ +--------+-------+ +--------+ > | SCHC | | SCHC | | | | > +--------+ +--------+ + + + > | LPWAN | | LPWAN | | | | > +--------+ +--------+-------+ +--------+ > ((((((())))))) ----- ------ ------ -- > --- > {: #Fig-SCHCCOAP1 title='Compression/decompression at the LPWAN bondary'} > > In the second example, {{Fig-SCHCCOAP2}}, the SCHC compression is applied in > the CoAP layer, compressing the CoAP header independently of the other layers. > The RuleID and the Compression Residue are encrypted using a mechanism such as > DTLS. Only the other end can decipher the information. If needed, layers below > use SCHC to compress the header as defined in {{rfc8724}} document. This use > case realizes an End-to-End context initialization between the sender and the > receiver and is out-of-scope of this document. > > > (device) (NGW) (internet) (App) > > +--------+ +--------+ > | CoAP | | CoAP | > +--------+ +--------+ > | SCHC | | SCHC | > +--------+ +--------+ > | DTLS | | DTLS | > +--------+ +--------+ > . udp . . udp . > .......... .................. .......... > . ipv6 . . ipv6 . . ipv6 . > .......... .................. .......... > . schc . . schc . . . . > .......... .......... . . . > . lpwan . . lpwan . . . . > .......... .................. .......... > ((((((())))))) ----- ------ ------ -- > --- > {: #Fig-SCHCCOAP2 title='Standalone CoAP ene-to-end > compression/decompression'} > > In the third example, {{Fig-SCHCCOAP3}} the Object Security for Constrained > RESTful Environments (OSCORE) {{rfc8613}} is used. In this case, two rulesets > are used to compress the CoAP message. A first ruleset focused on the inner > header and is applied end to end by both ends. A second ruleset compresses the > outer header and the layers below and is done between the Sender and the > Receiver. > > > (device) (NGW) (internet) (App) > > +--------+ +--------+ > | CoAP | | CoAP | > | inner | | inner | > +--------+ +--------+ > | SCHC | | SCHC | > +--------+ +--------+ > | CoAP | | CoAP | > | outer | | outer | > +--------+ +--------+ > . udp . . udp . > .......... .................. .......... > . ipv6 . . ipv6 . . ipv6 . > .......... .................. .......... > . schc . . schc . . . . > .......... .......... . . . > . lpwan . . lpwan . . . . > .......... .................. .......... > ((((((())))))) ----- ------ ------ -- > --- > {: #Fig-SCHCCOAP3 title='OSCORE compression/decompression.'} > > In case of 2 rule-sets, as shown in {{Fig-SCHCCOAP2}} and {{Fig-SCHCCOAP3}}, > they may come from different provisioning domains, and that they do not > include the cryptography part that is done in between the two SCHC activities. > This document focuses on CoAP compression represented in the dashed boxes in > the previous figures. > > ..... > > We have published the version 14 with these new changes, hoping they cover all > your requests. > > > > Regards > > Ana, Laurent, & Ricardo > > > On Wed, Jun 3, 2020 at 3:19 PM Magnus Westerlund < > magnus.westerlund@ericsson.com> wrote: > > Hi Pascal, > > > > Let me try to explain the issue I see here. So this document defines how to > > compress COAP/UDP/IPv6 and that is given in a framework with a certain set > > of > > assumption on how to get SCHC rules in place in the compressor and > > decompressor. > > > > The issue I am seeing for the case of COAP/DTLS/UDP/IPv6 is that the inner > > compression of COAP, although is the same set of rules that would be applied > > for > > the actual compression of COAP in the previous case, the application of > > these > > rules are not building on the same foundation as in the above case. > > There are simply a different architectural constraints for getting these > > rules > > in place at the decompressor. I am not asking you to solve them. I am asking > > the > > WG to describe the changed context and its architectural principles. > > > > So let me ask the question that may resolve this in another way. > > > > Is there a specification for some LPWAN to establish the SCHC rules that is > > working between the end-point and the gateway? Looking at > > https://datatracker.ietf.org/doc/rfc8724/referencedby/ > > there appear to be several ongoing work to use SCHC as intended by the > > architecture discussed in RFC 8724. > > > > So does there exist any similar proposal for developing an establishment for > > the > > inner COAP compression within a security layer? > > > > Are you convinced that the ones that need to write such a document are > > getting > > the support for considerations that are different from what RFC 8724 > > describes? > > Because I do think there are several different considerations. > > > > First, dynamic capability determination based on destination, i.e. for each > > COAP > > server the client talk to needs to determine if there are SCHC support > > > > Secondly, the choice between trying to rely on the security layer to > > identify > > data objects with SCHC rules as part of them and those without? > > > > Third, what rule initiation protocol can you run on top of the security > > layer, > > you can't do it below as that would leak information that needs to be > > secure. > > This likely should have its own paragraph in the security consideration. > > > > I think these all have challenges that are significantly different from when > > SCHC implementation is embedded in the network stack between IP and L2. And > > when > > the NGW and its SCHC capabilities are not dependent on IP destination, but > > simply if it is going to the NGW at all. > > > > These are all reasons I think there are need for a discussion of the > > architectural changes that COAP/SEC/UDP/IP has compared to both UDP/IP and > > COAP/UDP/IP. > > > > Part of the issue here is that do get the inner COAP establishment correct > > require knowledge of both SCHC and the security layer + COAP to get correct > > possibly with external methods for service discovery, i.e. DNS etc. Thus I > > think > > it is well motivated that you actually describe the considerations needs to > > be > > taken care for a developer of a SCHC COAP compression above OSCORE or DTLS > > or > > any other security layer. > > > > I hope this clarifies my discuss. > > > > Cheers > > > > Magnus Westerlund > > > > > > On Tue, 2020-06-02 at 15:33 +0000, Pascal Thubert (pthubert) wrote: > > > Hello Magnus > > > > > > I think there's a confusion here. It is true that this draft discusses how > > > upper layer security and that COSE can be used. But for all I can see it > > does > > > not affect the SCHC operation or the way it is provisioned. It really > > affects > > > the deployment since the decompression is done in 2 stages (possibly in 2 > > > different places, the first router and then the application) but that's > > still > > > SCHC, operating twice, for outer and inner pieces, as described in fig 8. > > > > > > If a rule matches, say, a source and destination IP address, and the other > > > checked things in the bit stream that follows also match, then the rule > > > applies, and the bit stream is transformed mechanically. Whether that bit > > > stream contains encrypted content is not really the point, this is all > > bits. > > > SCHC does not do the en/decryption, and is not aware of the content of the > > > security association or the key material. This much happens between the 2 > > > rounds of SCHC but is not part of SCHC. > > > > > > > From the rule perspective, the cyphertext is inlined as another bit > > stream > > > > that cannot be compressed. > > > > > > To your point: > > > > - Discover the peers capability to perform SCHC for COAP or can one > > > > opportunistically try? > > > > > > This is a problem for the security layer between the 2 SCHC stages but > > SCHC > > > itself is not affected. We do not try anything, we mechanically change a > > > content into another when a rule matches. The security processing is > > handled > > > in that intermediate layer between the 2 stages and it is what is affected > > by > > > the architectural change you point out. That layer must be provisioned or > > must > > > discover / negotiate with its end peers, but that's not SCHC. > > > > > > > - Taking into account that an COAP application can potentially talk to a > > > > number of peers, each having different capabilities. > > > > > > If the rules are match a particular IP address then we can have different > > > format, with and without the 2 stages, but the cyphertext is an opaque > > > bitstream from a different layer to the outer SCHC operation: > > > > > > > - Are there need for a redirection/invocation mechanism- The actual > > context > > > > exchange mechanism. > > > > > > The SCHC rules (as opposed to say RoHC) are not dynamic and fully > > provisioned > > > in advance, and this does not change when SCHC compresses CoAP or COSE. > > Note > > > that we are working separately on the data model for that. But I do not > > see > > > that the data model is affected by the 2 stages operations. There will > > just be > > > different sets of rules for inner and outer. > > > > > > Cc'ed authors, do I have it right ? > > > > > > Pascal > > > > > > > > > > > > > > > > -----Original Message----- > > > > From: lp-wan <lp-wan-bounces@ietf.org> On Behalf Of Magnus Westerlund > > > > Sent: jeudi 28 mai 2020 17:33 > > > > To: Pascal Thubert (pthubert) <pthubert@cisco.com>; draft-ietf-lpwan- > > coap- > > > > static-context-hc@ietf.org; Eric Vyncke (evyncke) <evyncke@cisco.com>; > > lp- > > > > wan@ietf.org > > > > Subject: [lp-wan] draft-ietf-lpwan-coap-static-context-hc-14.txt and > > Magnus > > > > Westerlund Discuss > > > > > > > > Hi, > > > > > > > > I have looked at the changes in the latest version. However, I don't > > think > > > > they > > > > resolve my discuss ( > > https://datatracker.ietf.org/doc/draft-ietf-lpwan-coap- > > > > static-context-hc/ballot/#magnus-westerlund > > > > ). > > > > > > > > Let me try to re-iterate on why I think my discuss is relevant and you > > > > should do > > > > something credible to address it. > > > > > > > > So my discuss are really only focused on the case where SCHC is used on > > top > > > > of > > > > a security layer that pushes the SCHC implementation into the COAP > > stacks at > > > > the end-points, rather than potentially lower layers on top of the L2 > > > > infrastructure. > > > > > > > > To me it appears that this change results in several architectural > > > > considerations > > > > that didn't existed before for the entity that are going to determine > > the > > > > SCHC > > > > capability in the peer as well as the context establishment. > > > > What I am asking for is really only an description of the changed > > > > architectural > > > > context and the requirements on a solution for the SCHC context > > > > establishment > > > > mechanism. > > > > > > > > - Discover the peers capability to perform SCHC for COAP or can one > > > > opportunisticly try? > > > > - Taking into account that an COAP application can potentially talk to a > > > > number > > > > of peers, each having different capabilities. > > > > - Are there need for a redirection/invocation mechanism > > > > - The actual context exchange mechanism. > > > > > > > > Can we please write a paragraph or two in the suitable section in this > > > > document rather a single sentence pointing to an appendix. That > > appending > > > > containing a single bullet that are supposed to be added: > > > > > > > > This section extends the RFC8724 Annex D list. > > > > > > > > o How to establish the End-to-End context initialization using SCHC > > > > for CoAP header only. > > > > > > > > Annex D of RFC 8724 list is preface by: > > > > "This section lists the information that needs to be provided in the > > LPWAN > > > > technology-specific documents." > > > > > > > > That is not really information to be provided, there are procedures that > > are > > > > needed. > > > > > > > > > > > > Cheers > > > > > > > > Magnus Westerlund > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > Networks, Ericsson Research > > > > ---------------------------------------------------------------------- > > > > Ericsson AB | Phone +46 10 7148287 > > > > Torshamnsgatan 23 | Mobile +46 73 0949079 > > > > SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com > > > > ---------------------------------------------------------------------- > > > > > > > > _______________________________________________ > > > > lp-wan mailing list > > > > lp-wan@ietf.org > > > > https://www.ietf.org/mailman/listinfo/lp-wan -- Cheers Magnus Westerlund ---------------------------------------------------------------------- Networks, Ericsson Research ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 Torshamnsgatan 23 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ----------------------------------------------------------------------
- [lp-wan] draft-ietf-lpwan-coap-static-context-hc-… Magnus Westerlund
- Re: [lp-wan] draft-ietf-lpwan-coap-static-context… Pascal Thubert (pthubert)
- Re: [lp-wan] draft-ietf-lpwan-coap-static-context… Magnus Westerlund
- Re: [lp-wan] draft-ietf-lpwan-coap-static-context… Ricardo Andreasen
- Re: [lp-wan] draft-ietf-lpwan-coap-static-context… Ana Minaburo
- Re: [lp-wan] draft-ietf-lpwan-coap-static-context… Magnus Westerlund
- Re: [lp-wan] draft-ietf-lpwan-coap-static-context… Eric Vyncke (evyncke)