Re: [Lwip] [core] Issues of CoAP with DTLS
"Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com> Fri, 18 August 2017 10:06 UTC
Return-Path: <thomas.fossati@nokia.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16D0F1323AD; Fri, 18 Aug 2017 03:06:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.701
X-Spam-Level:
X-Spam-Status: No, score=-4.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QtFo140hE0Du; Fri, 18 Aug 2017 03:05:57 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0121.outbound.protection.outlook.com [104.47.1.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61E6B13235C; Fri, 18 Aug 2017 03:05:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=n8rclxqNMsmXHvHUb0wrmTv0LBluzUURHH0aXPM+LMM=; b=PUPnecSjVJ4NoFGcDhftWL3RIFvdWER6X36SAAbAnNqczdXsVmwn6eRS4kCm8q4J1yLw7nOvNrxzVX8lbJ9Yu9rtY+G3ff1kad3d5duhxLDe4ZaPXuG5VbU8SNfGAWMzpTqGrNsJ/zJGTLzbUNWZs3ecLJ3fO6TEQE6RndzZpjU=
Received: from VI1PR07MB1102.eurprd07.prod.outlook.com (10.163.168.26) by VI1PR07MB1392.eurprd07.prod.outlook.com (10.164.92.158) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1362.12; Fri, 18 Aug 2017 10:05:54 +0000
Received: from VI1PR07MB1102.eurprd07.prod.outlook.com ([fe80::b4cd:e432:f911:52f8]) by VI1PR07MB1102.eurprd07.prod.outlook.com ([fe80::b4cd:e432:f911:52f8%14]) with mapi id 15.01.1362.018; Fri, 18 Aug 2017 10:05:54 +0000
From: "Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>, Zhen Cao <zhencao.ietf@gmail.com>, "draft-ietf-lwig-coap@ietf.org" <draft-ietf-lwig-coap@ietf.org>, "lwip@ietf.org" <lwip@ietf.org>, "core@ietf.org WG" <core@ietf.org>
CC: "Fossati, Thomas (Nokia - GB/Cambridge, UK)" <thomas.fossati@nokia.com>
Thread-Topic: [core] [Lwip] Issues of CoAP with DTLS
Thread-Index: AQHTGAWqSU2+Kmk6wEi2m1nJAN58WKKJ896A
Date: Fri, 18 Aug 2017 10:05:54 +0000
Message-ID: <D537B0BC-12D3-49B3-AACF-024D81A2B86B@nokia.com>
References: <CAFxP68y5RihLYHXoMr+od3LUfZ5P9asHaPXxGx=jNFS5T-z9Mg@mail.gmail.com> <e2973c6e-ae8f-f089-5936-ee1ab76799b5@gmx.net>
In-Reply-To: <e2973c6e-ae8f-f089-5936-ee1ab76799b5@gmx.net>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.20.0.170309
authentication-results: spf=none (sender IP is ) smtp.mailfrom=thomas.fossati@nokia.com;
x-originating-ip: [92.23.92.234]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; VI1PR07MB1392; 6:WEVz/Tull3bQ+u2ADUeo6vPNYpsaWxCociTyizCXjFQxh92ZOtZN2tTP9CpvJnjwRn45+183Xvl34YvhqUxIir1IoX1cylYwLnPXoy7lzhe4sCkXOqgbBhD0FC28dR+RwuHZVfb/byf42xgn8RvzfKcqe+ct7gJyowEqwDTF5SkFoYZswAdzRjVA7tHzCKZr72KBCkTRy4sm4MageoAvs3XdZv7MJbhJBtPZf/L7iHL5rVXN6JaRBXSAVa1nIwrR1pF/UhcpRCQp8q2ryztrzdBJ5rnjwFliWdjubXQxaNOtknvuH5qAjQkTzvG5kq8LN6LrYQlJvR9ktPTM9hwilQ==; 5:4ZZ/CLkaJXGovcB3mUWAMXG6kjRcoQ/e90C9r0F7UqJDUgxPc443XDMqM4wtatoS4bwZGEmNJzpChY9qd1LbJmOaEeymkF/qqgj0aPM7f3N/VymvXMTRl6Ow9i/wHyDs0waBnVHqdlLL6awWgfCjyA==; 24:3vchl4w7YPxaNQUQZrawn1HGCqsKT0dvT08uhQimgXgozVJkUMgcZoFZNR+ly+cfzje9kEcNLggs55JLFk3O3ijuOFth/4aPObdgZRkSEKc=; 7:wuqA1FfGjiEJJTaw2Bmsje7sGm10hTxUbdlu5nmVObZekOHXDlHsRQt3yerF0bxi3IBhIALmLpxUAJyO6u2ISxYgU5oAtHC08DnMxtUKwTkb/cX6TUpNHYQUnUdrKhrB56kQ6fB7rb7JLzrlkpzW+g4EYPoLqQRwRvBHNrhtQ0caMsxL+homIvahNGpvI/1L4f++8YQ3fIet7sMO/DU9IVwqTA3is6n5wcqF/4V59Oc=
x-ms-office365-filtering-correlation-id: 2859a4d9-170e-4b54-272f-08d4e620b6d3
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(300000503095)(300135400095)(48565401081)(2017052603031)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:VI1PR07MB1392;
x-ms-traffictypediagnostic: VI1PR07MB1392:
x-exchange-antispam-report-test: UriScan:(268559375225159)(158342451672863)(248736688235697);
x-microsoft-antispam-prvs: <VI1PR07MB1392506DD2958ACE9385221B80800@VI1PR07MB1392.eurprd07.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(100000703101)(100105400095)(3002001)(10201501046)(6055026)(6041248)(20161123562025)(20161123558100)(20161123560025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:VI1PR07MB1392; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:VI1PR07MB1392;
x-forefront-prvs: 040359335D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(39860400002)(66654002)(377454003)(199003)(189002)(24454002)(50986999)(54356999)(3846002)(76176999)(101416001)(81166006)(6116002)(81156014)(8676002)(53936002)(106356001)(102836003)(8936002)(345774005)(6246003)(107886003)(105586002)(3660700001)(99286003)(2906002)(3280700002)(39060400002)(68736007)(66066001)(6306002)(6512007)(36756003)(2900100001)(229853002)(2950100002)(6506006)(82746002)(33656002)(97736004)(189998001)(2501003)(305945005)(25786009)(14454004)(83716003)(5250100002)(478600001)(83506001)(4326008)(7736002)(2201001)(5660300001)(4001350100001)(6436002)(6486002)(53546010)(86362001)(966005); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR07MB1392; H:VI1PR07MB1102.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <4966B46515BCC74EB120740B693B0623@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Aug 2017 10:05:54.5153 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR07MB1392
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/D3Uj2vQQ0fIR2_9nrysQmURkLTM>
Subject: Re: [Lwip] [core] Issues of CoAP with DTLS
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Lightweight IP stack <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 10:06:00 -0000
Hi Zhen, If you are interested in the f2f discussion that Hannes mentioned, see [1]. Cheers, t [1] https://youtu.be/ms-0PlY1R-8?t=2534 On 18/08/2017, 10:37, "core on behalf of Hannes Tschofenig" <core-bounces@ietf.org on behalf of hannes.tschofenig@gmx.net> wrote: Hi Zhen, a few people have pointed out this problem and hence a solution will be worked on (as agreed at the last TLS WG meeting). Ciao Hannes On 08/18/2017 11:05 AM, Zhen Cao wrote: > Hi Authors of draft-lwig-coap, > > Thank you for the draft. I have a question related to CoAP-over-DTLS. > Section 5.4 of the draft > (https://tools.ietf.org/html/draft-ietf-lwig-coap-04#section-5.4) has > some discussion over the problem, it however does not help with the > case below. > > Say, the client and server is talking over a CoAP-DTLS session with a > NAT between. Then the NAT session expires because of an idle period > when no traffic re-enforce the NAT state. Assume afterwards the > client would like to send a new CoAP-CON message towards the server. > With the NAT outgoing <address port> pair changed, the server will not > be able to resume the previous DTLS session and will discard this > message. Sad though, it is not that serious because NAT problems is > everywhere. > > What's worse is however, under such scenario, the client is unclear if > it needs to retransmit the CoAP-over-DTLS message or re-negotiate a > new DTLS (isn't it? because it does not know whether it is a network > issue or DTLS failure). If it takes it as a network issue, it will > keep trying to retransmit the CoAP-CON, until it reaches the retry > limit (4 defined in RFC7252). This is very costly because of the > exponential backoff may sum to more than 10s. In this case, it will > be more efficient in this case to have the client re-negotiates the > DTLS with server immediately. > > a) So my first question will be : > Is this an issue with the current implementation and shall we make > some recommendations? > > b) With regards to a better solution, > draft-fossati-tls-iot-optimizations-00 will be a direct solution by > including a connection ID in the DTLS record layer, but I do not know > why this draft expires. @Hannes, could you help me with some > background. > > Many thanks for discussion. > > BR, > Zhen > > _______________________________________________ > Lwip mailing list > Lwip@ietf.org > https://www.ietf.org/mailman/listinfo/lwip > _______________________________________________ core mailing list core@ietf.org https://www.ietf.org/mailman/listinfo/core
- [Lwip] Issues of CoAP with DTLS Zhen Cao
- Re: [Lwip] Issues of CoAP with DTLS Hannes Tschofenig
- Re: [Lwip] [core] Issues of CoAP with DTLS Fossati, Thomas (Nokia - GB/Cambridge, UK)