IETF Logo Mail Archive

Re: [manet] Alexey Melnikov's Discuss on draft-ietf-manet-dlep-27: (with DISCUSS and COMMENT)

Stan Ratliff <ratliffstan@gmail.com> Mon, 06 March 2017 02:22 UTC

Return-Path: <ratliffstan@gmail.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E154C12948A; Sun, 5 Mar 2017 18:22:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t4_K6fYGyUUZ; Sun, 5 Mar 2017 18:22:24 -0800 (PST)
Received: from mail-it0-x233.google.com (mail-it0-x233.google.com [IPv6:2607:f8b0:4001:c0b::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F16A812943B; Sun, 5 Mar 2017 18:22:23 -0800 (PST)
Received: by mail-it0-x233.google.com with SMTP id m27so42118279iti.1; Sun, 05 Mar 2017 18:22:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fxzZt6Uzos73sOLaLBcjWVi4Bn/vUGg0RlvhTGozQpg=; b=Cd0vCa+9hWMwnfBemaGAUANX8wKAfgVh+pvA8lOo+71UnDp77n3KLxF6grQ4XhAnUO 9+VQefgv+4Pa1zbvy7GwRDCvnjUtRVx4mYz+d2hBzw3vnnyQOVy8hEEzYw7QQBKybMkF S2Y17RVxZEy5jFSHIAB/rj2roRb6MdP4zxaUgp7F71crZ0r2NZCHs8KTFB+JodlkXwls sK0O2aKsSaHRT7ibdNUQk4STou7xcc1mkHeM0XvhsydVX+me++IOkl3qo1YNKq/BUmA3 7g+orq1zD5zQKc2Wbv02OWJsuFZDBnA3GUF+md20QcR05sTGRXFLX/epReiqoyeTBkxS ktWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fxzZt6Uzos73sOLaLBcjWVi4Bn/vUGg0RlvhTGozQpg=; b=uZxa/YorcylywA3bvV6+EgNpVthrB9NgO8bJh+3cZOJyegPL1jejB1iMVSY7uwbZY/ wQGKUC7fd2qlRRE8P6xPlvBmdIA1+bK2xPKt0jqyNXNC279KeQlAMt7kbItrrBtvcOce vNoAWWs4dDaDFgeXnDJCSfTFCNayMfsspYhvCBAPowaxFC1DNtNREJHU6+ptF5fQjB/V r2yPOvnWn0m3UHHv4PxWi55KSYHauBT1HJ0ejXMUG2Hb46tpbCmcpO6zJonpedQr+Fyr /Kz/TpZiBKSUSyBQ+pspZe8X4iVgq3uIZU1yKFUcO2QeIRKciVk3SGTsnOuMa9xuaZG9 yTwg==
X-Gm-Message-State: AMke39mnO/sv1zo3W6hj1uF+Da4JyXkyDbEDG1JYo2Slz/THXNt1r5qXEn5zkm2NvYDGuDH0E7ox6Y0zPY+fSg==
X-Received: by 10.36.215.129 with SMTP id y123mr13336293itg.17.1488766943377; Sun, 05 Mar 2017 18:22:23 -0800 (PST)
MIME-Version: 1.0
Received: by 10.79.158.90 with HTTP; Sun, 5 Mar 2017 18:22:22 -0800 (PST)
In-Reply-To: <148692737899.6211.5674368789340482960.idtracker@ietfa.amsl.com>
References: <148692737899.6211.5674368789340482960.idtracker@ietfa.amsl.com>
From: Stan Ratliff <ratliffstan@gmail.com>
Date: Sun, 05 Mar 2017 21:22:22 -0500
Message-ID: <CALtoyoncQc755p_XJ1CDoQ4ZLiqYYHs_mVSe0G_SRSrkdG642w@mail.gmail.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>
Content-Type: multipart/alternative; boundary="94eb2c0b07ead0425d054a069058"
Archived-At: <https://mailarchive.ietf.org/arch/msg/manet/-8kUilDzalFO7J7GRRa813thxKQ>
Cc: MANET IETF <manet@ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-manet-dlep@ietf.org, manet-chairs@ietf.org
Subject: Re: [manet] Alexey Melnikov's Discuss on draft-ietf-manet-dlep-27: (with DISCUSS and COMMENT)
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Mar 2017 02:22:26 -0000

Alexey,

Thank you for the additional feedback. The authors have submitted DLEP-28
to address your comments. Please let us know if this is sufficient.
Additional comments inline.

On Sun, Feb 12, 2017 at 2:22 PM, Alexey Melnikov <aamelnikov@fastmail.fm>
wrote:

> Alexey Melnikov has entered the following ballot position for
> draft-ietf-manet-dlep-27: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-manet-dlep/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> This is generally a well written document and I enjoyed reading it.
>
> I have one remaining question which I would like to quickly discuss
> before recommending approval of this document:
>
> Section 14 (Security Considerations) now says:
>
>    When TLS is in use, each peer SHOULD check the validity of
>    credentials presented by the other peer during TLS session
>    establishment.  Mobile implementations MAY need to consider use of
>    pre-shared keys for credentials; implementations following the
>    "networked deployment" model described in Implementation Scenarios
>    SHOULD refer to [RFC7525] for additional details.
>
> RFC 7525 that you are referencing contains recommendations on version of
> TLS and ciphersuites to use.
> Section 6.1 of RFC 7525 talks about "Host Name Validation". I don't think
> this section applies to DLEP. So can you elaborate on how server identity
> is going to be verified using pre-shared keys and which parts of RFC 7525
> do you think apply to DLEP?
>

We have added text to clarify that "dedicated deployments" may need to
provide their own host name validation. The reference to RFC 7525 is now
limited to "networked deployments" (those deployments that are instantiated
in existing networks with the requisite services).


>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> Thank you for addressing my earlier DISCUSS points.
>
> 13.  DLEP Data Items
>
>    Following is the list of core Data Items that MUST be recognized by
> a
>    DLEP compliant implementation.  As mentioned before, not all Data
>    Items need be used during a session, but an implementation MUST
>    correctly process these Data Items when correctly associated with a
>    Signal or Message.
>
> Is "skip over or ignore" a valid way to "correctly process"? I think so,
> but
> this might not be obvious from the text as written.
>


This text has been removed.

Regards,
Stan



>
>
> _______________________________________________
> manet mailing list
> manet@ietf.org
> https://www.ietf.org/mailman/listinfo/manet
>

v2.23.0 | Report a Bug | By Email