IETF Logo Mail Archive

Re: [manet] Not just 5498 but also 5444 compliance (was: Re: #45 (aodvv2): RFC 5498 non-compliance (submitted for Chris Dearlove))

"Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com> Tue, 22 July 2014 13:56 UTC

Return-Path: <chris.dearlove@baesystems.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80A731B2858 for <manet@ietfa.amsl.com>; Tue, 22 Jul 2014 06:56:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.29
X-Spam-Level:
X-Spam-Status: No, score=-6.29 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_12=0.6, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, T_FILL_THIS_FORM_SHORT=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eNMtFBCjTCA6 for <manet@ietfa.amsl.com>; Tue, 22 Jul 2014 06:56:22 -0700 (PDT)
Received: from ukmta3.baesystems.com (ukmta3.baesystems.com [20.133.40.55]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A5C71ABB2F for <manet@ietf.org>; Tue, 22 Jul 2014 06:56:20 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.01,710,1400022000"; d="scan'208,217";a="388500732"
Received: from unknown (HELO baemasodc005.greenlnk.net) ([10.108.52.29]) by Baemasodc001ir.sharelnk.net with ESMTP; 22 Jul 2014 14:56:19 +0100
X-IronPort-AV: E=Sophos; i="5.01,710,1400022000"; d="scan'208,217"; a="65642878"
Received: from glkxh0004v.greenlnk.net ([10.109.2.35]) by baemasodc005.greenlnk.net with ESMTP; 22 Jul 2014 14:56:26 +0100
Received: from GLKXM0002V.GREENLNK.net ([169.254.5.213]) by GLKXH0004V.GREENLNK.net ([10.109.2.35]) with mapi id 14.03.0174.001; Tue, 22 Jul 2014 14:56:26 +0100
From: "Dearlove, Christopher (UK)" <chris.dearlove@baesystems.com>
To: Thomas Heide Clausen <thomas@thomasclausen.org>
Thread-Topic: [manet] Not just 5498 but also 5444 compliance (was: Re: #45 (aodvv2): RFC 5498 non-compliance (submitted for Chris Dearlove))
Thread-Index: AQHPpbQbhFyS/YWVCkeq01fmYC5UcpusHQOg
Date: Tue, 22 Jul 2014 13:56:26 +0000
Message-ID: <B31EEDDDB8ED7E4A93FDF12A4EECD30D40CEEDF2@GLKXM0002V.GREENLNK.net>
References: <061.5b91f4f9f74fe26d1eb24cfd1ed89d43@trac.tools.ietf.org> <CADnDZ88M+4iNTn1vuuFhs2M4LaCVkpYnbdsUPA=pchxURmekqA@mail.gmail.com> <B31EEDDDB8ED7E4A93FDF12A4EECD30D40CEEC7B@GLKXM0002V.GREENLNK.net> <617F475F-ABEE-4D19-9AF4-BA20A34DEF7F@thomasclausen.org> <B31EEDDDB8ED7E4A93FDF12A4EECD30D40CEEDB2@GLKXM0002V.GREENLNK.net> <A8FF8C4D-787A-4B39-B801-3FFCF9363F82@thomasclausen.org>
In-Reply-To: <A8FF8C4D-787A-4B39-B801-3FFCF9363F82@thomasclausen.org>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.109.62.6]
Content-Type: multipart/alternative; boundary="_000_B31EEDDDB8ED7E4A93FDF12A4EECD30D40CEEDF2GLKXM0002VGREEN_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/manet/ZrzrCNNPgv0C0i2tnq4kN6om_5w
Cc: "draft-ietf-manet-aodvv2@tools.ietf.org" <draft-ietf-manet-aodvv2@tools.ietf.org>, "manet@ietf.org" <manet@ietf.org>, manet-ads <manet-ads@tools.ietf.org>
Subject: Re: [manet] Not just 5498 but also 5444 compliance (was: Re: #45 (aodvv2): RFC 5498 non-compliance (submitted for Chris Dearlove))
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jul 2014 13:56:25 -0000

I think we’ve said something like that before.

But just to make Thomas’s workload even greater, there are many details of 5444, NHDP and OLSRV2 that the authors would like to provide rationale material for. We’ve done it once, for metrics. But it really is something that’s hard to find time to do, because it’s just a good idea, rather than being essential.

--
Christopher Dearlove
Senior Principal Engineer, Information Assurance Group
Communications, Networks and Image Analysis Capability
BAE Systems Advanced Technology Centre
West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
Tel: +44 1245 242194 |  Fax: +44 1245 242124
chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com> | http://www.baesystems.com

BAE Systems (Operations) Limited
Registered Office: Warwick House, PO Box 87, Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
Registered in England & Wales No: 1996687

From: Thomas Heide Clausen [mailto:thomas@thomasclausen.org]
Sent: 22 July 2014 14:52
To: Dearlove, Christopher (UK)
Cc: draft-ietf-manet-aodvv2@tools.ietf.org; manet-ads; manet@ietf.org
Subject: Re: [manet] Not just 5498 but also 5444 compliance (was: Re: #45 (aodvv2): RFC 5498 non-compliance (submitted for Chris Dearlove))


*** WARNING ***
This message originates from outside our organisation, either from an external partner or the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
For information regarding Red Flags that you can look out for in emails you receive, click here<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Red%20Flags.pdf>.
If you feel the email is suspicious, please follow this process<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Dealing%20With%20Suspicious%20Emails.pdf>.

On 22 Jul 2014, at 15:45 , Dearlove, Christopher (UK) <chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com>> wrote:

Actually, I think there has been some improvement here, but could be improved further. This is at the level of comment I didn’t attempt to make, I concentrated on what I considered the most major issues.

Improvement, I agree, but still *quite* far from to the point where it’s correct.

IIRC, two TLVs are suggested, one to say “this is A”, one to say “this is B”. It’s assumed there are two addresses, and the one that’s not A is B, and vice versal.

Better is to have a single TLV with a  value for A or B. Why? First, it avoids wasting a TLV code point. Second, you can flag A and B with a single multivalue TLV more efficiently than marking A and B. And it’s a good idea to mark A and B, because that way you can add additional addresses in an extension, without introducing any problems as to which is A or B with a single TLV. In addition, the practice we introduced in TLV extensions of having a null value (255 UNSPECIFIED is what we used) can help there as well.

Yes, and while important, the above is a design detail that is relatively easy to hammer out, when all else is completed.


One of those things the authors of 5444 etc. would like to do – when they can find some extra hours in a week – is to set out this sort of good practice for 5444 that has been found to be valuable. In this case we have the two principles of (a) always attack a TLV to indicate information, as just doing so from a non-TLVed address precludes various extensions, and (b) when attaching information, null values are good – T:LV extensions discusses why, a lot comes down to that you can’t order for more than one or two TLVs at once.

Yes, and with the caveat that one of the 5444 authors is trying to find some hours this week for that, so that may be forthcoming soon.

(See, Chris, now you made me go public with this, so I’m kinda on the hook for producing something….)

Thomas



--
Christopher Dearlove
Senior Principal Engineer, Information Assurance Group
Communications, Networks and Image Analysis Capability
BAE Systems Advanced Technology Centre
West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
Tel: +44 1245 242194 |  Fax: +44 1245 242124
chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com> | http://www.baesystems.com<http://www.baesystems.com/>

BAE Systems (Operations) Limited
Registered Office: Warwick House, PO Box 87, Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
Registered in England & Wales No: 1996687

From: Thomas Heide Clausen [mailto:thomas@thomasclausen.org]
Sent: 22 July 2014 14:08
To: Dearlove, Christopher (UK)
Cc: manet@ietf.org<mailto:manet@ietf.org>; draft-ietf-manet-aodvv2@tools.ietf.org<mailto:draft-ietf-manet-aodvv2@tools.ietf.org>; manet-ads
Subject: Not just 5498 but also 5444 compliance (was: Re: [manet] #45 (aodvv2): RFC 5498 non-compliance (submitted for Chris Dearlove))


*** WARNING ***
This message originates from outside our organisation, either from an external partner or the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
For information regarding Red Flags that you can look out for in emails you receive, click here<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Red%20Flags.pdf>.
If you feel the email is suspicious, please follow this process<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Dealing%20With%20Suspicious%20Emails.pdf>.
I am still, with reference to this document, dismayed to see that there remain abundant references to positional information in address blocks in RFC5444 messages.

As has been pointed out numerous times, this is inappropriate, positional information cannot be assumed assured and preserved by generic 5444 message generation and parsing code. The first instance of this offense is in Table 1 ...

This has been requested fixed for years now. When will it be fixed?


On 22 Jul 2014, at 14:24 , Dearlove, Christopher (UK) <Chris.Dearlove@baesystems.com<mailto:Chris.Dearlove@baesystems.com>> wrote:

RFC5444 describes a multiplexing process. It is not required purely in its own terms. But RFC 5498 make it mandatory for any protocol using the port/protocol allocated by that RFC. And the WG has agreed that all routing protocols developed have to be able (at least) to use that port/protocol.

--
Christopher Dearlove
Senior Principal Engineer, Information Assurance Group
Communications, Networks and Image Analysis Capability
BAE Systems Advanced Technology Centre
West Hanningfield Road, Great Baddow, Chelmsford, CM2 8HN, UK
Tel: +44 1245 242194 |  Fax: +44 1245 242124
chris.dearlove@baesystems.com<mailto:chris.dearlove@baesystems.com> | http://www.baesystems.com<http://www.baesystems.com/>

BAE Systems (Operations) Limited
Registered Office: Warwick House, PO Box 87, Farnborough Aerospace Centre, Farnborough, Hants, GU14 6YU, UK
Registered in England & Wales No: 1996687

From: manet [mailto:manet-bounces@ietf.org] On Behalf Of Abdussalam Baryun
Sent: 22 July 2014 12:02
To: manet@ietf.org<mailto:manet@ietf.org>
Cc: draft-ietf-manet-aodvv2@tools.ietf.org<mailto:draft-ietf-manet-aodvv2@tools.ietf.org>
Subject: Re: [manet] #45 (aodvv2): RFC 5498 non-compliance (submitted for Chris Dearlove)


*** WARNING ***
This message originates from outside our organisation, either from an external partner or the internet.
Consider carefully whether you should click on any links, open any attachments or reply.
For information regarding Red Flags that you can look out for in emails you receive, click here<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Red%20Flags.pdf>.
If you feel the email is suspicious, please follow this process<http://intranet.ent.baesystems.com/howwework/security/spotlights/Documents/Dealing%20With%20Suspicious%20Emails.pdf>.
IMHO The problem is that RFC5444 still does not have a multiplexing standard in IETF. The way of multiplexing is still just implemented by OLSRv2 experts but I dont find any standard for multiplexing yet. The RFC5498 is not for multipexing as I understand it. We already discussed once that multiplexing is not specified for all RFC5444 formats because it is general format but RFC5498 is not general.

If I am wrong please point me to an RFC.
AB
On Mon, Jul 21, 2014 at 5:40 AM, manet issue tracker <trac+manet@trac.tools.ietf.org<mailto:trac+manet@trac.tools.ietf.org>> wrote:
#45: RFC 5498 non-compliance (submitted for Chris Dearlove)

 The document is completely noncompliant with the RFC 5444 multiplexing
 mechanism, mandated by RFC 5498 (on the manet port/protocol). It does
 many things that are not within its competence.

--
-------------------------+-------------------------------------------------
 Reporter:               |      Owner:  draft-ietf-manet-
  charliep@computer.org<mailto:charliep@computer.org>  |  aodvv2@tools.ietf.org<mailto:aodvv2@tools.ietf.org>
     Type:  defect       |     Status:  new
 Priority:  minor        |  Milestone:
Component:  aodvv2       |    Version:
 Severity:  Active WG    |   Keywords:  RFC 5498
  Document               |
-------------------------+-------------------------------------------------

Ticket URL: <https://tools.ietf.org/wg/manet/trac/ticket/45>
manet <http://tools.ietf.org/manet/>

_______________________________________________
manet mailing list
manet@ietf.org<mailto:manet@ietf.org>
https://www.ietf.org/mailman/listinfo/manet


********************************************************************
This email and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
You should not copy it or use it for any purpose nor disclose or
distribute its contents to any other person.
********************************************************************
_______________________________________________
manet mailing list
manet@ietf.org<mailto:manet@ietf.org>
https://www.ietf.org/mailman/listinfo/manet

_______________________________________________
manet mailing list
manet@ietf.org<mailto:manet@ietf.org>
https://www.ietf.org/mailman/listinfo/manet

v2.23.0 | Report a Bug | By Email