Re: [MEXT] Acknowledgements for Revocation Messages
"Ahmad Muhanna" <amuhanna@nortel.com> Wed, 16 September 2009 08:36 UTC
Return-Path: <AMUHANNA@nortel.com>
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 227A33A659C for <mext@core3.amsl.com>; Wed, 16 Sep 2009 01:36:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.627
X-Spam-Level:
X-Spam-Status: No, score=-6.627 tagged_above=-999 required=5 tests=[AWL=-0.028, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bcuo6eqT7LET for <mext@core3.amsl.com>; Wed, 16 Sep 2009 01:36:17 -0700 (PDT)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id 9BE403A67AD for <mext@ietf.org>; Wed, 16 Sep 2009 01:36:17 -0700 (PDT)
Received: from zrc2hxm0.corp.nortel.com (zrc2hxm0.corp.nortel.com [47.103.123.71]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id n8G8awl24818; Wed, 16 Sep 2009 08:36:58 GMT
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 16 Sep 2009 03:36:12 -0500
Message-ID: <C5A96676FCD00745B64AE42D5FCC9B6E2042DCF3@zrc2hxm0.corp.nortel.com>
In-Reply-To: <4AAE1DAB.6010906@piuha.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Acknowledgements for Revocation Messages
Thread-Index: Aco1J9PQXNByTpQiTTC5EZ3d0yJvHQA0+FEA
References: <C5A96676FCD00745B64AE42D5FCC9B6E20346547@zrc2hxm0.corp.nortel.com> <C6CFDCE5.B1FB%vijay@wichorus.com> <C5A96676FCD00745B64AE42D5FCC9B6E2038A902@zrc2hxm0.corp.nortel.com> <4AAE1DAB.6010906@piuha.net>
From: Ahmad Muhanna <amuhanna@nortel.com>
To: Jari Arkko <jari.arkko@piuha.net>, Vijay Devarapalli <vijay@wichorus.com>
Cc: mext@ietf.org
Subject: Re: [MEXT] Acknowledgements for Revocation Messages
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Sep 2009 08:36:19 -0000
Hello Jari, Sorry for taking so long before getting back to you. Please see responses inline. Regards, Ahmad > -----Original Message----- > From: Jari Arkko [mailto:jari.arkko@piuha.net] > Sent: Monday, September 14, 2009 5:41 AM > To: Muhanna, Ahmad (RICH1:2H10); Vijay Devarapalli > Cc: mext@ietf.org > Subject: Re: Acknowledgements for Revocation Messages > > At this point we are only changing the document if there's a > technical problem somewhere. [Ahmad] Thanks! I believe features that already had the wg consensus are not supposed to be removed for the sake of just removing it or because all of a sudden some people believe it is not necessary. Unless, there is a technical issue and problem in the respected functionality (something broken), IMO, it should not be removed. > > That being said, I believe there were/are issues in the rules > that specify when a BRA is going to be sent. So something has > to be fixed in any case. [Ahmad] IMO, they are not technical issues that breaks the protocol. I believe we received good comments from Ben to clarify few points about the protocol handling and setting of the Acknowledge (A) bit. These clarifications have been agreed upon and the next revision will captured all of these clarifications. > The fix can be: > > 1. Make it clear what the rules are, and ensure that the > rules are logically consistent. RFC 3775 Section 9.5.4 should > be default approach, and I don't really see no reason to > deviate from that approach if we have the A bit to begin > with. [Ahmad] What I am struggling with here is: in MIP6, the message exchange is usually between the MN and the HA or the MN and the CN; with the BA always coming from either the HA or the CN. However, in the case of Binding Revocation, every single node may send or receive a BRA; except the MN which always send a BRA. May be the right approach is: after addressing all of Ben's comments, it would be good if we can identify what is missing? Or what is NOT there that breaks the protocol. That will be a great help. > I'm not sure I like the rules that mix G and A bits; I > would rather keep separate things separate. [Ahmad] Hmmm... I am not sure we should call it mixing:) Because what would you call the following text in RFC3775: " .............................................. .............. After selecting a new primary care-of address, the mobile node MUST send a Binding Update containing that care-of address to its home agent. The Binding Update MUST have the Home Registration (H) and Acknowledge (A) bits set .." Is that mixing the (H) and (A) bits? IMO, in order to have a robust and sane protocol, crucial and critical scenarios need to be identified and explicit recommendation is needed. In the whole binding revocation draft, there is only one case that the Acknowledge (A) bit setting is mandated when another bit is set. It is when the BRI has the capabilities to wipe out all of the BCEs between the MAG and its LMA peer, or vice versa. I believe that scenario is crucial and critical enough for this specification to make sure that the sending node REQUEST a BRA back by setting the (A) bit. > In any case, what > the specific issues Ben and Vijay raised need to be fixed. [Ahmad] I guess, we need to separate between the two sets of comments. Ben's comments has the following basic logic, the (A) bit should have the authoritative power to mandate the receiving node to send back a BRA. That is actually a good comment and all of my debate with Ben was on the cases when the receiving node is NOT able to send a BRA, in this case, it is the mobile node. Even that one, we closed it too! However, with respect to Vijay's comments, He is raising comments against text that have the wg consensus and I disagree that these are issues to start with before thinking of whether they need to be fixed or not. Here they are: 1. Removing the (A) bit from the BRI and BRA and assume that the (A) bit is always set and a BRA is mandated for each BRI. (I DISAGREE, please see below) 2. If we have a careless implementation that sent a BRI with the (G) bit set and the revocation trigger value "Per-Peer Policy" and the (A) bit is NOT set (against the specification recommendation), Vijay wants the receiving node to send a BRA with status error or in his late posting to use ICMP error message. Neither one should work. IMO, a BRA MUST NOT be SENT because the sending node does NOT expect one! Now, we can agree on whether the receiving node discard the message or accept it, I am open for either one, but I favor discarding it. In order to make sure that the sending node take a note and make sure that if it needs this to work, the (A) bit needs to be set. IMO, A CARELESS SENDING NODE SHOULD NOT BE REWARDED!:) 3. The issue of Alternate care of address use. Well, the text was clarified based on specific questions from Ben. The clarification text did not change any functionality or add anything new other than spell out what everyone knows. Vijay raised the issue that in case of MIP6, the source address of the IPv6 packet that carried the BU with Alternate Care-of address option included, MAY become invalid, that because this mechanism is used as a pre-registration mechanism to register a new care-of address by sending a BU from the old Care-of address. Honestly, I am not sure of the validity of this usecase in the scope of MIP6 (RFC3775). IMO, pre-registration needs to be clearly signaled to the HA. Because, how the HA would know when the source IP address becomes invalid? Although, it has just sent the BA to that address! > > 2. Remove the A bit and make the spec simpler. [Ahmad] I disagree that will make the protocol simpler. It rather makes the protocol incomplete! Binding revocation covers a wide range of usecase that all of them CAN NOT be treated with the same severity. The funny thing here is that for sometime people argued on the ml that Binding Revocation can be addressed via a generic notification (send it and forget about it) and all of a sudden, we are going to the other extreme! Binding revocation is always authoritative and critical and a BRA MUST be sent all the time. That is a very rigid approach which lacks the full realization of the binding revocation usecases. NOT only that, but a protocol which is used for creating a new BCE (MIP6) uses the (A) bit optionality while a protocol which allows the home anchor point to release the resources of a mobile node session, all of a sudden MUST be as rigid as a rock and a BRA is ALWAYS sent back! I can go on and on with respect to this but, IMO, this is a recipe for killing creativity and the chance for implementations to differ from one another. Those implementations which fall in love with assuming the (A) bit is set all the time can simply make the choice to set the (A) bit in every BRI message and be ready for retransmission. That is absolutely fine and is currently allowed by the protocol. > I do not > personally believe the flexibility is useful in this context, > so I do not object to removing it. However, given that we are > so far in the process, we should not do this change if there > are people who are opposing it. [Ahmad] Please see comments above. > Ahmad, since you were the one > arguing that there is a need, can you re-think this in view > of whether your objections are about real-live business needs > or reducing late changes? If its more about the latter, maybe > the right thing is to get rid of the bit. [Ahmad] In simple words, I respectfully disagree. Let me explain why. As I mentioned above, Binding Revocation mechanism addresses a wide range of usecases with various severity and consequences. Some of which are documented in the draft and many others are not. WHY when the LMA/HA would like to revoke a BCE of an important fellow needs to handle that as when revoking the BCE of NO-ONE-KNOWS-ABOUT-COPPER=USER-X? Sending a BRI message with the (A) bit cleared in certain cases, reduces signaling, retransmission, and makes a lot of sense. Best Regards, Ahmad > > Jari > >
- [MEXT] I-D Action:draft-ietf-mext-binding-revocat… Internet-Drafts
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- [MEXT] Acknowledgements for Revocation Messages Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Jari Arkko
- Re: [MEXT] Acknowledgements for Revocation Messag… Basavaraj.Patil
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Jari Arkko
- Re: [MEXT] Acknowledgements for Revocation Messag… Jari Arkko
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Vijay Devarapalli
- Re: [MEXT] Acknowledgements for Revocation Messag… Vijay Devarapalli
- Re: [MEXT] I-D Action:draft-ietf-mext-binding-rev… Ahmad Muhanna
- Re: [MEXT] Acknowledgements for Revocation Messag… Ahmad Muhanna