IETF Logo Mail Archive

Re: [multipathtcp] WG Last Call for draft-ietf-mptcp-rfc6824bis

Christoph Paasch <cpaasch@apple.com> Sun, 15 July 2018 19:12 UTC

Return-Path: <cpaasch@apple.com>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61765129C6B for <multipathtcp@ietfa.amsl.com>; Sun, 15 Jul 2018 12:12:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MA2LP8e0RX4d for <multipathtcp@ietfa.amsl.com>; Sun, 15 Jul 2018 12:12:18 -0700 (PDT)
Received: from mail-in2.apple.com (mail-out2.apple.com [17.151.62.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BF93130E60 for <multipathtcp@ietf.org>; Sun, 15 Jul 2018 12:12:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=apple.com; s=mailout2048s; c=relaxed/simple; q=dns/txt; i=@apple.com; t=1531681937; x=2395595537; h=From:Sender:Reply-To:Subject:Date:Message-id:To:Cc:MIME-version:Content-type: Content-transfer-encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-reply-to:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=eekcl7kYlBuqzysLusf+8eXemUvipHLSSDs0fp3m7Jc=; b=d5mDtUj7llbJQ5Ne6gFWegpHBzkUwz3n71dEOaV8sqrOfFz3YhbkroNdaiG4yjkM doohnU/tT8cR12btHTcTYWrDu0Yd4rdZcNNP2k741o0guXAR7FVylE0e7OaxLAGE DaI03s+e3hj9Jnxf+FKc+MMLUvaqqLQu/qowHwFzECKBjFC4qnlhBzJdrrk0zY4i 74acJVvRTzWe1+GHslkRFhpleNA5UQqnhPh6nLViARHpz40MNu2XxlesT7b2BF+1 qZhe/jUZqFCYvjZSacVc+sTsTAex89XPktVYxAJczqd2+Ugwvvrq/OR2AA3kLQed H2K0fGUGGuNvPPhCtYiDjQ==;
X-AuditID: 11973e11-513ff70000005b22-5f-5b4b9c907038
Received: from mr2-mtap-s02.rno.apple.com (mr2-mtap-s02.rno.apple.com [17.179.226.134]) (using TLS with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mail-in2.apple.com (Apple Secure Mail Relay) with SMTP id 66.D7.23330.09C9B4B5; Sun, 15 Jul 2018 12:12:17 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-disposition: inline
Content-type: text/plain; CHARSET="US-ASCII"
Received: from ma1-mmpp-sz09.apple.com (ma1-mmpp-sz09.apple.com [17.171.128.183]) by mr2-mtap-s02.rno.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) with ESMTPS id <0PBX006809CGXU70@mr2-mtap-s02.rno.apple.com>; Sun, 15 Jul 2018 12:12:16 -0700 (PDT)
Received: from process_viserion-daemon.ma1-mmpp-sz09.apple.com by ma1-mmpp-sz09.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) id <0PBX00G008T52U00@ma1-mmpp-sz09.apple.com>; Sun, 15 Jul 2018 12:12:16 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 858e2f4dae29a6016c98c8320829244c
X-Va-E-CD: 3bbd785c51ace3f981efd92bc4e82048
X-Va-R-CD: 2b9cdb0e57a359d759a3675f8c35d2a7
X-Va-CD: 0
X-Va-ID: 677d6b0f-7169-4a69-9997-ad71b8093b16
X-V-A:
X-V-T-CD: 858e2f4dae29a6016c98c8320829244c
X-V-E-CD: 3bbd785c51ace3f981efd92bc4e82048
X-V-R-CD: 2b9cdb0e57a359d759a3675f8c35d2a7
X-V-CD: 0
X-V-ID: ef6d43b7-0201-4079-8df9-fd9235b8c450
Received: from process_milters-daemon.ma1-mmpp-sz09.apple.com by ma1-mmpp-sz09.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) id <0PBX00C006L6WX00@ma1-mmpp-sz09.apple.com>; Sun, 15 Jul 2018 12:12:15 -0700 (PDT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-07-15_07:,, signatures=0
X-Proofpoint-Scanner-Instance: ma-grpmailp-qapp23.corp.apple.com-10000_instance1
Received: from localhost ([17.234.233.123]) by ma1-mmpp-sz09.apple.com (Oracle Communications Messaging Server 8.0.2.3.20180614 64bit (built Jun 14 2018)) with ESMTPSA id <0PBX00I5X9CFKU10@ma1-mmpp-sz09.apple.com>; Sun, 15 Jul 2018 12:12:15 -0700 (PDT)
Sender: cpaasch@apple.com
Date: Sun, 15 Jul 2018 15:12:14 -0400
From: Christoph Paasch <cpaasch@apple.com>
To: philip.eardley@bt.com
Cc: multipathtcp@ietf.org
Message-id: <20180715191214.GT1471@MacBook-Pro-19.local>
References: <0dd5e48298ed4b4fb7344630abc794b7@rew09926dag03b.domain1.systemhost.net> <8aaece0dfe6641ad96f4860720308424@rew09926dag03b.domain1.systemhost.net>
In-reply-to: <8aaece0dfe6641ad96f4860720308424@rew09926dag03b.domain1.systemhost.net>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrKIsWRmVeSWpSXmKPExsUiuPlRm+7EOd7RBm/msFh8Xn2dzWLZ2hWM DkwebV8mM3ksWfKTKYApissmJTUnsyy1SN8ugSvj5vY1jAW/VCouty5jbGCcK9vFyMkhIWAi 0dDQzNzFyMUhJHCASeJu90xGkASvgKDEj8n3WLoYOTiYBeQlDp4Hq2cWkJZ49HcGO4StJfH9 USsLRO96JomNj9dCDepiktj5egcbxAZ2iT+/drBA2NoSpx9PY4Ox/y6HmARiH/h9FyrOJbFg 62lWCFtX4lvjI0YIm01i/YklTBC2lsTRhYcYYexrbyaywti3739khrA5Jc5/mQg1X0fi67xO NojjOpkkrt/9DHVQtsTp+X+gigIk1iz8yQhR1MQksaHtGdhUYQFJie47d8CmsgioSmze+xUs zga07e3tdjBbBKhmxfZVbJBwAbL/foLq9ZB4fnkuOyRILSROvdwDDa+FjBKzNi1lmsCoNAsp uGchgnsWUnDPQgruBYwsqxiFchMzc3Qz84z0EgsKclL1kvNzNzGC0sV0O8EdjMdXWR1iFOBg VOLhZZjqHS3EmlhWXJl7iFGag0VJnLfT0DNaSCA9sSQ1OzW1ILUovqg0J7X4ECMTB6dUA+M8 6RUJKwPiFoX/V3u8yemKzhXTCtXnVpfXt2zdeaGOW2SrxbWQ6WfF36+JOGoQdf3KlV9y65rs g1NNl/+8kbvS8OXp3O2PzK1v1LeI5DHI/7l5P5hp1a6qdi7XrOYlrQIGiYorw7IZWB+b2zzp 9GOX+j7/wUKFD2kNJx/k+DFwbXrOFXDPIFmJpTgj0VCLuag4EQAIQE3w+AIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/Se7IqADs85iPX4w8Mtc8asJJgUw>
Subject: Re: [multipathtcp] WG Last Call for draft-ietf-mptcp-rfc6824bis
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Jul 2018 19:12:22 -0000

Hello Phil,

some replies to your comments inline:

On 14/06/18 - 10:55:37, philip.eardley@bt.com wrote:
> A few comments as I work through the document, basically minor so far
> 
> Section 3.1
> << Given the SYN exchange is different between v1 and v0
>    the exchange cannot be immediately downgraded, and therefore if the
>    far end has requested a lower version then the initiator SHOULD
>    respond with an ACK without any MP_CAPABLE option, to fall back to
>    regular TCP.>>
> I think it should say "to ensure the exchange cannot..."

I'm not sure where you would put the "to ensure the exchange cannot..."?

However, reading through this paragraph, I think the SHOULD should rather be
a MUST, no? Because, if conflicting versions are being requested we anyways
can't do MPTCP.

> << The first 4 bits of the first octet in the MP_CAPABLE option
>    (Figure 4) define the MPTCP option subtype (see Section 8; for
>    MP_CAPABLE, this is 0), and the remaining 4 bits of this octet
>    specify the MPTCP version in use (for this specification, this is 1).
> >>
> "The first 4 bits of the first octet in the MP_CAPABLE option" Fig 4 shows two earlier octets (Kind & Length) - I know these arent the MP-CAPABLE option, but I think it might be worth spelling out what they are. 

What about:

"
Like all MPTCP options, the MP_CAPABLE option starts with the Kind and Length
to specify the TCP-option kind and its length. Followed by that is the
MP_CAPABLE option. The first 4 bits of the first octed in the MP_CAPABLE option
(Figure 4) define the MPTCP option subtype ...
"

> 
> Would it be better strictly to have "0x0" rather than "0"? (ie match the IANA registry)

I agree with that.

> 
> Section 3.4.1
> <<A set of four flags are present after the subtype and before the
>    Address ID.  Only the rightmost bit - labelled 'E' - is assinged
>    today.  The other bits are currently unassigned and MUST be set to
>    zero by a sender and MUST be ignored by the receiver.
> 
>    The 'E' bit exists to provide reliability for this option.  Because
>    this option will often be sent on pure ACKs, there is no guarantee of
>    reliability.  Therefore, a receiver receiving a fresh ADD_ADDR option
>    (where E=0), will send the same option back to the sender, but not
>    including the HMAC, and with E=1.  The lack of this echo can be used
>    by the initial ADD_ADDR sender to retransmit the ADD_ADDR according
>    to local policy.
> >>
> 4 comments:
> Assinged /assigned

Fixed.

> The 'E' bit - better to say flag?

Agreed.

> Section 2.3 needs to be amended to show the reply /echo message for ADD-ADDR. I suggest the pic in S2.3 also shows the E value. 

Agreed - changed this.

> Not sure - does this open security hole, where an attacker pretends an ADD-ADDR has been received? (the Echo doesn't include an hmac, so is easy to spoof)

I don't think there is a security hole. But worth taking a closer look at.

> And in Fig 12
> |        Truncated HMAC (8 octets, if length > 10 octets)       |
> 
> Could this be made more straightforward? Ie spell out when length is >10 octets ie IPv6 (if I understand it). This also seems to mean that IPv4 doesn't include the HMAC, is this right??

I'm not sure why we have the "if length > 10 octets" in here.

The HMAC should be there always. I think, we should remove the "if length >
10 octets".


I opened a first pull-request with the changes mentioned in here at
https://github.com/multipath-tcp/draft-ietf-mptcp-rfc6824bis/pull/4.


Christoph

> 
> Thanks
> phil
> 
> -----Original Message-----
> From: multipathtcp [mailto:multipathtcp-bounces@ietf.org] On Behalf Of philip.eardley@bt.com
> Sent: 05 June 2018 09:14
> To: multipathtcp@ietf.org
> Subject: [multipathtcp] WG Last Call for draft-ietf-mptcp-rfc6824bis
> 
> This starts a WG Last Call for draft-ietf-mptcp-rfc6824bis. Please send comments by the end of June. 
> 
> Please note there are three IPR disclosures (we're working on getting them added to the rfc6824bis page): 
> 
> * two are inherited from RFC6824  https://datatracker.ietf.org/ipr/search/?submit=draft&id=draft-ietf-mptcp-multiaddressed    
> * one is inherited from draft-paasch-mptcp-syncookies (which got include in rfc6824bis) https://datatracker.ietf.org/ipr/2678/ 
> 
> Thanks,
> Phil & Yoshi
> _______________________________________________
> multipathtcp mailing list
> multipathtcp@ietf.org
> https://www.ietf.org/mailman/listinfo/multipathtcp
> 
> _______________________________________________
> multipathtcp mailing list
> multipathtcp@ietf.org
> https://www.ietf.org/mailman/listinfo/multipathtcp

v2.23.0 | Report a Bug | By Email