Re: [pcp] Alissa Cooper's Discuss on draft-ietf-pcp-third-party-id-option-04: (with DISCUSS)

Juergen Quittek <> Wed, 18 November 2015 22:32 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id C80411B3273; Wed, 18 Nov 2015 14:32:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.187
X-Spam-Status: No, score=-3.187 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.585, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5hibt4LBKwLa; Wed, 18 Nov 2015 14:32:42 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C19571B3285; Wed, 18 Nov 2015 14:32:41 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4316910B0A0; Wed, 18 Nov 2015 23:32:40 +0100 (CET)
X-Virus-Scanned: Amavisd on Debian GNU/Linux (
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id IfNc34kaijum; Wed, 18 Nov 2015 23:32:40 +0100 (CET)
X-ENC: Last-Hop-TLS-encrypted
X-ENC: Last-Hop-TLS-encrypted
Received: from ( []) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 259A810AFBE; Wed, 18 Nov 2015 23:32:28 +0100 (CET)
Received: from ([]) by ([]) with mapi id 14.03.0210.002; Wed, 18 Nov 2015 23:32:28 +0100
From: Juergen Quittek <>
To: Alissa Cooper <>, The IESG <>
Thread-Topic: Alissa Cooper's Discuss on draft-ietf-pcp-third-party-id-option-04: (with DISCUSS)
Thread-Index: AQHRIWs+eiAm6OTvFEe5id6zk7M69J6iWx+g
Date: Wed, 18 Nov 2015 22:32:26 +0000
Message-ID: <>
References: <>
In-Reply-To: <>
Accept-Language: de-DE, en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>, "" <>, "" <>
Subject: Re: [pcp] Alissa Cooper's Discuss on draft-ietf-pcp-third-party-id-option-04: (with DISCUSS)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 18 Nov 2015 22:32:45 -0000

Dear Alissa,

Thank you very much for your review.

In your first point you explain that the draft "seems workable when the
THIRD_PARTY_ID is a tunnel ID, but not for any identifier that anyone
might stick in there". 

Initially, the draft was about tunnel IDs only and the option name was 
not THIRD_PARTY_ID, but TUNNEL_ID. But after several reviews, there
was consensus in the PCP WG that we should widen the scope to more
general applications of this option.

If we now go back to limiting the scope again to tunnel IDs only, then this
is OK with the authors of the draft. But I don't know if we then need to get 
back to the WG and get consensus there on reducing the scope back to the 
initial one.

Can you advise us how to proceed?

Your second point can probably be resolved much easier. We (the authors)
Will soon suggest a more elaborated description for section 5.2.

Best regards,

> -----Original Message-----
> From: Alissa Cooper []
> Sent: Dienstag, 17. November 2015 20:08
> To: The IESG
> Cc:;;
> Subject: Alissa Cooper's Discuss on draft-ietf-pcp-third-party-id-option-04: (with
> Alissa Cooper has entered the following ballot position for
> draft-ietf-pcp-third-party-id-option-04: Discuss
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
> Please refer to
> for more information about IESG DISCUSS and COMMENT positions.
> The document, along with other ballot positions, can be found here:
> ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> I have a couple of questions and observations I'd like to discuss.
> (1)
> >From Section 3:
> "The scenarios serve as examples.  This document does not restrict the
>    applicability of the THIRD_PARTY_ID to certain scenarios.  The
>    THIRD_PARTY_ID can include any Layer-2 identifier like a MAC address
>    or other subscriber identifiers as, for example, mentioned in section
>    6 of [I-D.boucadair-pcp-sfc-classifier-control].  The THIRD_PARTY_ID
>    can also be used for the firewall control, including the case of a
>    virtual CPE, see section 3 of [I-D.lee-vhs-usecases]."
> I think the document makes a reasonable case for why carrying a tunnel ID
> in a THIRD_PARTY_ID option is useful. I don't think it makes a reasonable
> case for any other use of the option, though, given the potential
> security and privacy issues associated with sending a potentially unique
> and permanent subscriber identifier. The drafts mentioned above envision
> much broader uses for both the option and PCP than the use case in this
> document, and suggest some uses of the option that seem like a mismatch
> for what the identifiers embedded within it were originally intended for
> (e.g., using an IMSI for traffic classification/policing).
> Conflating these cases also makes it difficult to understand how the
> THIRD_PARTY_ID relates back to NAT. Presumably, a PCP-controlled NAT
> needs traffic on the incoming side to always include the THIRD_PARTY_ID
> -- otherwise, the fact that the mapping table contains the additional ID
> is only useful in one direction. This seems workable when the
> THIRD_PARTY_ID is a tunnel ID, but not for any identifier that anyone
> might stick in there. Again coming back to the traffic policing scenario,
> it seems unlikely that every time I as the subscriber send traffic
> through the NAT, my IMSI will be included to differentiate my traffic
> from another subscriber who has the same internal address as I do. So by
> allowing this field to contain any identifier, it becomes less obvious
> why PCP should be used to communicate it in the first place.
> In short, I think this draft needs to either more narrowly specify a
> means to communicate a tunnel ID, or provide both a more thorough
> security and privacy analysis of the implications of sending any
> identifier and an explanation of the implications on the availability of
> those identifiers in traffic sent to a PCP-controlled NAT.
> (2)
> Section 5.2 seems underspecified. RFC 6887 has a lot logic riding on the
> question of whether two requests are meant to identify the same host
> or not (in sec 11.3 and sec 12.3) based on the combination of internal
> address, protocol, and port, but this draft leaves unspecified what the
> comparison logic is supposed to be or the error conditions that result
> from adding another field to the determination of whether
> two hosts are the same or not. For example, is every instance of
> "internal address, protocol, and port" in those sections meant to be
> replaced with "internal address, protocol, port, and THIRD_PARTY_ID"? If
> a device that already has a mapping for a particular internal address,
> port, protocol and THIRD_PARTY_ID receives a new request for the same
> internal address, port, and protocol but has no THIRD_PARTY_ID, what
> steps is it supposed to follow? Saying that the THIRD_PARTY_ID should be
> "used in addition when accessing a mapping table" doesn't seem like
> enough detail to go implement this.