Re: [Rmt] Rmt Digest, Vol 65, Issue 2
"Luby, Michael" <luby@qualcomm.com> Tue, 08 December 2009 22:39 UTC
Return-Path: <luby@qualcomm.com>
X-Original-To: rmt@core3.amsl.com
Delivered-To: rmt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2796528C152 for <rmt@core3.amsl.com>; Tue, 8 Dec 2009 14:39:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.598
X-Spam-Level:
X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MUbXdZn-PObE for <rmt@core3.amsl.com>; Tue, 8 Dec 2009 14:38:53 -0800 (PST)
Received: from wolverine02.qualcomm.com (wolverine02.qualcomm.com [199.106.114.251]) by core3.amsl.com (Postfix) with ESMTP id 72E1428C141 for <rmt@ietf.org>; Tue, 8 Dec 2009 14:38:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=luby@qualcomm.com; q=dns/txt; s=qcdkim; t=1260311923; x=1291847923; h=from:to:date:subject:thread-topic:thread-index: message-id:in-reply-to:accept-language:content-language: x-ms-has-attach:x-ms-tnef-correlator:acceptlanguage: content-type:mime-version:x-ironport-av; z=From:=20"Luby,=20Michael"=20<luby@qualcomm.com>|To:=20"r mt@ietf.org"=20<rmt@ietf.org>|Date:=20Tue,=208=20Dec=2020 09=2014:38:31=20-0800|Subject:=20Re:=20Rmt=20Digest,=20Vo l=2065,=20Issue=202|Thread-Topic:=20Rmt=20Digest,=20Vol =2065,=20Issue=202|Thread-Index:=20Acp4QQNsrmX7D+cmTziGPc b++C/3ewAFidvN|Message-ID:=20<C7441567.9837%luby@qualcomm .com>|In-Reply-To:=20<mailman.9.1260302402.1086.rmt@ietf. org>|Accept-Language:=20en-US|Content-Language:=20en |X-MS-Has-Attach:|X-MS-TNEF-Correlator:|acceptlanguage: =20en-US|Content-Type:=20multipart/alternative=3B=0D=0A =09boundary=3D"_000_C74415679837lubyqualcommcom_" |MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5 400,1158,5826"=3B=20a=3D"29405772"; bh=yFg9f5x/q0sutsGOcS6Ly3v3Bk8/Ck33+1ZHiPhTYj4=; b=LaIv6MhhrlIgH5tOVIP/vVtcb6UaJ5JH6UbX7rbS2GACmBsMQeYGRJtd ctfBVwTMiiAvLT8Dde9kD8cEFhsT4Tq4QIRXGWOgjDCJKFGrNzVGJN/VA SV7XNuVgz0dZwYsb05armyHWBQBKqQLj3MFA/T8mY4BozT/Vqi7oGJqDV U=;
X-IronPort-AV: E=McAfee;i="5400,1158,5826"; a="29405772"
Received: from pdmz-ns-mip.qualcomm.com (HELO numenor.qualcomm.com) ([199.106.114.10]) by wolverine02.qualcomm.com with ESMTP; 08 Dec 2009 14:38:40 -0800
Received: from msgtransport01.qualcomm.com (msgtransport01.qualcomm.com [129.46.61.148]) by numenor.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id nB8MceSk002749 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <rmt@ietf.org>; Tue, 8 Dec 2009 14:38:40 -0800
Received: from nasanexhub02.na.qualcomm.com (nasanexhub02.na.qualcomm.com [10.46.143.120]) by msgtransport01.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id nB8McaaO008129 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for <rmt@ietf.org>; Tue, 8 Dec 2009 14:38:39 -0800
Received: from nasclexhc01.na.qualcomm.com (10.227.147.14) by nasanexhub02.na.qualcomm.com (10.46.143.120) with Microsoft SMTP Server (TLS) id 8.2.176.0; Tue, 8 Dec 2009 14:38:35 -0800
Received: from NASCLEXMB02.na.qualcomm.com ([10.227.144.113]) by nasclexhc01.na.qualcomm.com ([10.227.147.14]) with mapi; Tue, 8 Dec 2009 14:38:35 -0800
From: "Luby, Michael" <luby@qualcomm.com>
To: "rmt@ietf.org" <rmt@ietf.org>
Date: Tue, 08 Dec 2009 14:38:31 -0800
Thread-Topic: Rmt Digest, Vol 65, Issue 2
Thread-Index: Acp4QQNsrmX7D+cmTziGPcb++C/3ewAFidvN
Message-ID: <C7441567.9837%luby@qualcomm.com>
In-Reply-To: <mailman.9.1260302402.1086.rmt@ietf.org>
Accept-Language: en-US
Content-Language: en
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_C74415679837lubyqualcommcom_"
MIME-Version: 1.0
Subject: Re: [Rmt] Rmt Digest, Vol 65, Issue 2
X-BeenThere: rmt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Reliable Multicast Transport <rmt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/rmt>, <mailto:rmt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rmt>
List-Post: <mailto:rmt@ietf.org>
List-Help: <mailto:rmt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rmt>, <mailto:rmt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Dec 2009 22:39:05 -0000
Some comments at the end below. (Start with *** (MGL).) On 12/8/09 12:00 PM, "rmt-request@ietf.org" <rmt-request@ietf.org> wrote: If you have received this digest without all the individual message attachments you will need to update your digest options in your list subscription. To do so, go to https://www.ietf.org/mailman/listinfo/rmt Click the 'Unsubscribe or edit options' button, log in, and set "Get MIME or Plain Text Digests?" to MIME. You can set this option globally for all the list digests you receive at this point. Send Rmt mailing list submissions to rmt@ietf.org To subscribe or unsubscribe via the World Wide Web, visit https://www.ietf.org/mailman/listinfo/rmt or, via email, send a message with subject or body 'help' to rmt-request@ietf.org You can reach the person managing the list at rmt-owner@ietf.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Rmt digest..." Today's Topics: 1. Re: AD evaluation comments on draft-ietf-rmt-flute-revised-06 (Magnus Westerlund) ---------------------------------------------------------------------- Message: 1 Date: Tue, 08 Dec 2009 10:54:53 +0100 From: Magnus Westerlund <magnus.westerlund@ericsson.com> Subject: Re: [Rmt] AD evaluation comments on draft-ietf-rmt-flute-revised-06 To: Vincent Roca <vincent.roca@inrialpes.fr> Cc: toni.paila@nokia.com, "rmt@ietf.org" <rmt@ietf.org> Message-ID: <4B1E226D.3090504@ericsson.com> Content-Type: text/plain; charset=ISO-8859-1 Vincent Roca skrev: > Magnus, > > I've started going through your comments. I haven't finished yet, but > I'd like to see opinions about the following two topics: > > >>>>>> 2. I have basically the same comment on this document as on >>>>>> ALC PI about mandatory to implement security solutions. >>>>>> >>>> [Toni] Unfortunately I have not followed that closely the review on ALC. Could you please state the needed change you want to see in FLUTE RFC? >> Okay, the general issue comes from BCP 61 (RFC 3365) and I think the >> sentence from the end of section 6 is the most relevant: >> >> The solution is that we MUST implement strong security in all >> protocols to provide for the all too frequent day when the protocol >> comes into widespread use in the global Internet. >> >> To achieve this and have interoperability also in the strong security >> mechanism the ground rule is to mandate implementation of at least one >> mechanism, cipher suite, etc to achieve that interoperability. >> >> The current security consideration section does a great job of >> discussing the threats and possible solution. But it doesn't mandate >> which solutions MUST be implemented. >> >> So the question to you and the WG is can we do this for FLUTE? I know >> this is not straight forward and certain deployments has different needs >> and use of security. > > [VR] Since FLUTE relies on ALC/LCT, and since ALC has a "MANDATORY to > implement" requirement for IPsec (just like NORM), I think the natural > answer is "do what ALC mandates". > I'll kept the security risk analysis almost as such and will add a new > section to clarify this. > > However it should be noted that ALC (NORM as well) restricts the use of > IPsec to the case of SSM. There is no mandatory to implement solution > for the case of ASM. Since ALC only considers the case of a single sender, > there's a good match with SSM. So I suggest to leave it like that (and it > didn't prevent NORM to be published as an RFC). Yes, I think that is a good suggestion. > > >>>>>> 6. Section 3.4.1: >>>>>> Mandatory receiver behavior for handling FDT Instance >>>>>> ID wraparound and other special situations (for example, missing FDT >>>>>> Instance IDs resulting in larger increments than one) is outside the >>>>>> scope of this specification and left to individual >>>>>> implementations of >>>>>> FLUTE. >>>>>> >>>>>> Why isn't this specified. Seem to be important for interoperable usage. >>>>>> Seems to be a fine thing to gloss over in an experimental, but >>>>>> not in a proposed standard. >>>>>> >>>> [Toni] The text states that what actions the special situation causes in the receiver is up to receiver. In a same way your web browser will typically show a different error message than my trying to access http://ww.w3.org. I see one valid > implementation trying to recover from situation by staying longer in the session and trying to deduce what happened. Meanwhile I see another implementation possibly using out of band methods (if available) for the same. In other words, error recovery or > concealment or similar is not in the scope of the spec. >> Hmm, I will let it slide. Let see if anyone else in IESG bites on this, >> clearly not impossible. As it from my perspective looks like where error >> conditions could be avoided by specifying the correct behavior. > > [VR] I agree with Toni W.R.T. the problem of FDT Instance ID wraparound > when the two FDT Instances are non expired. It's clearly an erroneous > situation and how to address it is out-of-scope. > > There's just an (easy to fix) issue in sections 3.1 and 3.3 that say: > "Each File Delivery Table Instance is uniquely > identified by an FDT Instance ID." > which contradicts the possibility of wraparound. I think that saying: > "Each non-expired..." > solves it. > > > Now I don't agree with Toni W.R.T. the case of missing FDT Instance ID > (or IDs). IMHO this is not a special situation but a *common situation*. > That's typically what terminals with intermittent connections experience. > I suggest to make the support of this situation MANDATORY. > > There are implications here, since FDT Instance management is rather > flexible, see Section 3.2: > "Any FDT Instance can be equal to, a subset of, a > superset of, or complement any other FDT Instance. A certain FDT > Instance may be repeated several times during a session, even after > subsequent FDT Instances (with higher FDT Instance ID numbers) have > been transmitted." > So if FDT Instances complement one another rather, there could be problems. > More precisely, imagine FDT Instance 1 describes objects A and B. Then > object C is added. If the sender chooses to describe only object C in > FDT Instance 2 (i.e. FDT Instances 1 and 2 complement each other) and > not to transmit FDT Instance 1 any more (it's authorized), a receiver that > missed FDT Instance 1 will not be able to process objects A and B, even > if he received enough encoding symbols for them. > Admitedly, it does not break the receiver, so it's safe, but it remains > largely sub-optimal. > > So, IMHO, we should also clarify that a FLUTE sender SHOULD NOT assume > receivers will receive all FDT Instances, i.e. it is RECOMMENDED that > FDT Instances be managed in such a way to make the FLUTE session robust > in front of FDT Instance losses. One possibility is to use only > self-sufficient FDT Instances, another one is to repeat all FDT Instances > that complement each other at a given moment. > > Having said that, I don't know if such a recommendation is in line with > current FLUTE deployment guidelines (e.g. in DVB-IPDC) ? Any comment or > additional piece of information here? Vincent, I think your recommendations are good. However, also I am lacking information about thus. However, I don't see that a recommendation will create any serious issue for our users. They can either accept it or explain why their usage should ignore the recommendation. *** (MGL) To clarify, what I suggest is to say that "... a FLUTE sender SHOULD assume receivers will not receive all packets pertaining to FDT instances, i.e., it is RECOMMENDED that FDT instances be managed in such a way that a receiver will be able to recover at least one FDT instance describing a file delivered within the FLUTE session with as much or greater reliability as the receiver is able to receive enough packets containing encoding symbols for the file to recover the file. As an example, one way to satisfy this recommendation is to repeat FDT instances describing the file often enough. As another example, another way to satisfy this recommendation is to use an FEC code for an FDT instance describing the file and send encoding symbols for the FDT instance often enough." BTW, I didn't understand what it meant to be "self-sufficient", nor what it meant to "repeat all FDT instances that complement each other at a given moment". I'm guessing that "self-sufficient" means an FDT instance that describes all files being delivered at that time? And, "repeat all FDT instances that complement each other at a given moment" means something like repeat all FDT instances that are relevant to a particular receiver at a given moment? (But I'm not sure if complement is used here in the same sense as how complement is used elsewhere in the draft, and it seems like it is different as the other sense of complement doesn't make sense here.) Anyway, perhaps these examples could be fleshed out a bit? Cheers Magnus Westerlund IETF Transport Area Director ---------------------------------------------------------------------- Multimedia Technologies, Ericsson Research EAB/TVM ---------------------------------------------------------------------- Ericsson AB | Phone +46 10 7148287 F?r?gatan 6 | Mobile +46 73 0949079 SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com ---------------------------------------------------------------------- ------------------------------ _______________________________________________ Rmt mailing list Rmt@ietf.org https://www.ietf.org/mailman/listinfo/rmt End of Rmt Digest, Vol 65, Issue 2 **********************************
- Re: [Rmt] Rmt Digest, Vol 65, Issue 2 Luby, Michael