Re: [secdir] Genart last call review of draft-ietf-rmcat-eval-test-08
Stewart Bryant <stewart.bryant@gmail.com> Fri, 15 February 2019 11:45 UTC
Return-Path: <stewart.bryant@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8B8D130DC9; Fri, 15 Feb 2019 03:45:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v1jlaFp26z5W; Fri, 15 Feb 2019 03:45:50 -0800 (PST)
Received: from mail-wr1-x42d.google.com (mail-wr1-x42d.google.com [IPv6:2a00:1450:4864:20::42d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D557E1275F3; Fri, 15 Feb 2019 03:45:49 -0800 (PST)
Received: by mail-wr1-x42d.google.com with SMTP id f14so10066106wrg.1; Fri, 15 Feb 2019 03:45:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=/cIGvllDmj5nyRT5ZiWR3zAOaKaFvhCR0D5R9octLAo=; b=ejXjGyhefczDbu2NhiQnWHOf9+Ih8DvuYyFuzWhPrmZL5sbvtpxDtSZ/r+RJlSfo2H VlXkOnOAiH13fh7Zf1AwxFTGjQ3iWZ01UU446/5Iw2PotsFTiNGHXKsPMSVbZ4Hvrjm1 fnPTrR7R2p0vUPlLhsji/eUouRKhZ3vKQeQhIqWtAAFfxKvZAs1ClxYNbo4/3kvFvRLV KoNM5oKUOjMCztaggMIXBwR9XOQCYvHGojnqB8fmZKjKNy3Rafyv0gWQK3kogFSM5LwD 7MiRPIabZZPLY4NoH5iHNYuZhMy/5eJ6JwrshM/1Jz9rbn15o70h6B2ZYl1PaEvPqixu Mk2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=/cIGvllDmj5nyRT5ZiWR3zAOaKaFvhCR0D5R9octLAo=; b=hwhR9SIdTHE/a6auh8O4vf7zufA8u4SnJ9Pj5hgT4YK8CsTzDWvLo349BK1sR1YLj8 0EMr4bIlElmO/qJ2y4ywCAy1KBBW3jcbjBvqezRfiJ7hnbY0xJ06T/h4mCgM0wsJtWaK SgSbllQTJd84GVc/RBaeS5XJpxAJ/jDnL/4aYnCaeOqlCBA/y+dWNkbt8Cajv5F8T3Gh GJR0qNzWJ+KGM+me0g3b2nH5HIdF64YMwJdVp43kJI6uv0k5Z9AxDZWkmjsUXvGWDWXN pY1CfvblvlSKhu43xQ2Ouza2NeOUJzUrRazj/okIpp2apyZEHH44KGL8GEk+WUdxIy4z //uw==
X-Gm-Message-State: AHQUAuZIy+n/wY2WbfYqaBisTNxX1iWudmkHKPVb7Di1hErzlXR4sNYt r8kW3q4JdhcA/VsCg56sg76cYcRw
X-Google-Smtp-Source: AHgI3IYhdC+gZTwHcd9obiejt2Un6F+Z6K3s88EyNC4QOXcDKpLL1g55Rd+fV9DU2Gog0zJUs1DvxQ==
X-Received: by 2002:adf:f691:: with SMTP id v17mr6784685wrp.66.1550231147802; Fri, 15 Feb 2019 03:45:47 -0800 (PST)
Received: from [192.168.178.22] ([62.3.64.16]) by smtp.gmail.com with ESMTPSA id h9sm3357314wrv.11.2019.02.15.03.45.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 15 Feb 2019 03:45:46 -0800 (PST)
To: Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>, "gen-art@ietf.org" <gen-art@ietf.org>
Cc: "rmcat@ietf.org" <rmcat@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>, "draft-ietf-rmcat-eval-test.all@ietf.org" <draft-ietf-rmcat-eval-test.all@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
References: <154930852182.28785.5364082865560557648@ietfa.amsl.com> <104FE636-0A18-4E3B-B7BD-F2DA3748161B@ericsson.com>
From: Stewart Bryant <stewart.bryant@gmail.com>
Message-ID: <04aace0d-805a-406a-b44b-ffdb44a4e9df@gmail.com>
Date: Fri, 15 Feb 2019 11:45:45 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <104FE636-0A18-4E3B-B7BD-F2DA3748161B@ericsson.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/37faiNvDt8CDij0WzH3Iy9Zztyg>
Subject: Re: [secdir] Genart last call review of draft-ietf-rmcat-eval-test-08
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Feb 2019 11:45:53 -0000
Hi Zahed The work that made me particularly conscious of the security issue in this draft was RFC6815, and although RFC6815 applies to RFC2544, I would imagine that the same considerations apply here. Perhaps a reference to RFC6815 would help the reader of this draft better appreciate the danger of running these tests outside the lab. I note that a statement on the need to run these tests in a controlled environment was not added to the Abstract, something which might be useful in highlighting the danger to someone supervising a lab, but not involved in the detail. It is really for the security directorate to decide their position, but I would have thought that it was better to emphasis (with RFC2119 language) the real danger to production networks (of all flavours, not just the Internet) of this test traffic leaking and causing disruption. I will leave this issue with the security reviewer from here on and take a look at the other text changes. - Stewart On 07/02/2019 13:27, Zaheduzzaman Sarker wrote: > Hi Stewart, > > Thanks for a good review. > > For the security consideration section, we can use stronger words if that is required. This document merely specifies test cases when people are testing their algorithm in a controlled environment and does not specify protocol usage. I was wondering if using normative language is an overkill here. For those reasons we are actually thinking of taking out 2119 usage completely. I have a modified text proposal below. > > Please see inline below for more. > > BR > Zahed > > > On 2019-02-04, 20:29, "Stewart Bryant" <stewart.bryant@gmail.com> wrote: > > Reviewer: Stewart Bryant > Review result: Almost Ready > > I am the assigned Gen-ART reviewer for this draft. The General Area > Review Team (Gen-ART) reviews all IETF documents being processed > by the IESG for the IETF Chair. Please treat these comments just > like any other last call comments. > > For more information, please see the FAQ at > > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. > > Document: draft-ietf-rmcat-eval-test-08 > Reviewer: Stewart Bryant > Review Date: 2019-02-04 > IETF LC End Date: 2019-02-11 > IESG Telechat date: Not scheduled for a telechat > > Summary: > > A well written documents an close to being ready for publication. > > I am concerned that the Security section is weak on use outside a > controlled environment. > > There are a fair number of minor issues and nits that need attention, > but most of them are simple to fix. > > One concern that I have that I doubt is readily fixable is that long > multi-nested lists do not work well in paginated ASCII with line spaces > and sometimes it is difficult to be sure of the context of a test element note. > > [ZS] I share the concern here, but I don’t think I have a better alternative now. > > Major issues: > > 8. Security Considerations > > The security considerations in [I-D.ietf-rmcat-eval-criteria] and the > relevant congestion control algorithms apply. The principles for > congestion control are described in [RFC2914], and in particular any > new method MUST implement safeguards to avoid congestion collapse of > the Internet. > > The evaluation of the test cases are intended to be run in a > controlled lab environment. > > SB> I wonder if there shouldn't me a MUST in that sentence? > SB> There have been issues on SP networks with users running unsuitable > SB> performance benchmarks on live networks, including complaints to the > SB> operators concerning the results achieved. > > Hence, the applications, simulators and > network nodes ought to be well-behaved and should not impact the > desired results. It is important to take appropriate caution to > avoid leaking non-responsive traffic from unproven congestion > avoidance techniques onto the open Internet. > > SB> Again I am surprised this is not much stronger in prohibiting > SB> use on the Internet. > > [ZS] what about : > > " The evaluation of the test cases are intended to be run in a > controlled lab environment. Hence, the applications, simulators and > network nodes must be well-behaved and should not impact the > desired results. Moreover, proper measures must be taken to > avoid leaking non-responsive traffic from unproven congestion > avoidance techniques onto the open Internet. " > > ======== > > Minor issues: > > This memo describes a set of test cases for evaluating congestion > control algorithm proposals for real-time interactive media. > > SB> It would be useful to add here the statement in the abstract that > SB> these tests should be done in a controlled environment. > [ZS] The abstract mentions the this "This document describes > the test cases to be used in the performance evaluation of such > congestion control algorithms in a controlled environment." > > We can repeat that in the intro as well. > > =========== > > Expected behavior: depending on the convergence observed in test case > 5.1 and 5.2, the candidate algorithm may be able to avoid congestion > collapse. In the worst case, the media stream will fall to the > minimum media bit rate. > > SB> Do you need to specify the variant of TCP? You do state it later, but some > comment here would be useful. > > [ZS] Not sure what would be useful to describe here more, the expected behaviour is not really coupled to what TCP congestion control is used, the general demand is to avoid congestion collapse here. > > SB> What behaviour do you expect the TCP to show. > It would be bad if SB> an aggressive media application kill the TCP completely. > > [ZS] I don’t think we should say anything about TCP behaviour here. The idea is to test the new congestion control behaviour with available TCP behaviours not vice versa. But TCP can certainly improve its performance from the test results (. > > ============ > the first flow > (S1) MUST arrive at a steady-state rate approximately twice of that > of the other two flows (S2 and S3). > > SB> I am not sure what you mean by priority I assume that you mean > SB> QoS ranking in the routing system. In which case I don't see > SB> how you can expect the result you specify. > > [ZS] no this is not about routing priority on the network nodes, this is at the media sender. When a media sender has multiple flows that shares the same bottleneck then the media sender can use techniques to distribute the available bandwidth to the multiple flows that it is sending. The point here is the media flows should get their share of the available bandwidth as per the priority set by the application. > > ============ > > Expected behavior: the candidate algorithm is expected to achieve > full utilization at both bottleneck links without starving any of the > three congestion controlled media flows. > > SB> I am not sure what you mean by this. Do you mean that the bottlenecks > SB> will saturate, but make no comment about how much of the bottleneck > SB> capacity each flow gets for itself? > > [ZS] bottlenecks will saturate -- yes. The success criteria --- the existence of multiple bottleneck should not result in flow starvation to any flows that is sharing those bottlenecks. Yes, there is no comment on fairness here explicitly. Not sure we need one here, do we? > > ============ > > Nits/editorial comments: > [ZS] thanks for those nits. will take care of them. > > Checking nits according to https://www.ietf.org/id-info/checklist : > ---------------------------------------------------------------------------- > > ** There are 9 instances of too long lines in the document, the longest one > being 4 characters in excess of 72. > > == Outdated reference: A later version (-06) exists of > draft-ietf-rmcat-wireless-tests-05 > > =========== > > 3. Structure of Test cases > > SB> In the text below it was sometimes hard to get the context right in the > SB> triple (or more) nested list. Please consider using subsections or some > other SB> demarcation. > > =========== > > + Bottleneck queue type: for example, Droptail, FQ-CoDel, or > PIE. > > SB> There need references, and by convention expansion on first use. > > ========== > > + Path loss ratio: characterizes the non-congested, additive, > losses to be generated on the end-to-end path. MUST > SB> s/MUST/This MUST/ ? > > ========== > > B. Variation in sending bit rate and goodput. Mainly observing > the frequency and magnitude of oscillations. > > SB> goodput needs a reference or a definition. I don't think it is a > universally known term. > > =========== > > Expected behavior: the candidate algorithm is expected to detect the > path capacity constraint, converges to the bottleneck link's capacity > SB> s/converges/converge/ > > =========== > > Due to asymmetric nature of the link > > SB> s/Due to/Due to the/ > > =========== > > SB> Is there a diagram error in the figure above? > > Figure 6: Testbed Topology for TCP vs congestion controlled media > Flows > > =========== > > have the same bandwidth share on the link. It has to make it's way > SB>s/it's/its/ > > =========== > > The candidate algorithm MUST reflect the relative priorities > assigned to each media flow. In the previous example, > SB> An explicit reference to the test would help the reader > > ========== > > > >
- Re: [secdir] Genart last call review of draft-iet… Stewart Bryant
- Re: [secdir] Genart last call review of draft-iet… Mirja Kuehlewind