[secdir] secdir review of draft-ietf-aqm-fq-implementation-03

Sandra Murphy <sandy@tislabs.com> Thu, 15 October 2015 12:27 UTC

Return-Path: <sandy@tislabs.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 733FC1A038F; Thu, 15 Oct 2015 05:27:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id dtrr-vNUYiI6; Thu, 15 Oct 2015 05:27:32 -0700 (PDT)
Received: from walnut.tislabs.com (walnut.tislabs.com []) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A30B31B2F35; Thu, 15 Oct 2015 05:27:30 -0700 (PDT)
Received: from nova.tislabs.com (unknown []) by walnut.tislabs.com (Postfix) with ESMTP id 067B128B0043; Thu, 15 Oct 2015 08:27:30 -0400 (EDT)
Received: from [IPv6:::1] (localhost.localdomain []) by nova.tislabs.com (Postfix) with ESMTP id 6C3DF1F8035; Thu, 15 Oct 2015 08:27:29 -0400 (EDT)
From: Sandra Murphy <sandy@tislabs.com>
X-Pgp-Agent: GPGMail 2.5.1
Content-Type: multipart/signed; boundary="Apple-Mail=_5BD19792-E3B0-40C9-A249-DBEB4ADD3F39"; protocol="application/pgp-signature"; micalg=pgp-sha512
Date: Thu, 15 Oct 2015 08:25:53 -0400
Message-Id: <3E34182B-F05B-46CC-AA8F-75F50C4B0D94@tislabs.com>
To: draft-ietf-aqm-fq-implementation.all@tools.ietf.org
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/VSS3H37C1nSr195lginKLyMqyPg>
Cc: secdir@ietf.org, IETF <ietf@ietf.org>
Subject: [secdir] secdir review of draft-ietf-aqm-fq-implementation-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Oct 2015 12:27:33 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments.

The Last Call notes that comments should be sent by today.  I do note that a new -03 version was posted 10-12.  That version seems to have updated only the references and abstract.  I reviewed the -03 version.

This draft draft-ietf-aqm-fq-implementation-03 is a discussion of types of queuing algorithms and queue management algorithms and implementation possibilities.  Besides the categorization and discussion, I think a major contribution is the statement in the conclusion:

   There is value in implementing and coupling the operation of both
   queuing algorithms and queue management algorithms, and there is
   definitely interesting research in this area, but specifications,
   measurements, and comparisons should decouple the different
   algorithms and their contributions to system behavior.

Looking at the draft history, it has seen little change since the -00 version.  The wg seems to have been blessed with consensus early.

I see no security concerns from such a discussion and categorization.

The security considerations section says:

   This memo adds no new security issues; it observes on implementation
   strategies for Diffserv implementation.

I believe that.

I had wondered if the discussion of algorithm types would consider if there were any denial of service opportunities with the algorithm types or implementation strategies.  I can’t say that I see any myself - any deliberate attempt to exploit a queuing algorithm or queue management algorithm would require complete knowledge of the implementation and competing flow characteristics, so I’m not concerned or surprised to see no discussion here.

I did not consult the other AQM wg drafts or RFCs referenced, but I do not believe that affects my review.


section 2.2.2 page 6:

   If the system is intended to maintain a
   byte rate, there will be memory between searches of the excess
   previously dequeued.

I am not sure what this means -- “there will be memory”?? “excess previously dequeued”??

section 2.2.4 page 9

per-round quantum and incremental quantum - these are the same, right?  if so, could that be made clear?

The weakness of a WRR approach - WWR is not defined anywhere.  Maybe a typo for DRR?

section 3 page 10:

host transports interpret drops as signals - I presume you mean host transport protocols [or protocol implementations].  Do transport protocols other than TCP use drops as signals?  If not, why not just say TCP.  I don’t think that a drop of a UDP packet sends a signal, for example.  But I expect there could be other such transport protocols, as my knowledge of anything but TCP/UDP and some SCTP is scant.

   It is useful to think of the effects of queuing as a signal as well.
   The receiver sends acknowledgements as data is received, so the
   arrival of acknowledgements at the sender paces the sender at
   approximately the average rate it is able to achieve through the

speaking of UDP - I don’t think you can make this statement about UDP.  Can you?

section 3.1 page 11  (and 3.2 page 11 and 3.3 page 12)

   o  Ack Clocking, pacing the sender to send at approximately the rate
      it can deliver data to the receiver, and

“it” here is the queue, or maybe the network path, not the sender.  right?  because the sender does not deliver data, it transmits data.  by usual grammar rules “it” would be the sender.