IETF Logo Mail Archive

Re: [secdir] Adrian Farrel's Discuss on draft-ietf-ippm-rt-loss-03: (with DISCUSS and COMMENT): new (temp) draft?

Benoit Claise <bclaise@cisco.com> Wed, 11 April 2012 12:28 UTC

Return-Path: <bclaise@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B310211E808F; Wed, 11 Apr 2012 05:28:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.261
X-Spam-Level:
X-Spam-Status: No, score=-2.261 tagged_above=-999 required=5 tests=[AWL=-0.262, BAYES_00=-2.599, J_CHICKENPOX_21=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id myhssLoKLTto; Wed, 11 Apr 2012 05:28:22 -0700 (PDT)
Received: from av-tac-bru.cisco.com (weird-brew.cisco.com [144.254.15.118]) by ietfa.amsl.com (Postfix) with ESMTP id B831021F8650; Wed, 11 Apr 2012 05:28:21 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from strange-brew.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-bru.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id q3BCSIE7004402; Wed, 11 Apr 2012 14:28:18 +0200 (CEST)
Received: from [10.60.67.85] (ams-bclaise-8914.cisco.com [10.60.67.85]) by strange-brew.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id q3BCSEwG024638; Wed, 11 Apr 2012 14:28:15 +0200 (CEST)
Message-ID: <4F8578DE.1020808@cisco.com>
Date: Wed, 11 Apr 2012 14:28:14 +0200
From: Benoit Claise <bclaise@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20120327 Thunderbird/11.0.1
MIME-Version: 1.0
To: afarrel@juniper.net, 'Al Morton' <acmorton@att.com>
References: <20120406144445.4188.3196.idtracker@ietfa.amsl.com> <201204061553.q36FrBRV007699@alpd052.aldc.att.com> <07e001cd14e0$41b408c0$c51c1a40$@olddog.co.uk> <201204080018.q380I1VK007743@alpd052.aldc.att.com> <099701cd15b1$fc18c990$f44a5cb0$@olddog.co.uk> <201204091344.q39Di1rK002725@alpd052.aldc.att.com> <0bea01cd168a$7ed8ae80$7c8a0b80$@juniper.net>
In-Reply-To: <0bea01cd168a$7ed8ae80$7c8a0b80$@juniper.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Wed, 11 Apr 2012 05:30:38 -0700
Cc: secdir@ietf.org, Wesley Eddy <wes@mti-systems.com>, "'Murphy, Sandra'" <Sandra.Murphy@sparta.com>, 'Samuel Weiler' <weiler@watson.org>, ippm-chairs@tools.ietf.org, 'The IESG' <iesg@ietf.org>, adrian@olddog.co.uk, 'Dan Frost' <danfrost@cisco.com>, draft-ietf-ippm-rt-loss@tools.ietf.org
Subject: Re: [secdir] Adrian Farrel's Discuss on draft-ietf-ippm-rt-loss-03: (with DISCUSS and COMMENT): new (temp) draft?
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 12:28:22 -0000

Al, Wes

I want to review this draft before the IESG telechat tomorrow.
However, it's getting difficult to keep track of the all the changes between
     - the posted version 3
     - the diff-03-04 you sent
     - the extra proposal.

What is the best way to proceed?
     - Al, have you kept a temp version with all the changes?
     - Are we shooting for "revised-ID" at the telechat? I could start 
my review from there
     - Do we want to have a version 4 posted now?

What is the best way to proceed?

Regards, Benoit.
> Al,
>
> As always, a reasoned response from you.
>
> A
>
>> -----Original Message-----
>> From: Al Morton [mailto:acmorton@att.com]
>> Sent: 09 April 2012 14:45
>> To: adrian@olddog.co.uk; 'Samuel Weiler'; 'The IESG'
>> Cc: secdir@ietf.org; 'Murphy, Sandra'; 'Dan Frost';
> ippm-chairs@tools.ietf.org;
>> draft-ietf-ippm-rt-loss@tools.ietf.org
>> Subject: RE: Adrian Farrel's Discuss on draft-ietf-ippm-rt-loss-03: (with
> DISCUSS
>> and COMMENT)
>>
>> Hi Adrian,
>>
>> Thanks for clearing your DISCUSS. As always, the memo reads better
>> owing to your efforts, and those of Dan and Sandra.
>>
>> Here's what I added in section 4.4, with supporting modifications
>> elsewhere:
>>
>> We add the following guidance regarding the responder process to
>> "send a Type-P packet back to the Src as quickly as possible".
>>
>> A response that was not generated within Tmax is inadequate for any
>> realistic test, and the Src will discard such responses. A responder
>> that serves typical round-trip loss testing (which is relevant to
>> higher-layer application performance) SHOULD produce a response in 1
>> second or less. A responder that is unable to satisfy this
>> requirement SHOULD log the fact so that an operator
>> can adjust the load and priorities as necessary. Analysis of
>> responder time-stamps [RFC5357] that finds responses are not
>> generated in a timely fashion SHOULD result in operator notification,
>> and the operator SHOULD suspend tests to the responder since it may
>> be overloaded. Additional measurement considerations are described in
>> Section 8, below.
>>
>> Ciao,
>> Al
>>
>>
>> At 02:04 PM 4/8/2012, Adrian Farrel wrote:
>>> Hello Al,
>>>
>>>>>> Although IPPM has never formalized a strategy, we have been repeating
>>>>>> security material in metrics RFCs. This allows new folks to read
>>>>>> and improve the text, rather than be referred to a fixed reference.
>>>>>> It seems to work.
>>>>> I can see how that would lead to the verbatim reproduction of
>>> text. I have no
>>>>> problem with that per se, but I worry that the process has
>>> become formulaic
>>>>> without any new consideration of security for the specific
>>> document in hand.
>>>>> If you tell me that this is adequate for this document and no
>>> refinement is
>>>>> needed in this case, I will clear and let the Security ADs and
>>>>> Directorate worry
>>>>> about the security details.
>>>> I think it is. We are essentially conducting a two-way version of RFC 2680
>>>> (one-way loss), so all the same considerations apply. We have exposure in
>>>> two (possibly different) paths, but the threats are the same.
>>> OK. I cleared my Discuss.
>>>
>>>>>>>> 1. The phrase "as immediately as possible" that appears a couple
> of
>>>>>>>> times in the text (and that seems to originate in RFC
>>> 5357) is a bit
>>>>>>>> unfortunate.  "Immediately" or "as quickly as possible" are
> better.
>>>>>> This odd turn of phrase resulted from many hours of discussion
>>>>>> dating back to TWAMP's development.  We wear the scar proudly.
>>>>> Well, this is only a Comment, and you do not have to address it, but "as
>>>>> immediately as possible" is hogwash. It is a butchery of the
>>>>> language and means
>>>>> nothing!
>>>>>
>>>>> In fact, and as a general principle of writing standards, even
>>> "as quickly as
>>>>> possible" would be poor. The English would be fine, but it is a
> subjective
>>>>> statement against which conformance cannot be measured.
>>>> Under typical protocol development circumstances, we could write a
>>>> real requirement:
>>>>           The response MUST be prepared and sent on the wire in<X seconds.
>>>>
>>>> But that's not the case here.  Instead we have desire that the response
>>>> will be sent immediately, yet we understand that measurement systems will:
>>>>
>>>>    - occasionally execute higher priority processes that delay the response
>>>>      (processing routing updates comes to mind)
>>>>    - carry 2 time stamps that allow the tester to determine if the response
>>>>      was generated fast enough for the intended purpose
>>>>    - serve purposes with greater or lesser need for immediacy
>>>>    - either meet the variable needs for measurement immediacy or not, and
>>>>      this is a judgement that can be made on each and every
>>> measurement packet
>>>> Is it useful to explain some/all of this in the memo?
>>> I don't think so. I would just fix the text to say what you mean!
>>>
>>> I found key text in your mail to be:
>>>
>>>>      allow the tester to determine if the response
>>>>      was generated fast enough for the intended purpose
>>> Surely it is not enough to have the tester discard all response because they
>>> were not fast enough. Surely it is a good idea to give *meaningful* advice to
>>> the responder about how to respond so that the response is "fast
>>> enough for the
>>> intended purpose."
>>>
>>> Clearly "immediately" is not what is meant since it is allowed for
>>> this to be a
>>> background process. So perhaps the correct thing to do is warn the
>> implementer
>>> of the responder about the expectations of the tester. Something like:
>>>
>>> A tester will normally find that a response that was not generated within 3
>>> weeks is inadequate for the purposes of a realistic test and will discard
> such
>>> responses. Therefore, a responder needs to ensure that at least 67.2% of
>>> responses are generated within 1 hour of receiving the request. A
>>> responder that
>>> is unable to satisfy this requirement SHOULD log the fact so that an operator
>>> can adjust the load and priorities as necessary. A tester that finds that
>>> responses regularly are not generated in a timely fashion SHOULD notify the
>>> operator that the responder is compromising the tests, and SHOULD suspend
>>> sending requests to the responder since it is clearly overloaded.
>>>
>>>
>>> Ciao,
>>> Adrian
>

v2.23.0 | Report a Bug | By Email