Re: [Stackevo] [IAB] draft-hardie-path-signals and draft-trammell-wire-image
Martin Thomson <martin.thomson@gmail.com> Wed, 04 April 2018 23:58 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: stackevo@ietfa.amsl.com
Delivered-To: stackevo@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC089126C2F; Wed, 4 Apr 2018 16:58:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BlWtPzgAZmtX; Wed, 4 Apr 2018 16:58:02 -0700 (PDT)
Received: from mail-oi0-x234.google.com (mail-oi0-x234.google.com [IPv6:2607:f8b0:4003:c06::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91A211200A0; Wed, 4 Apr 2018 16:58:02 -0700 (PDT)
Received: by mail-oi0-x234.google.com with SMTP id t16-v6so20913682oih.3; Wed, 04 Apr 2018 16:58:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=rOqUpu8rVp90zM22SxHE+IMjiE8tWsx2212LcwzbMx0=; b=ppgAWibavaYoHH8uO5uZUenSQvnSPqjs4/5a9MyZHgMf3rx2pJXr0DLwn43m3vFNqQ 7hl/XjINu7Mdb/yMRqS2DjRIr0MtuvkuqygVh5n+Do5/RSB814Tpe0kmcuSsRRZC3/4N g8lKx3aZwd52sP9kjz3KbJaqE6+oL9fGkPYNlBdPCf0Sbm+n6SJXG9LgdWSIwjEdZA7X gvlyeJ9xvzSgCGeW6w/M+ev4hb3SRJ0LZLG+Us8YRP9wRF9fpOczfZ21VYIG8+7NWS2P 3R13A0qTVQkjmrnI9tBfGvANX5/xIGKY9HsuhcOzwqiWSzgmRu43SbmAh8AaqlwpK0vd Bufw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=rOqUpu8rVp90zM22SxHE+IMjiE8tWsx2212LcwzbMx0=; b=R4l+wJcc3jFcuxSRYSOfFKTG+zYLQNeS1pWAsx23LCxMNXkctQliU3rsz+BXVV0pEa P7HEr7mbW5EipaMmYtdz+DfvjLDVxPiuFqJ2/ESpzmMUQwNeDRgnmJochdOYTOtJMPpi pV4d4vVhUgu1/xDEDvRiVnh2gXEtO0vEZsNkJyPsKdaA/I/nzLYilVlFruTlmOWeN0+d y8ceL7kKhOeAyrKnJBoaHp1zfkFtr98a5TyOhlfeH2dFGxfFMtwGHjIFEBJPU4Eu4DUT zsoP7p36gQS0WZ14L5OLwzXjZ6Alpb0G7RS7q6Cy63dzjiDPuiupGYqVZ0m+qAsy1vKC KQRQ==
X-Gm-Message-State: ALQs6tCG8m7LyCyXKV90uEggjek5lR45TIb+mcg17MD7bvo9d49RMXbR ugkp+Jn3iQWC0ewmkIHDkQBTa71Tut8NLuT3NySNrp3b
X-Google-Smtp-Source: AIpwx4+DmcAh6SadItUnfLyn9t+n1/98iRGw+YsU76C76uj9MnNG5vbybA1aZQIrWqPrOEHzY3Q2hLweII/3xqs9tcE=
X-Received: by 2002:aca:ab44:: with SMTP id u65-v6mr11721820oie.272.1522886281716; Wed, 04 Apr 2018 16:58:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a9d:ac7:0:0:0:0:0 with HTTP; Wed, 4 Apr 2018 16:58:01 -0700 (PDT)
In-Reply-To: <C986EAB5-CFE3-49AF-A19A-B087E63EE365@trammell.ch>
References: <C986EAB5-CFE3-49AF-A19A-B087E63EE365@trammell.ch>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 05 Apr 2018 09:58:01 +1000
Message-ID: <CABkgnnW8v3SpXPG2HKSCYTfT3QGFVyMeygG6g2iuSmjsceR6UQ@mail.gmail.com>
To: "Brian Trammell (IETF)" <ietf@trammell.ch>
Cc: IAB IAB <iab@iab.org>, Stack Evolution Program <stackevo@iab.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/stackevo/Uvyq9_UJckzg7vNqkal5DU7sU7Q>
Subject: Re: [Stackevo] [IAB] draft-hardie-path-signals and draft-trammell-wire-image
X-BeenThere: stackevo@iab.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IP Stack Evolution Program Mailing List <stackevo.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/stackevo>, <mailto:stackevo-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stackevo/>
List-Post: <mailto:stackevo@iab.org>
List-Help: <mailto:stackevo-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/stackevo>, <mailto:stackevo-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2018 23:58:05 -0000
These look mostly good, and I think that it's a worthwhile thing to publish. Some nits. On wire-image: I think that "Invariants" as a bare phrase is a little too close to jargon. Maybe "Declaring protocol invariants" works in the two places that Invariants is capitalized (title and second sentence). On path-signals: That first paragraph of the introduction is a pretty large mouthful. I also think that it doesn't need to say this, which might avoid controversy: This document recommends that explict signals be used by transports which encrypt their state ^^^ typo here mechanics. How about: Protocol operation generates signals that are seen by on-path elements. Though many such signals are intended for consumption by a peer, network elements might also consume or alter these signals. For example, TCP operates entirely in the clear, making its signals available to path elements. Signals that are visible to network elements on the path between communicating endpoints can be used as signals by those network elements. This document explores the consequences of exposing signals to network elements. It recommends the use of confidentiality protection for protocol signaling. It recommends that protocols that expose signals to network elements only do so explicitly and with the intent that the signals are available to network elements on the path. There's an errant "(" in Section 3.1.2. Please provide a citation for "Endpoint-Independent Mapping/Endpoint-Independent Filtering" as well. Extra period at the end of 3.1.3. In security considerations: divergence is not detectable by on-path devices -> ... might not be .... Don't assume that we're that good at avoiding leakage. On Wed, Apr 4, 2018 at 6:50 PM, Brian Trammell (IETF) <ietf@trammell.ch> wrote: > Greetings, > > After discussion at our Friday morning London meeting (and thanks, all, on the program for your remarkable Stack Evolution Program would like the IAB to consider two documents for publication on the IAB stream: > > https://tools.ietf.org/html/draft-trammell-wire-image-03 > > https://tools.ietf.org/html/draft-hardie-path-signals-03 > > The wire image draft describes what a protocol's wire image is, and explores the situations that arise when a protocol splits its visible wire image from the information it uses for its own operation. (It started as a draft I wrote during the extended Singapore plenary discussion on encryption of protocols, riffing off Ted's observation from the dais that protocols with explicit wire images were a completely new thing, in part to describe what I mean when I use the term.) > > The path signals draft recommends that protocol machinery be confidentiality protected, and that any signal exposed to on-path devices (outside confidentiality protection) be *explicitly* so exposed and integrity protected. It reiterates that metadata injection is considered harmful. > > Thanks, cheers, > > Brian (stackevo lead hat)
- [Stackevo] draft-hardie-path-signals and draft-tr… Brian Trammell (IETF)
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Martin Thomson
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Mark Nottingham
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Brian Trammell (IETF)
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Mark Nottingham
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Brian Trammell (IETF)
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Spencer Dawkins at IETF
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Mirja Kühlewind
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Martin Thomson
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Brian Trammell (IETF)
- Re: [Stackevo] [IAB] draft-hardie-path-signals an… Alissa Cooper
- [Stackevo] draft-thomson-use-it-or-lose-it Brian Trammell (IETF)
- Re: [Stackevo] draft-thomson-use-it-or-lose-it Ted Hardie
- Re: [Stackevo] draft-thomson-use-it-or-lose-it Brian Trammell (IETF)
- Re: [Stackevo] draft-thomson-use-it-or-lose-it Ted Hardie
- Re: [Stackevo] draft-thomson-use-it-or-lose-it Martin Thomson
- Re: [Stackevo] draft-thomson-use-it-or-lose-it Aaron Falk