Re: [Tsv-art] [Anima] Tsvart last call review of draft-ietf-anima-constrained-join-proxy-10
Esko Dijk <esko.dijk@iotconsultancy.nl> Tue, 17 May 2022 09:37 UTC
Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: tsv-art@ietfa.amsl.com
Delivered-To: tsv-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79A77C14F73B; Tue, 17 May 2022 02:37:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancy.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SsnfenKM0BW4; Tue, 17 May 2022 02:37:14 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03on0705.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe08::705]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5E0E6C14F6F9; Tue, 17 May 2022 02:37:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K7fFkdradWUo7OzMgSP1heIbeDPTtD9CP8b1ZHJVEHrS68Y2BBwNW8JD7Z8pcsy4UmHTbAHWD6KNwNVxSxoX42Y0xjRZ5UBHBWt9myT4aq6UyT4RhNJyaK8i0XMCc9VW7PTpMMGsNfVvqJ2IlnYTAWA+T8F47gGu9pY+/fSt7HCACZb8ZdcMsOceUwel0NiGmSujJ9aPcyZksQv+AtxvfHPnqDsrvcXPpkUdmivh34rgRZLLHWrfWTtz/6DVNydE8b08/qGkDp04fbNdm7Ze1xMMzvbxOlbWPU4IAZ7GXnsjZcDNeFyOOs9ipgf2yOrZrX/aRtP4CX0+p32tfznUmw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Dx9yxBXfQZSC8dh7jN0KblomWQmuSsYEVcClblQcA3o=; b=AkkqX7B9Bok7dE1H0vEEA7KSQ4UDCuJ87FHkom9vMVlID3npv1Cc8PViDQ13QeEm3VlIqbFOnppr6H7aOMSNHQ6qN0CQhghJmjxJ68KBv2X2yXwnzVYdTWNghKS1w1OrdiAxzfXxU/zI91Pf2vqt4tw8ey6u6Hh5cBFqUzuyqZKjxeHH5HnC0P9LOyejP6kKqXnZbxzpzPLf/4NJGzQeSiBX6WLx9iHGHsw9eS+yEP+Be3Js0GOV6wND4+Lwnen7VSglhJnu6wOiobflaIY4PXbJshkuXGX+BtefU5y4Wo+z71bg1Mbgc6WjcEC6judJwl51mRBT3eEKPV8LArJ8cQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=iotconsultancy.nl; dmarc=pass action=none header.from=iotconsultancy.nl; dkim=pass header.d=iotconsultancy.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancy.nl; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Dx9yxBXfQZSC8dh7jN0KblomWQmuSsYEVcClblQcA3o=; b=IDGzDCtjDhGz/QrTafTMSO4+dMffmx+ks6DHFm6BoXDdU3k3UH3v6uAvtD4zgrmDfARdQS4q0P4IsDygwJZUQEpqiuJN0m3wHKPVm8WvcNKIpCe0muwp77anMESGHskgAAGSFdqNSB2bL0K36OlsRo46VMEYHEOLgigBRejWJBs=
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:3b9::20) by AS8P190MB1141.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2b6::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.13; Tue, 17 May 2022 09:37:02 +0000
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::d19a:a24c:bd5c:95da]) by DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::d19a:a24c:bd5c:95da%9]) with mapi id 15.20.5250.018; Tue, 17 May 2022 09:37:02 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: "stokcons@bbhmail.nl" <stokcons@bbhmail.nl>, Spencer Dawkins <spencerdawkins.ietf@gmail.com>
CC: "tsv-art@ietf.org" <tsv-art@ietf.org>, "anima@ietf.org" <anima@ietf.org>, "draft-ietf-anima-constrained-join-proxy.all@ietf.org" <draft-ietf-anima-constrained-join-proxy.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [Anima] Tsvart last call review of draft-ietf-anima-constrained-join-proxy-10
Thread-Index: AQHYaXn39u3QoFQnBUiz0G/fzpW01a0iu1iAgAAQcHA=
Date: Tue, 17 May 2022 09:37:01 +0000
Message-ID: <DU0P190MB197859A7987DFFDF4041A165FDCE9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
References: <165274254631.62630.11102982778020349578@ietfa.amsl.com> <61693ee0f53d9398b55d000231b06325@bbhmail.nl>
In-Reply-To: <61693ee0f53d9398b55d000231b06325@bbhmail.nl>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=iotconsultancy.nl;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 13565360-5393-4de6-900d-08da37e8cc00
x-ms-traffictypediagnostic: AS8P190MB1141:EE_
x-microsoft-antispam-prvs: <AS8P190MB1141AF61338C538F165F8885FDCE9@AS8P190MB1141.EURP190.PROD.OUTLOOK.COM>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: nsjDJUzSMqECyq8jVx9wTk5suAGFLuM2xELhTRBwt44q/PApDDkXIy/ALV+0qpT00sUmaA7DnAIGsRo975HZpjJzYz5STSduYPQN8V+J9jhjPKqtkosnWVqrzAeTkrSlEXhGiLCPSx0uVyRMe11ws4+OrH/6ma+TMK51nwECVMYvUzhaRVY5mm+HJVQS9CLmBp5SxcliRMgKg3naTRrKznx3K10kkBSUQLYh+CrW1fLYBJ1NzJ+NYWnmUzeBBYMpLAQB+MZWqQfzKXIhO3n+6/b3+2oNBd+c6+zM1elouLl0LNMkBzEm1lfK5vVYKPnOWYZ5aKnRM312ym9TFLLO8dVKgYN0r4+giwHF4AcbqapFujkJvdMclZcWp2adqa9y018HMLvJDOO6h4fSl9Hg/BeedL+XbaQHF7ydTNOPeviIWohD7koc6qXMCezjImEzmVp7JTKw1taL6MVvuFxb0dHQG5v9hekJTcAZwhalx+FHTzXegE51xVIUWrOq/0/BhPyDmB98hQ5Inl5duL2eNQf1qsQUfgSAVuGiW7mzDROCtk/6/QTToTgKERpUbzFg0Wd/WK7Cyd7VrrCj4F66isMimTFTZivsQsWJ1uPFfbC2Y+P5TN+tcaSpx0TF6rppURMfKBNbNx1PTA7fq93Lu/WkaP+Ja9e8CR/e83IP6jLJPweZnmIFt6E5oRWsqhXeXmFfvB6rft/VHLorZhs2hcN/6aDAU239GCHilG50rhxyoSG5GpGcvhDu487hhi5/r6Rc7i8fuiutruLqp8NIOJQVMS+6Cl7hGRoNCSyO2cU=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0P190MB1978.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230001)(136003)(396003)(39830400003)(366004)(346002)(376002)(41300700001)(5660300002)(52536014)(110136005)(83380400001)(186003)(26005)(166002)(38070700005)(9686003)(54906003)(316002)(122000001)(38100700002)(66556008)(66446008)(44832011)(55016003)(66476007)(7696005)(53546011)(66946007)(8936002)(6506007)(33656002)(2906002)(64756008)(86362001)(4326008)(8676002)(76116006)(508600001)(966005)(71200400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: CqeUvUkqkbNhSYHVSQOPzcA2xa0b15z5bek/03tbcKIj/5JYO4dOnFS5y/QEovzywp/AMB3DJXV0O9QKiWCH2ngiGEqBLQR+aAvPz1zk04J/oSGzLPt9xkh5A/CY+00P3qBSVqFz0gl7v/1nc+MWKQkanpsz9Um+BFmdxpZTQX5P6ZKh9wSGOdjOOTTvMREJnqtLlpjzDrgj7KONGHGnxyrmazSdILbdrj+yTK3iH4msN/PTs+V0+ZWWraZGFDG16xuQkEUaODhygmADj6PeeUWiFQgNSs88qM3WMkzMgg3K1CfaaRKnVeDnvnzOdRQmV31kgQdBgA/zkyHeJQs/AX9B2odhd4s5/CS1NzByaKJJyRSCYGJOORbQd2dHG/mIi7s8XWYYlPWr+a+EF/bLNMjAEYnxfolwFZzRRq2l1CAnl6CQCt3/abFvvceErIa8f8q1CA3y/3tuX0A1zS5LavOJMRhPVH8XvLx2ZzCiLIKCNKvJqwFjzawROeno/BPeijdz/JxVg1RCR5pX+A24H7CJtoH5akn29S+c0t4cSxKd0E//4edSk0r7X8sRqszqAXRT6JvrsuAa3CtEK26DkZTCJX+AHgOXIes/1AK3tscgpL35tubyRbGWJGkM5/cSYNBpeqaAexr9bM2C6t9UjOafQxXiN0u/wgFGAkkSCsUIXF9hUmax+mbEaxig0RBP1LoGEJO3jAxgHLcCBxAZhcFFC5crdX0HFUyqHuAsmUR42/OKInya2zanWLOpfaQxP084Z6IMJJPJy5Shr1pKkUfYFFSyZTRIH6beL+br43tlUx8Zn9RBL+SR2UMlxcbRZRJkmfIx9/nkb5x1/vARq7w4kmxzbaRqBSrqchFgpi67lg8Hr9782pb84vYUAZomQQzoB/mQcj0bLuKKula4gRcaKY+hRVaNhULPuyde6jIZvObjmna+uDNnC8Aoph+2h5Yr6YIC/lVTnjEpTHkHCxmS9IsKPiXYfiAxpWX3CeCpZYjTkX3aK8uoLWCUd81giazrZUjHSaFAxRzliJuVenZGzJ6KtxdlHwr9F0+hoArDwx3PtkZSycHaYZCzTeOqXXaFDZ2oB1iSKOhUuIkqINQuId2Mx3BIi5yGfxpSnqDQohGy9GAeMDX025iCp8SP8HkoZP8SKuthjFQfrk8QdM460PVkDMu290+rmkr7Iscv3ATew3u8PbnkGFnm7nfpk5sFfAbrgZOgV8CqffAT0D6pZWKI4Jx4x0n8t1ci7rTgQl6ad6CBJrjLlTQJc/B6czmp+Ych2SE+aeutGSf7cEmzYMhmmmphbvSWwPbMyhDRjzaJOEP77+AFB3+EOShKwsrqHW6mEuslhzn8vKZqr4aLAJX7m8lEKGHsGoyP9T66ujkYeycLTlShhux01L2ChlqFbPXIW9dLZytAp9E+xyczzT4ddioyyYTtADdEtgLj3jFsKW/312afRQnlqcKqAVhwAtcQgRtzXiz3eVp48yovYN3s6GDFPqE9QBN2F+DB7pjHfDIQ9ZHhWpoZSR6QKrKuRxLNeUn5LQDAfuyJVTRr1LWVNOoe/2JbDs69+5LBqhgVhu4cnz9tD2koIhbvnBcqcaU2x0sMQxtX9WjnVUrkC0l7K69ntFqYdgzXeW66mXzKqmtgFTLfaMFGXyl8x3sQ+DUC4xogXWwtycFtoo3VUHmHYhWj0bNasPrPpDxBW7Okt5KthOZp2ktrVXcJ/H45pZsV1TCRk9L/w9+KN8/pwYgSVaUzbs8vQROjpRY=
Content-Type: multipart/alternative; boundary="_000_DU0P190MB197859A7987DFFDF4041A165FDCE9DU0P190MB1978EURP_"
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0P190MB1978.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 13565360-5393-4de6-900d-08da37e8cc00
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 May 2022 09:37:02.0250 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: nq3jClPP8HvDHGTepO4jqLhZFwdHqktzc+os37hYN2VGmR+p+g9PTvoL2Vi5PTtrK97Q5Ob7k9TiFj2p11dmQufMNA/TZSqav9gehBL8UEE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P190MB1141
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsv-art/DIcpmCKh85pR8KgXU6McSDgxAZ8>
Subject: Re: [Tsv-art] [Anima] Tsvart last call review of draft-ietf-anima-constrained-join-proxy-10
X-BeenThere: tsv-art@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Transport Area Review Team <tsv-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsv-art/>
List-Post: <mailto:tsv-art@ietf.org>
List-Help: <mailto:tsv-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsv-art>, <mailto:tsv-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 May 2022 09:37:18 -0000
Hi Peter, Spencer, For some more detail on Peter’s ‘No’ answer: Since the Pledge communicates (link-local) with the Join Proxy using DTLS-over-UDP on a network that is likely 6LoWPAN (1280 byte MTU limit) mesh, it could happen in theory that the Pledge sends out a DTLS handshake UDP packet with a length that brings the carrying IPv6 packet length at 1280. In this case the DTLS record size is also something close to 1280. (We never did the exact calculations.) This may pose a problem for the stateless Join Proxy that appends a few bytes to the DTLS record (to relay it further to the Registrar) so the total length of the IPv6 packet sent to Registrar could exceed 1280. (And the Join Proxy is still on the mesh network with 1280 byte MTU). But in any case in the constrained-voucher draft we have written about this: https://datatracker.ietf.org/doc/html/draft-ietf-anima-constrained-voucher#section-6.7 So even though we don’t know for sure it is a problem, as we haven’t done the calculations in detail, it’s preemptively solved by recommending the Pledge to break up the handshake into smaller parts. Then, the Join Proxy doesn’t need to do anything special anymore and it always works. That also helps with performance on the mesh network due to reduction of 6LoWPAN fragmentation. @Spencer do you think the Constrained Join Proxy draft should mention the potential issue also? E.g. a reference to above section 6.7 is easy to make. Regards Esko From: Anima <anima-bounces@ietf.org> On Behalf Of Peter van der Stok Sent: Tuesday, May 17, 2022 10:22 To: Spencer Dawkins <spencerdawkins.ietf@gmail.com> Cc: tsv-art@ietf.org; anima@ietf.org; draft-ietf-anima-constrained-join-proxy.all@ietf.org; last-call@ietf.org Subject: Re: [Anima] Tsvart last call review of draft-ietf-anima-constrained-join-proxy-10 Hi Spencer, thanks for your kind words. Indeed the answer is no. (at least for the coming 20 years). Greetings and thanks, Peter Spencer Dawkins via Datatracker schreef op 2022-05-17 01:09: Reviewer: Spencer Dawkins Review result: Ready This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC tsv-art@ietf.org<mailto:tsv-art@ietf.org> if you reply to or forward this review. This is a well-written specification. My only question - and I expect the answer will be “no” - is whether there is any concern that sizes of the resources that are being passed around might exceed the MTU between the pledge and the registrar, and whether there should be a mention of this possibility in the specification. Best, Spencer
- [Tsv-art] Tsvart last call review of draft-ietf-a… Spencer Dawkins via Datatracker
- Re: [Tsv-art] Tsvart last call review of draft-ie… Peter van der Stok
- Re: [Tsv-art] [Anima] Tsvart last call review of … Esko Dijk
- Re: [Tsv-art] [Anima] Tsvart last call review of … Spencer Dawkins at IETF
- Re: [Tsv-art] [Anima] Tsvart last call review of … Peter van der Stok
- Re: [Tsv-art] [Anima] Tsvart last call review of … Spencer Dawkins at IETF
- Re: [Tsv-art] [Anima] Tsvart last call review of … Michael Richardson