IETF Logo Mail Archive

[tsvwg] BCP 14 uppercase words vs. ">>" markers in draft-ietf-tsvwg-udp-options-22

Erik Auerswald <auerswal@unix-ag.uni-kl.de> Thu, 29 June 2023 12:15 UTC

Return-Path: <auerswal@unix-ag.uni-kl.de>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C472C151072 for <tsvwg@ietfa.amsl.com>; Thu, 29 Jun 2023 05:15:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iuLrfn5ln_mo for <tsvwg@ietfa.amsl.com>; Thu, 29 Jun 2023 05:15:26 -0700 (PDT)
Received: from mailgw1.uni-kl.de (mailgw1.uni-kl.de [IPv6:2001:638:208:120::220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81FB2C14CE29 for <tsvwg@ietf.org>; Thu, 29 Jun 2023 05:15:26 -0700 (PDT)
Received: from sushi.unix-ag.uni-kl.de (sushi.unix-ag.uni-kl.de [IPv6:2001:638:208:ef34:0:ff:fe00:65]) by mailgw1.uni-kl.de (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id 35TCFR2V027226 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tsvwg@ietf.org>; Thu, 29 Jun 2023 14:15:27 +0200
Received: from sushi.unix-ag.uni-kl.de (ip6-localhost [IPv6:::1]) by sushi.unix-ag.uni-kl.de (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id 35TCFNH2006398 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 29 Jun 2023 14:15:23 +0200
Received: (from auerswal@localhost) by sushi.unix-ag.uni-kl.de (8.14.4/8.14.4/Submit) id 35TCFM8Q006393; Thu, 29 Jun 2023 14:15:22 +0200
Date: Thu, 29 Jun 2023 14:15:22 +0200
From: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
To: tsvwg <tsvwg@ietf.org>
Message-ID: <20230629121522.GA30001@unix-ag.uni-kl.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Author: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/eCZro0M2yxAsoF1HQrRO08-Cb0g>
Subject: [tsvwg] BCP 14 uppercase words vs. ">>" markers in draft-ietf-tsvwg-udp-options-22
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jun 2023 12:15:32 -0000

Hi,

draft-ietf-tsvwg-udp-options-22 uses ">>" as a marker to indicate
paragraphs with BCP 14 nomenclature.  This seems to be not yet completely
consistent.


A) There seem to be four instances where the marked paragraph does not
   contain BCP 14 key words:

A.1) In section 8 on page 12:

   >> UNSAFE options are used only with the FRAG option, in a manner
   that prevents them from being silently ignored while still passing
   up potentially modified UDP payload. This ensures their safe use in
   environments that might include legacy receivers (See Section 10),
   because the UDP payload occurs inside the FRAG option area and is
   silently discarded by legacy receivers.

A.2) In section 9.4 on page 18:

   >> During fragmentation, the UDP header checksum of each fragment
   remains constant and does not depend on the fragment data (which
   appears in the surplus area), because all fragments have a zero-
   length user data field.

A.3) In section 11 on page 27:

   >> UNSAFE options can both depend on and vary user data content
   because they are contained only inside UDP fragments and thus are
   processed only by UDP option capable receivers.

A.4) In section 11 on page 28:

   o  >> Only FRAG and UNSAFE options are permitted to modify the UDP
      body.


B) There seem to be twelve instances where a paragraph containing BCP
   14 key words is not marked with ">>":

B.1) In section 8 on page 13:

   Receivers cannot generally treat unexpected option lengths as
   invalid, as this would unnecessarily limit future revision of
   options (e.g., defining a new APC that is defined by having a
   different length). The exception is only for lengths that imply a
   physical impossibility, e.g., smaller than two for conventional
   options and four for extended length options. Impossible lengths
   SHOULD be treated as an indication of a malformed surplus area and
   all options SHOULD silently be discarded. Lengths other than those
   expected should result in safe options being ignored and skipped
   over, as with any other unknown safe option.

B.2) In section 9.4 on page 20:

      Process these UDP options before the rest of the fragmentation
      steps below. Note that the OCS value of the original packet
      SHOULD be zero if each fragment will have a non-zero OCS value
      (as will be the case if the UDP checksum is non-zero).

B.3) In section 9.4 on page 21:

   The OCS value for the reassembled datagram SHOULD be zero, because
   either the original UDP CS=0 or OCS!=0 in each of the fragments.

B.4) In section 9.4 on page 21:

   Reassembly failures at the receiver result in silent discard of any
   per-fragment options and fragment contents. To emulate the behavior
   of a legacy host, any initial fragments received but not
   successfully reassembled SHOULD each generate a zero-length UDP
   application message.

B.5) In section 9.4 on page 21:

   Finally, because fragmentation processing can be expensive, the FRAG
   option SHOULD be avoided unless the original datagram requires
   fragmentation or it is needed for "safe" use of UNSAFE options.
   Users MAY also select the FRAG option to support limited header
   processing.

B.6) In section 9.5 on page 21:

   The Maximum Datagram Size (MDS, Kind=4) option is a 16-bit hint of
   the largest unfragmented UDP packet that an endpoint believes can be
   received. As with the TCP Maximum Segment Size (MSS) option
   [RFC9293], the size indicated is the IP layer MTU decreased by the
   fixed IP and UDP headers only [RFC9293]. The space needed for IP and
   UDP options need to be adjusted by the sender when using the value
   indicated. The value transmitted is based on EMTU_R, the largest IP
   datagram that can be received (i.e., reassembled at the receiver)
   [RFC1122]. However, as with TCP, this value is only a hint at what
   the receiver believes; it does not indicate a known path MTU and
   thus MUST NOT be used to limit transmissions.

B.7) In section 9.5 on page 21:

   The UDP MDS option MAY be used as a hint for path MTU discovery
   [RFC1191][RFC8201], but this may be difficult because of known
   issues with ICMP blocking [RFC2923] as well as UDP lacking automatic
   retransmission. It is more likely to be useful when coupled with IP
   source fragmentation or UDP fragmentation to limit the largest
   reassembled UDP message as indicated by MRDS (see Section 9.6),
   e.g., when EMTU_R is larger than the required minimums (576 for IPv4
   [RFC791] and 1500 for IPv6 [RFC8200]). It can also be used with
   DPLPMTUD [RFC8899] to provide a hint to maximum DPLPMTU, though it
   MUST NOT prohibit transmission of larger UDP packets (or fragments)
   used as DPLPMTU probes.

B.8) In section 13 on page 30:

   o  Extend the method to create receive ports to include per-packet
      and per-fragment receive options that are required as indicated
      by the application. Datagrams not containing these required
      options MUST be silently dropped and MAY be logged.

B.9) In section 13 on page 30:

   o  SAFE options associated with fragments are accumulated when
      associated with the reassembled packet; values MAY be coalesced,
      e.g., to indicate only that an AUTH failure of a fragment
      occurred or not rather than indicating the AUTH status of each
      fragment.

B.10) In section 14 on page 31:

   UDP options are transport options. Generally, transport headers,
   options, and data are not intended to be modified in-transit. UDP
   options are no exception and here are specified as "MUST NOT" be
   altered in transit. However, the UDP option mechanism provides no
   specific protection against in-transit modification of the UDP
   header, UDP payload, or surplus area, except as provided by the OCS
   or the options selected (e.g., AUTH, or UENC).

B.11) In section 23 on page 37:

   Although option nicknames are not used in-band, new UNSAFE safe
   option names SHOULD commence with the capital letter "U" and avoid
   either uppercase or lowercase "U" as commencing safe options.

B.12) In appendix A on page 43:

   The following option is included for debugging purposes, and MUST
   NOT be enabled otherwise.


Regards,
Erik

P.S. I have used "rfcstrip" from Henrik Levkowetz and "awk" to check this:

     rfcstrip draft-ietf-tsvwg-udp-options-22.txt | awk -v RS='' -v ORS=$'\n--\n' '/>>/ && !/MUST|SHOULD|REQUIRED|SHALL|RECOMMENDED|MAY|OPTIONAL/'

     rfcstrip draft-ietf-tsvwg-udp-options-22.txt | awk -v RS='' -v ORS=$'\n--\n' '!/>>/ && /MUST|SHOULD|REQUIRED|SHALL|RECOMMENDED|MAY|OPTIONAL/'

v2.23.0 | Report a Bug | By Email