IETF Logo Mail Archive

Re: [tsvwg] Rregarding soft-state and UDP options

Joe Touch <touch@strayalpha.com> Sat, 04 January 2020 22:14 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4D58120026 for <tsvwg@ietfa.amsl.com>; Sat, 4 Jan 2020 14:14:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.218
X-Spam-Level:
X-Spam-Status: No, score=-1.218 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TmYfCHRgzbsh for <tsvwg@ietfa.amsl.com>; Sat, 4 Jan 2020 14:14:25 -0800 (PST)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DB49120013 for <tsvwg@ietf.org>; Sat, 4 Jan 2020 14:14:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=yJgOUtDIlrFREVVklq6DPhVUtpjj2LMKN++ev+Qu7Zo=; b=prqftnzBJ3lVKy+KuyHhDuFqW ibtvxNvgt5dfu6JfYxsh+W0EmEOsQZJd7rtvpX9a17Xwyo9+A+al0lz8JGjOw+PrNSPlbOWDlEThE YA2WRLVJrAohQS14vWVqEQKAkFH18VAXgcax79AK9zZWC8t0ZsIDMq9dQ6l2Dh7esv8u1nR18quju psdUilFtAAp9QbqMOX7Yppe3yoO0n0wjN1h3BnVSFeBUj6EerQ+ldVRRQgXXRUErtdqAPZKK5F6gU XMYqn93cIaoPVey8ZD4l5smXRvem+ebbKVf4tpq2q8z9FD9KTEhsKh2p0HRJ1MZtzPC4rDHDuLNyf X5RQTixRg==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:58417 helo=[192.168.1.10]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <touch@strayalpha.com>) id 1inrgZ-003Tgg-S6; Sat, 04 Jan 2020 17:14:24 -0500
Content-Type: multipart/alternative; boundary="Apple-Mail=_7DEB8043-149A-46D1-993E-CE86CC5E907E"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.40.2.2.4\))
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <CALx6S37S+6=6=Uv-kFKinS0EXOQ33ie-UsH0dv4HW8skeE=jvw@mail.gmail.com>
Date: Sat, 04 Jan 2020 14:14:19 -0800
Cc: "C. M. Heard" <heard@pobox.com>, TSVWG <tsvwg@ietf.org>
Message-Id: <C10CCF7C-712A-4667-B9E3-8C9AEDABD7A5@strayalpha.com>
References: <CALx6S36227JnMkaZtPUvJoY5Pw-rQgy2R6tqt1PF_L=bgCjxCA@mail.gmail.com> <85C8C994-3FEA-4DF4-8C46-75CB205D09EA@strayalpha.com> <CALx6S34EfhcthoG4Qtr0JtfsdqQPr-2=havTvq_7nh9K8XDhJA@mail.gmail.com> <5E21B9BD-3148-43C9-BCB8-E6F5DFCE69C3@strayalpha.com> <CACL_3VHvHQZgN40VDKg6+ZidmjLq5SisaqZ9ARZZNEq10q7gBw@mail.gmail.com> <251CF72E-05E3-4644-A31E-8B21134B5060@strayalpha.com> <CALx6S37S+6=6=Uv-kFKinS0EXOQ33ie-UsH0dv4HW8skeE=jvw@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
X-Mailer: Apple Mail (2.3608.40.2.2.4)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/hMdawk3OMmoRjIJ5wcM9VUUSPuU>
Subject: Re: [tsvwg] Rregarding soft-state and UDP options
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Jan 2020 22:14:27 -0000

A deliberate design decision is to let the receiver decide what to do when authentication fails. 

If they know about authentication, then they can enforce it. But they can always have ignored it so there’s no benefit to “forcing” it to be acted upon.

And it’s not “regardless of having an example”. That’s the reason why we decided not to design features into this mechanism - the lack of an example.

A design goal from the start was that receivers would decide whether they wanted to enforce an option; it isn’t in the hands of the transmitter to make that decision, largely because UDP is stateless. If you want enforcement, create state - and let that state be the way that these sorts of things are enforced.

Without that state, you can’t know what’s being ignored or implemented incorrectly anyway.

Joe

> On Jan 4, 2020, at 1:42 PM, Tom Herbert <tom@herbertland.com> wrote:
> 
> 
> 
> On Sat, Jan 4, 2020, 1:24 PM Joe Touch <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
> 
> 
>> On Jan 4, 2020, at 10:44 AM, C. M. Heard <heard@pobox.com <mailto:heard@pobox.com>> wrote:
>> 
>> On Fri, Jan 3, 2020 at 8:36 PM Joe Touch <touch@strayalpha.com <mailto:touch@strayalpha.com>> wrote:
>> No example has been given of a transport protocol need for “drop if the option isn’t supported” that doesn’t modify the frag payload.
>> 
>> What about ACS? It does not modify the payload, but it affects how the payload is handled: if the ACS check fails, the payload is not delivered to the user. Those semantics can be violated if the ACE option is ignored.
> 
> ACS is mandatory so it can’t be ignored if UDP options are implemented. If it is used with FRA+LITE, the payload would be ignored by legacy receivers and would have to be accepted by option-aware receivers.
> 
>> That issue is handled in the -08 draft by making it mandatory to recognize and implement -- a point with which I disagree, as I think it should be optional to implement. But even if I don't get my way on that, the point still remains that we can't retroactively make FUTURE options such as ACS mandatory to implement.
> 
> Such as. That seems to be the mantra.
> 
> I’ve asked for a specific example of something the draft doesn’t already cover. Still waiting.
> 
> Authentication (AE option without encryption so no payload modification). Per the draft, it is not mandatory, but similar to ACS a packet with option can't be accepted unless validated.
> 
> Regardless of having an example, Mark's point is valid about adding mandatory options in the future can't be done retroactively. If the intent of the draft is that options like this can't added after the initial publication then the draft should make that requirement clear.
> 
> Tom
> 
> 
> Joe

v2.23.0 | Report a Bug | By Email