Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-01.txt
Joe Touch <touch@strayalpha.com> Wed, 06 December 2017 14:28 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D006126DD9; Wed, 6 Dec 2017 06:28:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aluXoCDWPHqo; Wed, 6 Dec 2017 06:28:45 -0800 (PST)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65ACD12714F; Wed, 6 Dec 2017 06:28:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=Content-Type:In-Reply-To:MIME-Version:Date: Message-ID:From:References:Cc:To:Subject:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=3vxr7/JbI8lw+FqhwlCpAu8lM/ZwYYn27rQj44hoOjg=; b=Azdjtyo7fPbST006FnpbP4CH3 bJG505shXFnH/7/qIZFe0oehcXcqUt3N3U592QaBGDBQUI1/0Mcx5yxkPmlv49rmQTulS6uhBdUWg JjRoxt6EE0OIzDOZAyQx0wKrFDGnupoUyk81g71A9cv8fBYTZlP7ch+uvK4kv8+TSzky+ZyVma8qm Q5qvkU79XJ9iHQXzAT/pMZqZindm4WPI88JYEQ9qAkEDV3pAPuxj/lna8yXFmfIGbCnFCBwAh/vlZ +jzTyspg6T75yoGRGATkpmo8iIJF5/tDPVgJ82yffPR/goqgG8y+4oGKDtZpdBX6o0jwhmBwlwsUG p8g67lPMw==;
Received: from cpe-172-250-240-132.socal.res.rr.com ([172.250.240.132]:59242 helo=[192.168.1.189]) by server217.web-hosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89) (envelope-from <touch@strayalpha.com>) id 1eMagk-001Psq-5J; Wed, 06 Dec 2017 09:28:43 -0500
To: mohamed.boucadair@orange.com, Joe Touch <touch@isi.edu>
Cc: "tsvwg-chairs@ietf.org" <tsvwg-chairs@ietf.org>, "tsvwg@ietf.org" <tsvwg@ietf.org>
References: <149859676199.31073.16978555797843649491@ietfa.amsl.com> <b1291832-e418-37f3-6d63-880185888c84@isi.edu> <c8810c87-6afa-4486-a85b-82f4da66d20d@OPEXCLILM7E.corporate.adroot.infra.ftgroup> <cdafed5b-6b7d-da83-80a6-9f9eef8d7da2@isi.edu> <787AE7BB302AE849A7480A190F8B933009FFCD60@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <00834e85-2bc6-0df9-2afa-01056534d7c4@isi.edu> <787AE7BB302AE849A7480A190F8B933009FFDAA8@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <c7b87d6d-9334-7c9b-de50-c62213796dcd@isi.edu> <787AE7BB302AE849A7480A190F8B93300A086FD6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
From: Joe Touch <touch@strayalpha.com>
Message-ID: <964348b4-2eec-41ec-7888-27a5b3d00c4b@strayalpha.com>
Date: Wed, 06 Dec 2017 06:28:39 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <787AE7BB302AE849A7480A190F8B93300A086FD6@OPEXCLILMA3.corporate.adroot.infra.ftgroup>
Content-Type: multipart/alternative; boundary="------------75601050344A703F95F84842"
Content-Language: en-US
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/j4vTX2Dm9C1RmiRZOPN6O5CdZOQ>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-01.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Dec 2017 14:28:49 -0000
Hi, Med, I have not yet updated that draft. I also intended to post your comments to the group for discussion. Both are on my pending items list... Joe On 12/6/2017 5:48 AM, mohamed.boucadair@orange.com wrote: > > Hi Joe, > > > > Unless I’m mistaken I didn’t see any update of the draft to address > some of the comments raised in my review. > > > > FWIW, a copy of my comments are available at: > https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/draft-ietf-tsvwg-udp-options-01-rev%20Med.pdf > > > > Cheers, > > Med > > > > *De :*Joe Touch [mailto:touch@isi.edu] > *Envoyé :* mardi 4 juillet 2017 23:27 > *À :* BOUCADAIR Mohamed IMT/OLN > *Cc :* tsvwg-chairs@ietf.org > *Objet :* Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-01.txt > > > > Will do, but note that I'm on vacation now through July 16. I'll post > this and pick the thread up when I return. > > Joe > > > > On 6/30/2017 5:25 AM, mohamed.boucadair@orange.com > <mailto:mohamed.boucadair@orange.com> wrote: > > Hi Joe, > > > > The discussion can be on-list. > > > > Please feel free to forward the initial review and this one to the > list. > > > > Thank you. > > > > Cheers, > > Med > > > > *De :*Joe Touch [mailto:touch@isi.edu] > *Envoyé :* jeudi 29 juin 2017 15:58 > *À :* BOUCADAIR Mohamed IMT/OLN > *Cc :* tsvwg-chairs@ietf.org <mailto:tsvwg-chairs@ietf.org> > *Objet :* Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-01.txt > > > > Hi, Med, > > First, is there a reason we're discussing this off-list? This > thread really should be on-list - I can forward these messages and > we can continue there if it's OK. > > Joe > > > > On 6/28/2017 11:52 PM, mohamed.boucadair@orange.com > <mailto:mohamed.boucadair@orange.com> wrote: > > Hi Joe, > > > > Thank you for the answers. > > > > Please see inline. > > > > Cheers, > > Med > > > > *De :*Joe Touch [mailto:touch@isi.edu] > *Envoyé :* mercredi 28 juin 2017 20:28 > *À :* BOUCADAIR Mohamed IMT/OLN > *Cc :* tsvwg-chairs@ietf.org <mailto:tsvwg-chairs@ietf.org> > *Objet :* Re: [tsvwg] I-D Action: > draft-ietf-tsvwg-udp-options-01.txt > > > > Hi, Mohammed, > > Thanks for the detailed comments - most of the editorial > suggestions and requests for clarification will be addressed > in the next update, except as noted below. For future > reference, I would be glad to provide the Word source if > that's easier for feedback. > > [Med] Ok, thanks. I can review any updated version you will > prepare. > > Some comments: > > - as to whether the list of options should complete; I'll let > the RFC Editor and/or IANA decide whether to remove the > RESERVED entries or the explicit indication of the IANA > assignable region; I'm not sure what their convention is. > > [Med] The point is that your text says “The following UDP > options are currently …“. Obviously, “RESERVED” is not an option. > > - ACS and AE are defined as the only options that depend on > the contents of the option are for a reason. That's the > simplest way to handle the circularity that would otherwise > arise. E.g., if ACS covered the contents of AE, then ACS must > be processed last. But if AE covered the contents of ACS, the > AE must be processed last. Right now, we define that AE covers > everything EXCEPT ONLY the contents of ACS and that ACS covers > everything. But we can never know how ACS and AE would need to > handle options that aren't yet defined - if they also depend > on the contents of the option area, we can end up with a > circularity again. I'm open to other solutions to this issue, > but not sure we want to burn bits in the option header to > indicate which options have "dependent contents that need to > be zeroed for inclusion in other options" - besides, that sets > us up for covert channels that AE might be used to prevent. > I.e., there's no way to leave this as a decision for future > options without creating a tangled mess of "I come first" > declarations, such as we have already for TCP options. > > [Med] I hear you, but I still don’t get this: > > Future options MUST NOT be defined as having a value > independent of the > > contents of the option area > > - the FRAG option is one of the most important and a required > option (i.e., if UDP options are supported, FRAG must be > supported), which is why it needs to remain in this doc. > Whether fragments are delivered to the user when UDP options > are not supported depends on how the FRAG option is used - if > used without LITE, the fragments would be delivered, but if > used with LITE they would not be. That's why we left both > variants available. > > [Med] IMHO, this one need more evaluation/validation before > being included in a standard track document. I can live with > it in an experimental RFC. Actually, my proposal is to scope > the udp-options document to the base mechanism and required > options. Options that require more experiments are easy to be > progressed in dedicated documents. This approach will allow us > to finalize quickly the base udp-options. > > - the extension to the UDP API needs to be in the core of the > doc because the API is a key part of this (and any) protocol. > > [Med] Joe, we do all agree that API are important. Almost all > APIs defined in IETF I’m aware of are defined as Informational > RFCs (I can provide an exhaustive list, if needed). This is > why I suggested that you move this section into an appendix. > > - as to the other sections you suggest moving to an appendix, > I'll wait for other feedback on that point. I'm not fond of > appendices except for code examples or truly optional > material; the other points you're suggesting to move (other > than UDP API, addressed above), e.g., sections don't have that > property (sec 7 on whose options are these and sec 8 on LITE > vs UDP Lite). > > [Med] Those sections are not normative + some of the content > is redundant (Sec. 7 and Sec 8) with other statements earlier > in the document. These sections do not bring new elements to > the discussion. > > - Sec 11 has a typo; it's really two sections. > > [Med] OK. > > The part about the changes to 768 should be its own section > > [Med] We don’t need a section for this. This text can be > inserted in the Introduction. > > . I've left that in right now because UDP option "negotiation" > is already a soft-state persistence mechanism similar to TCP > control block sharing. > > - I don't quite understand your comment: > > UDP options can be used a cover channels. Inspecting those > options may be required to protect some networks. > > I think you mean "used as a covert channel", > > [Med] Yes. > > but that's true for nearly every field in any header. > > [Med] Yes, but this is exacerbated when there is no > specification about the handling of the surplus area. It is > legitimate that network administrators would suspects those > packets. > > I disagree that inspection may be required to protect a network > > [Med] Some inspection may be needed to detect/protect against > a variety of attacks and to protect networks. Firewalls are > the norm in enterprise networks, for example. > > - these are transport values in the transport payload of a > network packet. > > [Med] This document defines them as transport values, but > legacy devices cannot handle them as transport values. > > By your logic, the entire transport contents are potentially > a covert channel, and we have no recommendation elsewhere to > require DPI to protect a *network* (vs. the endpoints, which > of course could require checking any part of a message). > > [Med] I don’t understand the reference to DPI. I think you > understood “inspection” as if I’m asking for “DPI”. Please see > above. > > - as to which refs are normative, AFAICT only RFC768 and 2460 > would be > > [Med] Please fix those. > > , and *maybe* 1122 (e.g., by extending the extent of the UDP > API). Nothing in this doc relies on the standards nature of > other documents AFAICT. My "acid test" for whether to include > something as normative is "would my doc need to change if the > other RFC changed"? AFAICT, that's not true for 768, but I'd > like to hear what others think of that set before moving them. > > [Med] For other RFCs you didn’t cite, my rationale for > including them as normative is as follows: > > · 793 : MSS and other features are cloned from that > document. > > · 5925: the udp option clones the TCP option. An > implementer need to refer to this document to have an idea > about the format: “It uses the same format as specified for > TCP-AO, except that it uses a Kind of 8.” > > · 6994: ExIDs are defined in this RFC. An implementer > need to read this RFC to understand/implement how the shared > experiment IDs work. > > Joe > > > > On 6/28/2017 12:49 AM, mohamed.boucadair@orange.com > <mailto:mohamed.boucadair@orange.com> wrote: > > Hi Joe, > > > > Please find attached an initial review of this version of the document (both doc and pdf files are attached). > > > > Cheers, > > Med > > > > -----Message d'origine----- > > De : tsvwg [mailto:tsvwg-bounces@ietf.org] De la part de Joe Touch > > Envoyé : mardi 27 juin 2017 22:58 > > À : internet-drafts@ietf.org <mailto:internet-drafts@ietf.org>; i-d-announce@ietf.org <mailto:i-d-announce@ietf.org> > > Cc : tsvwg@ietf.org <mailto:tsvwg@ietf.org> > > Objet : Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-01.txt > > > > Hi, all, > > > > This update adds some clarification on how to handle options whose > > values depend on other options (e.g., ACS and AE). > > > > Joe > > > > > > On 6/27/2017 1:52 PM, internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> wrote: > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. > > This draft is a work item of the Transport Area Working Group of the > > IETF. > > > > Title : Transport Options for UDP > > Author : Joe Touch > > Filename : draft-ietf-tsvwg-udp-options-01.txt > > Pages : 27 > > Date : 2017-06-27 > > > > Abstract: > > Transport protocols are extended through the use of transport header > > options. This document experimentally extends UDP by indicating the > > location, syntax, and semantics for UDP transport layer options. > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-tsvwg-udp-options/ > > > > There are also htmlized versions available at: > > https://tools.ietf.org/html/draft-ietf-tsvwg-udp-options-01 > > https://datatracker.ietf.org/doc/html/draft-ietf-tsvwg-udp-options-01 > > > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-tsvwg-udp-options-01 > > > > > > Please note that it may take a couple of minutes from the time of > > submission > > until the htmlized version and diff are available at tools.ietf.org. > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > > > > > >
- [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-… internet-drafts
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… mohamed.boucadair
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch