[tsvwg] Comments on UDP Options -13
Tom Jones <tom@erg.abdn.ac.uk> Thu, 02 September 2021 13:18 UTC
Return-Path: <tom@erg.abdn.ac.uk>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DEE03A0CE8 for <tsvwg@ietfa.amsl.com>; Thu, 2 Sep 2021 06:18:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id peBxYJsxLC7m for <tsvwg@ietfa.amsl.com>; Thu, 2 Sep 2021 06:18:20 -0700 (PDT)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [137.50.19.135]) by ietfa.amsl.com (Postfix) with ESMTP id 737D13A0CDB for <tsvwg@ietf.org>; Thu, 2 Sep 2021 06:18:20 -0700 (PDT)
Received: from auth1-smtp.messagingengine.com (auth1-smtp.messagingengine.com [66.111.4.227]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPSA id 304A81B00193; Thu, 2 Sep 2021 14:18:11 +0100 (BST)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailauth.nyi.internal (Postfix) with ESMTP id 0D5AD27C0054; Thu, 2 Sep 2021 09:18:08 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Thu, 02 Sep 2021 09:18:09 -0400
X-ME-Sender: <xms:D88wYQF86OPGMj6VOGNZv0QPaA_LN7sTtSNeAXlBSU0GAkRjrjIY-g> <xme:D88wYZXOR2A0UIzH308B6T7P4FCqyfbJ2XwXpSNmorqT64qzZfvZ_uJJ5yoib4ldQ LMha358gWZwA7HG-g>
X-ME-Received: <xmr:D88wYaIr6SD1hHszDu3CPrWrRawGT2nk1wKVKYUywokVUDU6fwAMEKbzJT_hISRrDXChuoth9zs8aC1v7TjewZg141TmCbHHGQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddruddvhedgiedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkgggtugesthdtredttd dtvdenucfhrhhomhepvfhomhculfhonhgvshcuoehtohhmsegvrhhgrdgrsggunhdrrggt rdhukheqnecuggftrfgrthhtvghrnhepgfeffeduleevkedtheekieevgeefffdvkeduud dthfefjeelueejjedvheekkeejnecuffhomhgrihhnpehivghtfhdrohhrghdpshifrghs tggrnhdrtghomhdprhhftgdqvgguihhtohhrrdhorhhgnecuvehluhhsthgvrhfuihiivg eptdenucfrrghrrghmpehmrghilhhfrhhomhepshhomhgvodhmvghsmhhtphgruhhthhhp vghrshhonhgrlhhithihqdegheeghedtudejtddqudehheegvdegheekqdhtohhmpeepvg hrghdrrggsughnrdgrtgdruhhksehfrghsthhmrghilhdrtghomh
X-ME-Proxy: <xmx:D88wYSGMtnpQDxaDpuJDX2jhwVwInz7p1Z3_wkpwn7VdAwEN5JB7Ug> <xmx:D88wYWUUT0oCraRTr1RpnxBo35RoiwMBiBzmyP4y1z4wlnga1aVO4Q> <xmx:D88wYVMJAZR4-Y_rG0kuHzXawag0X5F7JRzSpBdG6Z5S_H__V5Ihiw> <xmx:EM8wYfda3yTwG0cGscpR-qdd04pkFlWwWLiu22NylnfCspgCu4ghHQ>
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 2 Sep 2021 09:18:07 -0400 (EDT)
Date: Thu, 02 Sep 2021 14:22:37 +0100
From: Tom Jones <tom@erg.abdn.ac.uk>
To: touch@strayalpha.com
Cc: tsvwg@ietf.org
Message-ID: <20210902132237.GA52528@tom-desk.erg.abdn.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/ui-VrNNSESdi9oA7DliR8ljqGhU>
Subject: [tsvwg] Comments on UDP Options -13
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Sep 2021 13:18:27 -0000
Hi Joe, I have read draft -13 in advance of the iterim tomorrow. This is after a long gap of not reading updated drafts or closely following the mailing list discussions. I have read and offer comments on the document up to section 6 here. My comments and suggestions follow. I don't want to re litigate old arguments if it can be helped, if something here has been discussed please share a link to the relevant mailing list thread and I will read and ask again if needed. -- The first mention of ENCR is here: >> Only the OCS, AUTH, and ENCR options depend on the contents of the option area. It isn't described until section 5.8. I suggest you clarify that it is a UNSAFE sub option, maybe something like: >> Only the OCS, AUTH and the ENCR (UNSAFE suboption) depend on the contents of the options area. I think the document should be cleaned up so that references to ENCR make it clear that it is hidden away inside an UNSAFE option. -- This issue is discussed further in Section 17. ... (with the exception of NOPs, which should never need to come in sequences of more than seven in a row) The text from section 17 doesn't really add a lot, could a sentence be added here too, I think it will help readers a lot. This padding limit makes UDP Options DPLPMTUD a violation of UDP Options. This seems a weird way to start out. https://datatracker.ietf.org/doc/html/draft-fairhurst-tsvwg-udp-options-dplpmtud#section-3.2.1 -- >> The OCS MUST be included when the UDP checksum is nonzero and UDP options are present. What happens when the checksum is non zero and the OCS is missing? The document should be explicit here, maybe: >> The OCS MUST be included when the UDP checksum is nonzero and UDP options are present. If the OCS option is not present and the UDP checksum is nonzero then the OCS calculation implicitly fails and all options MUST be ignored and the surplus area silently discarded. -- This Internet checksum is computed over the entire surplus area prefixed by the surplus length pseudoheader (Figure 8) and then adjusting the result before storing it into the OCS checksum field. I don't understand what is meant by 'adjusting the result', I think this should be 'aligning the result', or on reading again, 'coordinated'? I think more clarity is required here. -- The OCS covers the UDP option area as formatted for transmission and immediately upon reception. I don't understand what the sentence is for. I understand that the inserting the calculated OCS should be the final modification to the packet before transmission, I don't see what 'immediately upon reception' is trying to say. -- >> If the OCS fails, all options MUST be ignored and the surplus area silently discarded. and As a reminder, use of the UDP checksum is optional when the UDP checksum is zero. When not used, the OCS is assumed to be "correct" for the purpose of accepting UDP packets at a receiver (see Section 7). give the possible results of the OCS as: 'fails' and 'correct'. I think the OCS is 'correct' or 'incorrect' and the OCS calculation 'passes' or 'fails' Should the OCS calculation pass in the second case? Maybe this should be: the OCS is assumed to be "correct" and the OCS calculation passes -- UDP fragmentation relies on a fragment expiration timer, which can be preset or could use a value computed using the UDP Timestamp option. I am not happy suggesting the use of the UDP Timestamp to control fragment lifetime. I think this invites security based implementation issues. -- >> UDP fragments MUST NOT overlap. I think you need to be explicit. >> UDP fragments MUST NOT overlap. On receipt of an overlapping fragment, the fragment and all stored fragments matching the Identification MUST be dropped. -- >> The default UDP reassembly SHOULD be no more than 2 minutes. This should be 'The default UDP timer' What happens after 2 minutes? As above, all fragments stored for the expired fragment chain should be discarded. -- Implementers are advised to limit the space available for UDP reassembly. ... >> UDP reassembly space SHOULD be limited to reduce the impact of DOS attacks on resource use. The first of these feels redundant. I think you should note for implementers. The use of many small fragments, specifically ordered has been used in fragmentation and tcp segmentation attacks in the past to create DOS by increasing processing cost of fragments. Care should be taken when designing reassembly algorithms and selecting data structures. see: https://www.swascan.com/segmentsmack/ -- I think section 5.5 would benefit from a diagram. -- Section 5.6 doesn't adhere to the convention described in section 2 (the use of '>>' for sections with RFC2119 key words). -- I will admit that I wasn't following any discussion around UNSAFE and its introduction. I cannot say that I like this design, it feels excessively complicated in an already complicated specification. I struggle to see why this is being included in this form when there isn't yet any case driving its use. -- Could you suggest some application uses of the TSval and TSecr options? It is clear to me how my timestamp (and its reflection) are useful to me for calculating RTT, but that doesn't require the TSval be forward to the application. It is clear not how my peers timestamp is useful at all. I would prefer that the peers timestamp be treated as a monotonically increasing token. I guess that the values could be used to detect reordering, is this the intention of passing the values to the application? -- One such use is described as part of the UDP variant of packetization layer path MTU discovery I think this should say 'UDP Options variant', to me, a UDP variant would be an application layer protocol as described in section 6.1 of RFC8899. https://www.rfc-editor.org/rfc/rfc8899.html#name-application-support-for-dpl - Tom
- [tsvwg] Comments on UDP Options -13 Tom Jones
- Re: [tsvwg] Comments on UDP Options -13 touch@strayalpha.com
- Re: [tsvwg] Comments on UDP Options -13 Tom Jones