[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16

To: Roland Bless <bless at tm.uka.de>
Subject: Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
From: Magnus Westerlund <magnus.westerlund at ericsson.com>
Date: Fri, 16 Oct 2009 11:29:04 +0200
Cc: draft-ietf-nsis-qos-nslp at tools.ietf.org, NSIS <nsis at ietf.org>
Delivered-to: nsis at core3.amsl.com
In-reply-to: <4AD472FF.4060306 at tm.uka.de>
List-archive: <http://www.ietf.org/mail-archive/web/nsis>
List-help: <mailto:nsis-request@ietf.org?subject=help>
List-id: Next Steps in Signaling <nsis.ietf.org>
List-post: <mailto:nsis@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/nsis>, <mailto:nsis-request@ietf.org?subject=unsubscribe>
References: <4AC4B492.6070005 at ericsson.com> <4AD472FF.4060306 at tm.uka.de>
User-agent: Thunderbird 2.0.0.23 (Windows/20090812)

Roland Bless skrev:
> Hi Magnus,
> 
> I'll try to answer C. and D.
> 
> Magnus Westerlund wrote:
>> B. Section 3.1.3 contains a reference to draft-manner-nsis-nslp-auth.
>> This is an informational reference. But I do wonder about the security
>> solution and its need to carry authentication information. No, I don't
>> want to make this a normative reference. But I do wonder how the WG
>> plans to present the lack of even one fully specified security solution,
>> even if this is going for experimental.
> 
> This is indeed a good point. Without the session authorization object,
> there is only TLS transport security in a hop-by-hop manner, which is
> also not related to individual sessions or users. So the above draft
> is indeed very useful.

I think there might be a point to admit openly that the security
solution for this behavior is currently not specified and do require work.

> 
>> C. Section 3.2.12.1: How long does it take to detect that a new down
>> stream peer exist, or that truncation has happened?
> 
> Route change detections depends on the GIST route change detection
> mechanisms, at latest the next GIST probing Query message
> sent. Details are described in section 4.4.4. of the GIST draft, so
> in the default case of 30s routing state validity probing Querys are
> sent in the interval [15s...22.5s]. In some cases GIST may detect
> route changes faster and thus send a new Query earlier. Route change
> detection requires the three-way GIST handshake to be completed first
> though (i.e., at least RTT for GIST Query/Response pair).
> In case of path truncation, one must distinguish whether the new
> next hop is GIST aware or not. The draft describes the former case,
> so GIST will respond with "Unknown NSLPID" error in the GIST Response
> to the Query and the same duration as above can be expected. In the
> latter case of a non GIST-aware hop it takes longer, because the
> querying node may perform retransmissions and exponentially backup,
> so in this case we get a default 127*500ms=63.5s (T1=500ms, T2=64s)
> as worst case. But as indicated in 5.3.3 of the GIST draft, NSLPs may
> bound this response time by limiting T2 in the sendmessage() primitive
> explicitly.
> 
Thanks for the answer. I don't think there is any need to do changes
here in the text.


>> D. Section 4.6, page 35, second paragraph. It is not clear to me how (1)
>> can be guaranteed to arrive prior to (2), or if both message are sent
>> width bound to the other one?
> 
> That's exactly the motivation for the message binding. You cannot
> guarantee it, so both messages have to wait on each other. This case
> is described on p. 36: "Triggering message" (3) arrives before waiting
> (bound) message (1). Usually the waiting condition is then already
> satisfied, so (1) can be processed immediately. I'm not sure that I
> understand the last part of your question correctly, but (1) will
> contain a BOUND_MSG_ID and (2) and (3) will carry the corresponding
> MSG_ID.
> 

Hmm, clearly my thought process wasn't working. I don't see any issues
with the text when revisiting it. It seem to have the relevant
references to the mechanism used. So forget this comment.

-- 

Magnus Westerlund

IETF Transport Area Director
----------------------------------------------------------------------
Multimedia Technologies, Ericsson Research EAB/TVM
----------------------------------------------------------------------
Ericsson AB                | Phone  +46 10 7148287
Färögatan 6                | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund at ericsson.com
----------------------------------------------------------------------

References:
- [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
  - From: Magnus Westerlund
- Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
  - From: Roland Bless

Prev by Date: Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
Next by Date: Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
Previous by thread: Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
Next by thread: Re: [NSIS] AD review comments of draft-ietf-nsis-qos-nslp-16
Index(es):
- Date
- Thread