I have been asked to review this by the Routing Directorate. Summary Although the are quite a few points below, a lot of them are editorials. However I am a bit worried about the safety of the mechanism proposed which seems to be rather more one-way that may be operationally safe. Genarally the text is clear and well written. Major Issues: In particular it is not the intention to undo the setting of the "T" flag. Though it is possible to roll back (see Section 5.3), adding nodes that do not support [RFC8138] after a roll back may be problematic if the roll back did not fully complete. SB> I see this as quite problematic. There are a number of reasons why you might need to roll back: network merging, legacy nodes, bugs in the implementation. I would think that you needed to be able to go backwards and forwards, without difficulty and yet you give the impression that it really is a one-way trip. I think that could be operationally problematic. ======== A node that cannot do so may remain connected to the network as a RUL, but how the node is modified to turn into a RUL is out of scope. SB> That is quite worrying in practical deployments that this is not specified. ======= To ensure that a packet is forwarded across the RPL DODAG in the form in which it was generated, it is required that all the RPL nodes support [RFC8138] at the time of the switch. SB> I am not sure if it is possible to implement the feature, but a safe implementation would have them report that they support it and use that to inhibit the setting of the T bit. ======== When turning [RFC8138] compression off in the network, the Network Administrator MUST wait until all nodes have converged to the "T" flag reset before allowing nodes that do not support the compression in the network. SB> How does it know that this has happened? ========= 7. Security Considerations First of all, it is worth noting that with [RFC6550], every node in the LLN that is RPL-aware can inject any RPL-based attack in the network. A trust model has to be put in place in an effort to exclude rogue nodes from participating to the RPL and the 6LoWPAN signaling, as well as from the data packet exchange. This trust model could be at a minimum based on a Layer-2 Secure joining and the Link-Layer security. This is a generic RPL and 6LoWPAN requirement, see Req5.1 in Appendix of [RFC8505]. SB> I am surprised there is not a MUST in the above considering the vulnerability. ====== An attacker in the middle of the network may reset the "T" flag to cause extra energy spending in its subDAG. Conversely it may set the "T" flag, so that nodes located downstream would compress when that it is not desired, potentially resulting in the loss of packets. In a tree structure, the attacker would be in position to drop the packets from and to the attacked nodes. So the attacks above would be more complex and more visible than simply dropping selected packets. The downstream node may have other parents and see both settings, which could raise attention. SB> I am worried that there are no real mitigations to this. The attack may be a bug. ========= Minor Issues The suggested bit position of the "T" flag is indicated in Section 6. SB> I know that you need to go through the IANA process, but future readers SB> will find the text a lot easier to follow if the bit is included in SB> Fig 1 above. SB> SB> Presumably the base spec sends with the T bit clear and thus the SB> feature is disabled. It might not hurt to remind the reader of this as it is what gives you the backwards compatibility. ======== A router MUST uncompress a packet that is to be forwarded to an external target. SB> Is there not a config option to retain compression to a consenting external party? ======== 6. IANA Considerations It would be clearer if there were an IANA/Editor request to also edit Fig 1 ======== Nits/Editorials Otherwise, a non-capable node acting as leaf-only would fail to SB> would be clearer as non-RPL-capable ======== communicate, and acting as a router it would drop the compressed SB> Perhaps: and if acting ======== The idea is to use the flag to maintain the compression inactive SB> Perhaps : The flag is cleared to maintain the compression inactive state ========= A node SHOULD source packets in the compressed form using [RFC8138] SB> source or send? ========== The decision of using [RFC8138] is made by the originator of the SB> the decision to use ========== A router that encapsulates a packet is the originator of the resulting packet and is responsible to compress the SB> for compressing ========== In most cases, packets from and to an external target are SB> "to and from" is more conventional English ========== Enabling the [RFC8138] compression without a turn-on signaling requires a "flag day"; all nodes must be upgraded, and then the network can be rebooted with the [RFC8138] compression turned on. SB> I am not sure my English is any better below, but the text could use a little polish Enabling the [RFC8138] compression without a turn-on signaling method requires a "flag day"; by which time all nodes must be upgraded, and at which point the network can be rebooted with the [RFC8138]compression turned on.