Update to the ipn URI scheme
draft-ietf-dtn-ipn-update-13
Discuss
Yes
Erik Kline
No Objection
Mahesh Jethanandani
No Record
Gunter Van de Velde
Jim Guichard
Summary: Has a DISCUSS. Has enough positions to pass once DISCUSS positions are resolved.
Roman Danyliw
Discuss
Discuss
(2024-06-19 for -11)
Sent
** The meta-data of this document says RFC9171 and 7116 are updated. This document would benefit from very specifically identifying what parts of those documents are being “patched” (aka, updated) by this document. How does a reader combine this document with 7116 and 9171? For example, my read is that Appendix A of this document replaces Section 4.2.5.1.2 of RFC9171. ** Backwards compatibility -- Section 1 By updating [RFC7116] and [RFC9171], this document updates the specification of the ipn URI scheme, in a backwards-compatible way, to provide needed improvements both in the scheme itself and its usage to specify EIDs with BPv7. -- Section 7.1 The ipn scheme update that has been presented in this document preserves backwards compatibility with any ipn URI scheme going back to the provisional definition of the ipn scheme in the experimental Compressed Bundle Header Encoding [RFC6260] specification in 2011. I need help better understanding how the redefinition of the ipn scheme in Appendix A is backwards compatible with RFC7116 or RFC9171. If I have an RFC9171-compliant implementation, the “IPN scheme parser” is using Section 4.2.5.1.2 of RFC9171 – that is, it has no knowledge of the fqnn/allocator identifier. This RFC9171 implementation would not be interoperable with an implementation that emits an ipn scheme defined this draft since it couldn’t parse the allocator identifier (e.g., “ipn:0:1:2” or “ip:!:2”). An RFC9171 implementation’s of ipn will always be understand by implementions of this draft, but the reverse is not true.
Comment
(2024-06-19 for -11)
Sent
Thank you to Russ Housley for the GENART review. Mahesh and Francesca already covered what I would have said about cross-stream coordination and cross-documents status updates. ** Section 3.2.1 An Allocator Identifier range is a set of consecutive Allocator Identifiers associated with the same Allocator. Each individual Allocator Identifier in a given range SHOULD be assigned to a distinct sub-organization of the Allocator. Assigning identifiers in this way allows external observers both to associate individual Allocator Identifiers with a single organization and to usefully differentiate amongst sub-organizations. Given that it is not mandatory for allocator identifiers to be assigned to distinct sub-organizations, why would there be a belief that “external observers [can] associate individual Allocator Identifiers with a single organization and to usefully differentiate amongst sub-organizations.” It appears that an external observer can make no assumptions about sub-organizations without additional information. ** Per the shepherd write-up (thank you Scott Burleigh!) -- “The sole erratum against RFC 7116 was documented by one of the authors of the present document and has been addressed in this new specification. However, the I-D does not state explicitly that it addresses that erratum.” It would have been helpful to call out which errata was addressed here -- “No IANA assignments are requested.” That doesn’t appear to be accurate.
Erik Kline
Yes
Orie Steele
Yes
Comment
(2024-06-12 for -11)
Sent
# Orie Steele, ART AD, comments for draft-ietf-dtn-ipn-update-11 CC @OR13 https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-dtn-ipn-update-11.txt&submitcheck=True Thanks for Marco Tiloca for the ART ART Review, and to the authors for addressing his comments. ## Comments ### Cross domain private use ``` 441 Because of this lack of uniqueness, any implementation of a protocol 442 using ipn URIs that resides on the border between administrative 443 domains must have suitable mechanisms in place to prevent protocol 444 units using such "Private Use" Node Numbers to cross between 445 different administrative domains. ``` Should this "must" be normative MUST or SHOULD? Later we see: ``` 563 administrative domain. This means that any bundle using a Private 564 Use ipn EID as a bundle source or bundle destination MUST NOT be 565 allowed to cross administrative domains. All implementations that 566 could be deployed as a gateway between administrative domains MUST be 567 sufficiently configurable to ensure that this is enforced, and 568 operators MUST ensure correct configuration. 570 Private Use ipn EIDs SHOULD NOT be present in any other part of a 571 bundle that is destined for another administrative domain when the 572 lack of uniqueness prevents correct operation. For example, a 573 Private Use ipn EID SHOULD NOT be used as a Bundle Protocol Security 574 [RFC9172] security source EID for a bundle, when the bundle is 575 destined for a different administrative domain. ``` Why not MUST, or when can this SHOULD be ignored. ### ! clarity ``` 472 3. If the Allocator Identifier is zero (0), and the Node Number is 473 2^32-1, i.e., the URI is a LocalNode ipn URI (Section 3.4.2), 474 then the character '!' MAY be used instead of the digits 475 4294967295, although both forms are valid encodings. ``` Can this be made a SHOULD? Is there really no preferred text encoding for this case? ### 538 5.4. LocalNode ipn EIDs ``` 550 LocalNode ipn EIDs SHOULD NOT be present in any other part of a 551 bundle that is transmitted off of the local node. For example, a 552 LocalNode ipn EID SHOULD NOT be used as a Bundle Protocol Security 553 [RFC9172] security source EID for a bundle transmitted from the local 554 bundle node, because such a source EID would have no meaning at a 555 downstream bundle node. ``` Why not MUST NOT? ### Consider promoting examples from appendix for readability ``` 659 For example the ipn EID of ipn:977000.100.1 has an FQNN of 660 (977000,100) which would be encoded as 0xEE86800000064. The 661 resulting two-element array [0xEE86800000064, 0x01] would be encoded 662 in CBOR as the 11 octet value 0x821B000EE8680000006401. ``` Consider a commented hex representation of this value: ``` 82 # array(2) 1B 000EE86800000064 # unsigned(4196183048192100) 01 # unsigned(1) ``` Same comment for the 3 element example that follows: ``` 83 # array(3) 1A 000EE868 # unsigned(977000) 18 64 # unsigned(100) 01 # unsigned(1) ``` I was initially expecting to see a tagged example based on: ``` 618 URI text string. Alternatively, Section 3.4.5.3 of [RFC8949] allows 619 for the encoding of URIs as CBOR text strings identified with a CBOR 620 tag value of 32. ``` I think it might be worth recommending against the text encoded representation, similar to the recommendation: ``` 689 value zero (0). In this case using the two-element encoding will 690 result in a more concise CBOR representation, and it is RECOMMENDED 691 that implementations do so. ``` ### When SHOULD they? ``` 817 The concept of "late binding" is preserved in this ipn URI scheme. 818 Elements of an ipn URI SHOULD NOT be regarded as carrying information 819 relating to location, reachability, or other addressing/routing 820 concern. ``` Consider making this a MUST? ### define limited expressiveness ``` 858 The limited expressiveness of URIs of the ipn scheme effectively 859 eliminates the possibility of threat due to errors in back-end 860 transcoding. ``` Do you mean that they lack path or query components? Is there any backend transcoding that is expected here? ### convergence layer examples ``` 879 interception of these URIs is minimal. Examination of ipn URIs could 880 be used to support traffic analysis; where traffic analysis is a 881 plausible danger, bundles should be conveyed by secure convergence- 882 layer protocols that do not expose endpoint IDs. ``` Are there any protocols that could be recommended or provided as an example here? ### Is this sentence needed? ``` 1064 Services that are specific to a particular deployment or co-operation 1065 may require a registry to reduce administrative burden, but do not 1066 require an entry in this registry. ``` I don't understand why this is here, consider removing it. ## Nits ### DTNs expand on first use ``` 157 environments behind a shared administrative domain. The growth in 158 the number and scale of deployments of BPv7 DTNs has been accompanied 159 by a growth in the usage of the ipn URI scheme which has highlighted 160 areas to improve the structure, moderation, and management of this 161 scheme. ``` ### follow -> following ``` 465 To keep the text representation concise, the follow rules apply: ``` ### is -> in ``` 894 IANA is requested to update the reference to the 'ipn' scheme is the ```
Zaheduzzaman Sarker
Yes
Comment
(2024-06-19 for -11)
Not sent
Thanks for working on this document.
Deb Cooley
No Objection
Comment
(2024-06-16 for -11)
Not sent
Modulo the GenArt review by Russ Housley.
Francesca Palombini
No Objection
Comment
(2024-06-19 for -11)
Sent
Thank you for the work on this document. Although the "Updates" tag is quite undefined, and so there is nothing explicitly prohibiting a standard track RFC to update an Informational RFC, I also think this is non-optimal. One possible resolution would be to analyse why is this "Updates" tag needed, and if it is not absolutely necessary remove the "Updates: 7116". Another resolution would be to do what Russ suggests (https://mailarchive.ietf.org/arch/msg/gen-art/juHW-YYZ1lesibNd0gDxRvFE0HY/): this document and a companion document ought to obsolete RFC 7116, where the companion document separately handles all of the non-ipn topics in RFC 7116. The companion document can be an informational RFC. This would be cleaner (process-wise), but would take more time, and I also understand some participants would rather not obsolete 7116 (although it seems to me referencing its updating document should be trivial). Finally, if the "Updates" tag was kept I would follow the same process as for "cross stream updates" https://www.irtf.org/policies/cross-stream-updates.html and request a review from the IRTF stream manager. Side note: while scanning 7116, it seems to me that the actual RFC defining the concepts (from which 7116 defines IANA registries) is 6260. Is that wrong, did I miss something? Note that the same comment as above would apply, since 6260 is also an IRTF informational doc.
John Scudder
No Objection
Comment
(2024-06-19 for -11)
Sent
I support Mahesh's DISCUSS. I'm not particularly concerned about a Proposed Standard updating an Informational, but I am concerned about an IETF spec updating an IRTF spec without prior coordination between the respective bodies, which I don't see mentioned in the shepherd writeup or elsewhere. I don't imagine the IRTF would object but it seems prudent to ask and poor form not to.
Mahesh Jethanandani
(was Discuss)
No Objection
Murray Kucherawy
No Objection
Comment
(2024-06-19 for -11)
Sent
Thanks to Marco Tiloca for his ARTART reviews. I support Roman's DISCUSS. Appendix A uses a BCP 14 keyword, and (as discussed on another document this week) that's a bit of an antipattern. This should probably move into a numbered section. I'm not comfortable with the SHOULD in Section 3.2. I suggest "are to be". Why might a registrant legitimately deviate from this constraint? If such situations exist, does the advice to DEs given later in this document cover that case? Or if I'm misunderstanding something, please set me straight. The SHOULD NOTs in Sections 5.4 and 5.5 are curious. Why aren't they MUST NOTs? Or should they be lowercased? If you're identifying a risky behavior here that may have downstream side effects, I'd suggest tightening this to a MUST NOT. Or if instead it's just a weird thing to do but doesn't really matter, maybe it's not worth constraining. Otherwise, you're leaving the implementer with a choice, and I wonder how you expect them to make it. NIT(s): * This, in Section 3.1, reads oddly: "No resource identified by Null ipn URI exists, and any such resource is therefore by definition unreachable." The part after the comma is ascribing a property to something that doesn't exist (or to all members of an empty set). I would just end the sentence at the comma. * In Section 9.3, it seems weird to put the Example block right in the middle of the Specification Required range. Is that just because of the apparent 0xEEE* convention? Maybe there should be a "Examples" block in Table 5 instead?
Paul Wouters
No Objection
Comment
(2024-06-19 for -11)
Not sent
I felt a kind of deja vu reading this document :)
Warren Kumari
No Objection
Comment
(2024-06-18 for -11)
Sent
Thanks to Tim Wicinski for the Ops-Dir review (https://datatracker.ietf.org/doc/review-ietf-dtn-ipn-update-09-opsdir-lc-wicinski-2024-02-13/) For the record I see no issues with a Standards Track document updating an Informational one -- if the situation were reversed I could see an issue, but...
Éric Vyncke
No Objection
Comment
(2024-06-18 for -11)
Sent
Thanks for the work done in this document. Please find below some non-blocking comments (but a reply will be appreciated). Jean-Michel Combes is the int-dir reviewer for this document, expect a review by Jean-Michel before end of this week at: https://datatracker.ietf.org/doc/draft-ietf-dtn-ipn-update/reviewrequest/19784/ The shepherd write-up contains a nugget `The specification is intended to be Standards Track eventually but has not yet been implemented.` ;-) does not help to comfort the choice of PS. It is really unclear what are the updates to RFC 7116 and 9171. It complements for sure those RFC but not clearly updating/changing the text. Suggest remove the update in abstract and meta-data. Section 3.3, `A single Node Number assigned by a single Allocator MUST refer to a single node` also means that there is neither "any cast" or "multicast" nodes. Is it on purpose ? Section 3.4.2, I would have prefer selecting 1 as the local node to be similar to ::1 or 127.0.0.1 ;-) Section 3.4.3, being far from being a DTN expert, I really wonder what is the use case for private node numbers... RFC 1918 motivation was largely address space conservation. Moreover, why imposing rules on the node numbering as the Allocator Identifier is enough to provide uniqueness. Section 3.5, it there any limit on the service number ? Section 4 and appendix A, my preference is to have normative text in the middle part of an RFC not in appendix. Section 9.1, in table 2 using hexadecimal for range could also be useful (or even plain decimal format as the textual representation is in decimal), also to make an easier link with table 3.
Gunter Van de Velde
No Record
Jim Guichard
No Record