Thanks Esko,
inline
On Tue, Nov 21, 2023 at 01:12:45PM +0000, Esko Dijk wrote:
> A first comment / question here: in IETF 118, it was proposed to focus the
> discovery methods for Constrained BRSKI
> (draft-ietf-anima-constrained-voucher) only on a single mechanism and leave
> further alternatives to future work (like GRASP and mDNS).
>
> We didn't specifically discuss this aspect for the Constrained Join Proxy
> draft - do we need to do the same thing here and so take out the GRASP
> discovery text?
> Or are we sufficiently confident the GRASP definition is okay and valuable to
> have already now included in a draft? In that case we may leave it in.
>
> Esko
Check the GRASP text in both drafts, i think the text in constrained-join-proxy
is more
harmfull to move forward than the one in constrained-voucher. So i would
definitely
like to see it removed, or i would want to raise concerns about it (which i
think we
don't need to spend time on to get the constrained docs out the door):
draft-ietf-anima-constrained-voucher proposes:
discover (stateful) registrar by proxy: AN_join_registrar/BRSKI_JP
discover proxy by pledge: AN_Proxy/DTLS
The two objective-values proposed are not what we would logically end up with
when
using the more systematic approach from brsi-discovery, instead, both could be
empty strings - because both are defaults for use with CoAPs, which we
declare to
be assumed by use of IPPROTO_UDP. But both values would not matter, but could
be
defined easily for backward compatibility into brski-discovery if we would
keep
the text.
draft-ietf-anima-constrained-join-proxy proposes:
discover stateless registrar by proxy: AN_join_registrar/BRSKI_RJP
discover proxy by pledge: AN_Proxy/DTLS-EST
The use of AN_join_registrar objective-name would forfeit the transparent
operation
of join-proxies as described in brski-discovery, because it moves the choiceof
incompatible proxy<->registrar transport (stateful vs. stateless) into the
objective-value
element. Aka: this choice would block the way forward with brski-discovery
unless
brski-discovery would declare this specification invalid.
brski-discovery instead proposes to use objective-name AN_join_registrar_rjp
to
indicate a stateless join registrar service. Hence allowing for all the
different
objective-value we want to use to be still available (and not occupied by the
"BRSKI_RJP" value).
Discovery of the proxy by the pledge vi DTLS-EST is also incompatible with
what
constrained-voucher writes (DTLS), aka: it could not automatically be created
by
a transparent proxy as proposed by brski-discovery (which would simply keep
"DTLS").
In addition, constrained-join-proxy also includes one nice inspirational line:
h'fda379a6f6ee00000200000064000001', IPPROTO_TCP, 8443],
["AN_join_registrar", 4, 255, "CMP"],
To discover a CMP registrar, but without any explanations.
Aka: i'd have to go through the whole GRASP discovery text and see that its not
wrong, and i'd rather spend that effort writing brski-discovery correctly...
Aka: pls. remove is my preferred option.
Lets see that we do check the CoAP text to be correct though with what we want
to
have going forwardg.
Thanks!
Toerless
> -----Original Message-----
> From: Anima <[email protected]> On Behalf Of Michael Richardson
> Sent: Monday, November 6, 2023 15:24
> To: [email protected]
> Subject: Re: [Anima] I-D Action:
> draft-ietf-anima-constrained-join-proxy-15.txt
>
>
> [email protected] wrote:
> > Title: Join Proxy for Bootstrapping of Constrained Network Elements
> > Authors: Michael Richardson Peter van der Stok Panos Kampanakis Name:
> > draft-ietf-anima-constrained-join-proxy-15.txt Pages: 26 Dates:
> > 2023-11-06
>
> ...
> > A diff from the previous version is available at:
> >
> https://author-tools.ietf.org/iddiff?url2=draft-ietf-anima-constrained-join-proxy-15
>
> This is a repost of the I-D, because it expired.
> This version includes partial work on the IoT-Directorate review comments
> received in August, and which are still issues:
>
> https://github.com/anima-wg/constrained-join-proxy/issues
>
> So the work is just not done yet.
> There are a number of pull requests, some rather old, which I need to clean
> up and/or merge:
> https://github.com/anima-wg/constrained-join-proxy/pulls
>
> Your comments are of course, very welcome.
> It probably the case that there is need for some additional review/text based
> upon the
> new conversations about the discovery draft. It would be great if there are
> new eyes reading this document if they notice the mismatches.
>
> --
> Michael Richardson <[email protected]>, Sandelman Software Works
> -= IPv6 IoT consulting =- *I*LIKE*TRAINS*
>
>
>
--
---
[email protected]
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
