Re: [Anima] Anima and renumbering

2016-05-24 Thread Michael Richardson
s is either, so we can't even know when to stop announcing it. My belief is that our ACP will be designed to essentially avoid renumbering; doing so only when two ACPs merge due to an acquisition or something, and then it will be very much make-before-break over a period of days to months. -- Mi

Re: [Anima] CoAP et al

2016-08-03 Thread Michael Richardson
es you mention. (It's also worth making a comparison to what we consider "limited capabilities" to what we had as control plane CPUs 20 years years ago) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting

Re: [Anima] I-D Action: draft-ietf-anima-bootstrapping-keyinfra-03.txt

2016-07-05 Thread Michael Richardson
ld have to get a number of configuration parameters via the secured GRASP side. The history of computing is replete with examples of priviledge escalation attacks from situations that were not originally envisioned. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -=

Re: [Anima] Active issues in GRASP - issue 49

2016-08-02 Thread Michael Richardson
n particular, I would suggest that this really calls for a different instance/profile of GRASP. I.e. that routers should run a different context (same as running OSPF in different VRFs), and that we should even consider that it should do discovery on a different port. -- Michael Richardson <mcr

Re: [Anima] Fwd: Port and multicast address usage [Re: Anima@hackathon]

2017-02-09 Thread Michael Richardson
Brian E Carpenter <brian.e.carpen...@gmail.com> wrote: > UDP & TCP port: > GRASP_LISTEN_PORT = 1021 You pick a "system" port. It might be better for experimenters not to. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Softwa

[Anima] planning for ANIMA hackathon work

2017-02-09 Thread Michael Richardson
tified CWT as being an important voucher format, probably it will be *the* format for the 6tisch version of bootstrap. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Descriptio

Re: [Anima] CoAP et al

2016-08-16 Thread Michael Richardson
test cases: "I doubted if I should ever come back") -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] GRASP issue 55: Could discovery be performed over TCP?

2016-10-19 Thread Michael Richardson
ly available. (We tried in the IPSP WG to make it standard. We really tried hard) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailin

Re: [Anima] GRASP issue 58: Maximum message size?

2016-10-19 Thread Michael Richardson
ce to it. The reason for this work is to standardise current uses of hash outputs in URLs and to support new information-centric applications and other uses of hash outputs in protocols. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-

Re: [Anima] GRASP issue 56: Change Session-ID to 32 bits?

2016-10-19 Thread Michael Richardson
ecause > the same party initiates discovery and negotiation. But, can't there be multiple back and forths of M_NEGOTIATE? As such the same session-id would be sent in an M_NEGOTIATE in both directions. If not, then I don't understand negotiation at all. -- Michael Richardson <mcr+i...@sandel

[Anima] text for grasp-07 (-08)

2016-10-19 Thread Michael Richardson
o A flood mechanism (M_FLOOD), by which an ASA can cause the current value of an objective to be flooded throughout the AN so that any ASA can receive it. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- sign

Re: [Anima] GRASP issue 55: Could discovery be performed over TCP?

2016-10-22 Thread Michael Richardson
Brian E Carpenter <brian.e.carpen...@gmail.com> wrote: > On 21/10/2016 01:56, Michael Richardson wrote: >> >> Brian E Carpenter <brian.e.carpen...@gmail.com> wrote: >> >> What I was saying was, *IF* I know how to find a machine with an

Re: [Anima] Autonomic Registry

2016-11-14 Thread Michael Richardson
ntations is an implementation limitation, not an architectural limitation. The architecture supports talking the nearest registrar which is functioning. There are PKI implementation challenges with partitioning of the PKIX SerialNumber space (which must be unique), but it's a solved problem. -- ]

Re: [Anima] ANIMA state machines, take two

2016-11-14 Thread Michael Richardson
ACP formation, the formats belong in the > BRSKI and ACP drafts. Agreed, I don't think that there are any open questions here. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature __

[Anima] review of grasp-08

2016-11-23 Thread Michael Richardson
Is this valid: [M_FLOOD, 124567, fe80::1234, 27, [[O_IPv6_LOCATOR, fe80::1234, IPPROTO_UDP, 500]], ["ACP", flags, 1, ["bootstrap-okay"]] Could an O_DIVERT occur in an M_FLOOD? Can we have more than one locator option? -- Michael Richardson <mcr+i...@s

Re: [Anima] voucher presentation

2016-11-15 Thread Michael Richardson
is being handled by Terry, not Benoit :-) This document will also be used by 6tisch, btw. None of the authors care where the work is done; each of the groups would have to do the work themselves if it didn't happen elsewhere. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software

Re: [Anima] [Anima-bootstrap] weekly boostrap design team meetings

2016-11-18 Thread Michael Richardson
e is because we changed our clocks two weeks ago. If you'd rather the meeting was anchored otherwise, such that it stays at 11am EST, please say so. I'm flexible regardless. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.a

Re: [Anima] Desaster recover... (was: Re: [homenet] write up of time without clocks)

2016-11-12 Thread Michael Richardson
Toerless Eckert wrote: >> Devices that have been brought up and are in the network post >> bootstrap are not relevant to the BRSKI document. > To me the most important goal should be to provide candidate users with > deployment guidance. This should fit ANIMA

[Anima] update to slide 5 --- audit vs ownership voucher

2016-11-19 Thread Michael Richardson
I've fixed slide 5, as it was off-by-a-line when going from ODP to PPT. The replacement is at: http://www.sandelman.ca/tmp/anima/ in the files ietf97_summary.odp and ietf97_summary.pdf Chairs, it would be better if the proceedings had the corrected slide. -- Michael Richardson <mc

Re: [Anima] red/yellow/green lights for bootstrap and ACP feedback

2016-11-20 Thread Michael Richardson
ates indicated might be a generic “discovery”. Glad you agree about the difficulties here, yet the opportunity is clear. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] Intent per ASA or per AF?

2016-11-20 Thread Michael Richardson
I think that the answer to that would tell me how Intents should be partitioned. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima

Re: [Anima] Call for adoption on draft-kwatsen-netconf-voucher-00

2016-12-17 Thread Michael Richardson
er tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails[ -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Softwa

Re: [Anima] Hackathon at IETF94 thoughts

2017-01-12 Thread Michael Richardson
ng a meet up among us, but it may be easier for me to bring things to you in Feb or early March. It would make sense to do that after you have a student. Or you can come visit me at my credil.org office, which is in the innovation build of UQO.ca. (Which can't even spell IPv6) -- Michael

Re: [Anima] ownership vouchers (and git repo)

2016-11-30 Thread Michael Richardson
ion to adopting the work. So it's all heresay... Ultimately, it's an AD decision, and I'd like to hear from them, and get on with the actual work. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.

Re: [Anima] clarify +locator-option

2017-01-09 Thread Michael Richardson
less the () implies a level of sub-array, then there would be some unknown number of location-options, and then the last item would be objective, *if* it exists. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Descripti

[Anima] Hackathon at IETF94 thoughts

2016-12-29 Thread Michael Richardson
t get RPL to operate across a multi-platform situation, we might still be able to, for instance, M_FLOOD something across a bunch of IPsec P2P tunnels connecting things. That would be a significant accomplishment in my mind for a first attempt. -- Michael Richardson <mcr+i...@sandelman.ca>

[Anima] M_FLOOD vs M_DISCOVERY

2017-01-08 Thread Michael Richardson
for an M_FLOOD. As I see it there are advantages and disadvantages to each. My take before was that M_DISCOVERY was to be preferred in most cases. I'm really just writing to confirm this belief. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT cons

[Anima] clarify +locator-option

2017-01-08 Thread Michael Richardson
], [O_IPv4_LOCATOR, ipv6-address, transport-proto, port-number], [O_FQDN_LOCATOR, ipv6-address, transport-proto, port-number]]] -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP sig

Re: [Anima] M_FLOOD vs M_DISCOVERY

2017-01-08 Thread Michael Richardson
Michael Richardson <mcr+i...@sandelman.ca> wrote: bc> Secondly, the methods aren't mutually exclusive. If the "normal" bc> method is flooding an objective that I've called "AN_registrar" in my bc> toy code, nothing prevents discovery/synchro

Re: [Anima] M_FLOOD vs M_DISCOVERY

2017-01-08 Thread Michael Richardson
a regular refresh, so discovery seems appropriate. (Don't > forget that the discovery cache will time out, but that's standard.) > Send comments on > https://tools.ietf.org/html/draft-carpenter-anima-ani-objectives We > assumed the flooding model for registrar/p

Re: [Anima] Fwd: Re: [homenet] write up of time without clocks

2016-12-23 Thread Michael Richardson
ottleneck. (I wonder how we could get funding from the various emergency preparedness agencies) > Things need to just work during disaster recovery. > Brian -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consultin

Re: [Anima] GRASP API in C?

2017-03-24 Thread Michael Richardson
initialized globals and other stuff. (Go read the Contiki code for an example of what I mean...) Everyone else will write their ASAs in a higher level language: python, ruby, perl, java, scala, *go*, maybe rust. The really hard thing about the C api is that doesn't deal well with indefinites like int

[Anima] key management for MACsec

2017-03-27 Thread Michael Richardson
. But, if MACsec already has a key agreement protocol, that would be superfluous. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ie

Re: [Anima] GRASP API in C?

2017-03-24 Thread Michael Richardson
ents: someone may want to rewrite your code to this very limited subset (less than python 2, I'm told). I think that this is more likely to be a "library" than any C code. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting

Re: [Anima] prefix assignment

2017-03-29 Thread Michael Richardson
and PD) are > complementary not competitors. I don't see you saying that. I see ou trying to extend two internal mechanisms (ANIMA in the ISP, and HNCP in the home) such that they interact directly, rather than using PD. You say this right here: brian> But if the CE includes a little

Re: [Anima] [homenet] prefix assignment

2017-03-30 Thread Michael Richardson
. > Sorry if I wasn't clear. Would it merely request address space and handle > it out using HNCP, or would it actively renegotiate address space in > response to HNCP events? > If the latter -- why? It would hand out space via HNCP, and if it ran out of space,

Re: [Anima] [homenet] prefix assignment

2017-03-30 Thread Michael Richardson
a CASM/ANIMA mechanism at the edge to ask for more address space from HQ. (That could well be occuring via a VPN, or some dark fiber, doesn't matter) In that case, the HNCP and ANIMA parts would be in a common trust environment. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelma

Re: [Anima] GRASP API in C?

2017-03-23 Thread Michael Richardson
t fundamental mapping. As someone who writes lots of C, I am not convinced this is a useful exercise. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima

Re: [Anima] [homenet] prefix assignment

2017-03-29 Thread Michael Richardson
ting. The HNCP daemon would speak GRASP ASA on the "northbound" interface. It wouldn't necessarily speak HNCP. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature

Re: [Anima] prefix assignment

2017-03-29 Thread Michael Richardson
hat code would be locked down. In a store-bought CE, isn't this exactly > where BRSKI will help us? There is certainly an issue for home-made CE > images, but they will be a tiny minority of users. No, BRSKI doesn't help the ISP feel safe that the code I am running on my store-bought CE

Re: [Anima] FYI: GRASP testing this week

2017-03-29 Thread Michael Richardson
t broken packet as a test case. Please send pcap if you have it. > We also tested the Python code on MacOS and showed it interoperating > between Windows, Linux and MacOS simultaneously. And your code needs python 3.4, 3.2 isn't new enough. -- Michael Richardson <mcr+i...@sandelman

[Anima] autonomic framework

2017-03-27 Thread Michael Richardson
Michael, some comments driven by the slides: We changed the name from Join Assistant to Join Proxy, as a consistent name across netconf,anima and 6tisch. (Peter wants us to change it to Join Router, because it forwards packets... but...) -- Michael Richardson <mcr+i...@sandelman

Re: [Anima] GRASP API in C?

2017-03-25 Thread Michael Richardson
be a "library" than any C code. > I know nothing about uPython. I did look at downgrading my code to > Python 2 but quickly gave up because, well, Python 3 is better. So it > all depends on what they've kept and what they've removed in uPython. I don't kn

Re: [Anima] key management for MACsec

2017-03-27 Thread Michael Richardson
t support stock PKIX certs for identities? b) is this implemented widely? c) are there major communities of users that essentially still use PSK to authenticate? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Descr

Re: [Anima] autonomic framework

2017-03-27 Thread Michael Richardson
was authoritative for WG consensus :-) > Join Router is wrong. It forwards messages not packets. Maybe its next > name should be Join Middlebox, but I'm happy with Join Proxy. I agree. I'm thinking we should get a set of T-shirts. -- Michael Richardson <mcr+i...@sandelman.ca&g

[Anima] CASM BOF

2017-03-20 Thread Michael Richardson
be coordination with ANIMA... consider showing up to this BOF!!! -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ie

Re: [Anima] MichaelR: section 5.1.1 question (draft-ietf-anima-autonomic-control-plane-05)

2017-03-17 Thread Michael Richardson
DELMAN (46930) PEN.) If the WG has consensus on this, then I'll dig the text up. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/

Re: [Anima] CASM BOF

2017-03-21 Thread Michael Richardson
Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ ___ Anima mailing l

Re: [Anima] Factory reset: Do we need two types?

2017-03-14 Thread Michael Richardson
ast ACP connection goes down, that the device has essentially become unmanaged, and that it needs to do something (autonomic) to return to managed state. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP sig

Re: [Anima] draft-ietf-anima-autonomic-control-plane-06

2017-04-06 Thread Michael Richardson
the ACP to a backbone router, which will then decapsulate it (ignoring our words), and sending it out to the Internet at 100Gb/s speeds? This is the issue that I want to make sure the "considerations" point out. -- Michael Richardson <mcr+i...@sand

[Anima] GRASP vs ASA negotiation (was Re: concerns about selection of session-id in GRASP messages)

2017-03-09 Thread Michael Richardson
rent IP address, although at that point I consider that really, the GRASP daemon has just relayed the M_DISCOVERY to a very limited GRASP instance running inside the ASA. This might be the best way to think of the architecture that I'm thinking of anyway. That's why I wrote, above, it doesn't re

Re: [Anima] SecDir review of draft-ietf-anima-grasp-09

2017-03-09 Thread Michael Richardson
ol document? If someone is silly enough to specify an It matters, when humans have to confirm things. I think that objectives will be mostly baked into code. So, I agree with you, but I would rather exclude all that UTF stuff too. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Sof

Re: [Anima] Review of draft-ietf-anima-grasp-09

2017-03-03 Thread Michael Richardson
ry common usage...) So, nodes will have physical interfaces on which the ACP runs, and then ACP secured virtual interfaces on which GRASP will run. And then the limited subset GRASP will be used on the physical interfaces to discover new possible adjacencies. -- Michael Richardson <mcr+i...@sandel

[Anima] privacy in discovery

2017-03-11 Thread Michael Richardson
available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ ___ dnssd mailing list dn...@ietf.org https://www.ietf.org/mailman/listinfo/dnssd --- End Message --- -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IP

Re: [Anima] CRLs in iDevID manufacturer signing certs?

2017-03-11 Thread Michael Richardson
so concerned about how many bytes a CRL pointer requires. I'm guessing it's on the order of 50 bytes for the URL and container. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature __

Re: [Anima] SecDir review of draft-ietf-anima-grasp-09

2017-03-10 Thread Michael Richardson
her allow > it from the start, and if we have to add character-set restrictions > later, so be it. Barry, is there a way to say, "UTF-8 without all the confusing parts"? Is that what IDN is all about? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -=

Re: [Anima] Factory reset: Do we need two types?

2017-03-13 Thread Michael Richardson
way of writing it. As long as we have working ACP tunnels, then we can fix the configuration. What happens when the last ACP tunnel dies? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Descr

[Anima] VLANs and draft-ietf-anima-autonomic-control-plane-08.txt

2017-08-02 Thread Michael Richardson
rhaps we should write is that, on an unconfigured interface, if one sees VLAN encapsulated traffic on an interface on which, and one *would* send out the AN_ACP/AN_Proxy messages, that one should start sending some M_FLOODs for awhile on that VLAN interface. -- Michael Richardson <mcr+i...@sand

[Anima] ANIMA ACP -08 -- estimating depth of DODAG in storing mode

2017-08-02 Thread Michael Richardson
mation for a DODAG root to know how deep the network is? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] VLANs and draft-ietf-anima-autonomic-control-plane-08.txt

2017-08-02 Thread Michael Richardson
Michael Richardson <mcr+i...@sandelman.ca> wrote: > There are some chicken and egg problems here. > On the one hand (other hand in next email), there may be a variety of L2 > technologies ("LAN EXTENSION") which may be provided by other providers which

Re: [Anima] proxy discovery of registrar

2017-08-02 Thread Michael Richardson
ctive option > That implies that the registrar has something to announce to > the proxy (such as "I support foobar and barfoo"). Do we have some preference for "AN_join_register" (and AN_Proxy and AN_ACP), or is the AN_ prefix unwanted? -- Michael Richard

[Anima] proxy discovery of registrar

2017-08-01 Thread Michael Richardson
ich is why I think that I wound up into M_REQ_SYN. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://ww

Re: [Anima] [6tisch] Cross-WGs WGLC (second) on draft-ietf-anima-voucher-04 - Respond by Aug 08, 2017

2017-08-02 Thread Michael Richardson
does. Also proves you read every word. We also accept patches via github :-) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

[Anima] draft minutes from bootstrap design team

2017-08-10 Thread Michael Richardson
sfer-encoding'? Content-Transfer-Encoding: base64 smime-type is originally defined in RFC3851 but the more recent reference is RFC5751, RFC7030, 3851 etc. But RFC7114 defines the IANA registry. For unsigned vouchers, we discussed if we should be using application/json, or somet

[Anima] does BRSKI need three-way handshake before MASA commits?

2017-08-12 Thread Michael Richardson
involve consulting a human. If a large number of devices are + attacked in such a way, a human might just accept all the devices in + a batch mode, permitting an actually compromise device through. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT cons

Re: [Anima] pinned-domain-certificate and other BRSKI comments

2017-07-13 Thread Michael Richardson
sponse and change the URL to /requestauditlog/v1 ? (I read to the end of the diffs, and found nothing else that stirred me) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature __

Re: [Anima] Is this how BRSKI/IPIP works?

2017-07-13 Thread Michael Richardson
oins the Yeah, you are right, this doesn't work if there are multiple registrars. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/

Re: [Anima] pinned-domain-certificate and other BRSKI comments

2017-07-13 Thread Michael Richardson
urning those bytes across the link. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on ra

Re: [Anima] I-D Action: draft-ietf-anima-grasp-15.txt

2017-07-13 Thread Michael Richardson
from 14->15, and they all look good to me. (In case anyone cares about WG consensus...) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailin

Re: [Anima] pinned-domain-certificate and other BRSKI comments

2017-07-14 Thread Michael Richardson
jwt or format=cwt? > What does "grow" mean? I mean, extend the protocol through additional RFCs. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature _

Re: [Anima] Is this how BRSKI/IPIP works?

2017-07-14 Thread Michael Richardson
ese class of devices in any event. 1) Constrained devices are out of scope for ANIMA. 2) even if they were in scope, kinetic powered light switches are not good candidates for join proxies. Light bulbs, however. -- Michael Richardson <mcr+i...@sandelman.ca>

Re: [Anima] Is this how BRSKI/IPIP works?

2017-07-17 Thread Michael Richardson
or the proxy, and also that we needed multiple Ar for the proxy connection. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list An

[Anima] pinned-domain-certificate and other BRSKI comments

2017-07-13 Thread Michael Richardson
here and start a new email about this. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ s

Re: [Anima] Is this how BRSKI/IPIP works?

2017-07-12 Thread Michael Richardson
ex where the request was coming from rather than try to find some bits in some other protocol like one you mention above. TSP is too complex for our needs. Teredo has some space for additional stuff. It should be straight forward to define it over IPv6 rather than v4. Seems a bit weird to me though. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] Is this how BRSKI/IPIP works?

2017-07-14 Thread Michael Richardson
ouble > ;-). There are various encap/decap specs of that kind, and the NAT64 > stuff also goes into horrible detail... okay. Are you suggesting the 6to4 document should be looked at for style? -- ] Never tell me the odds! | ipv6 mesh networks [ ] Mich

[Anima] ACP document

2017-07-22 Thread Michael Richardson
unnel will be naturally configured across that L2 fabric). -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] IPIP in draft-ietf-anima-bootstrapping-keyinfra-07

2017-07-11 Thread Michael Richardson
IP on Address Ar, use Lr for mcr> connections" mcr> 2) we make Lr = well known Link-Local anycast address I included Lr in the protocol, even if we might decide that we want to make it well-known. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT

Re: [Anima] Voucher signing method

2017-04-26 Thread Michael Richardson
voucher via asn1 dump. You’d have to look > at the binary if you really want to decode it. This voucher was > generated by MCR during the hackathon: -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-

Re: [Anima] Port assignment for GRASP

2017-04-29 Thread Michael Richardson
Brian E Carpenter <brian.e.carpen...@gmail.com> wrote: > We have an early assignment from IANA for the GRASP port: 7017. Cool. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description

Re: [Anima] ACP document --- 07 to 08 changes

2017-07-31 Thread Michael Richardson
All of my minor edits and a few smallish friendly amendments are at: https://github.com/anima-wg/autonomic-control-plane/pull/3 Michael Richardson <mcr+i...@sandelman.ca> wrote: > I'm reading the -07 version of ACP (because it's been open in a tab Now to the chang

Re: [Anima] GRASP multicast frequency

2017-05-03 Thread Michael Richardson
his effect needs to be understood by implementors. Given an ACP, the L2 devices should only see unicast ESP packets. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature

Re: [Anima] Review of draft-ietf-anima-voucher-02

2017-05-15 Thread Michael Richardson
eration may be specification in > my eyes. It should not have normative words. Perhaps naming it Design Considerations is the error. I don't see the normative words there as wrong; they need to be there. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6

Re: [Anima] Security references [Re: Artart telechat review of draft-ietf-anima-grasp-11]

2017-05-10 Thread Michael Richardson
>> >> The downside is that if we get into the RFC Editor queue, GRASP >> could in theory be published before the ACP becomes an RFC. >> That seems wrong. >> >> Opinions, please! >> >> Brian >> >> _________

Re: [Anima] Remove UDP text [ Spencer Dawkins' No Objection on draft-ietf-anima-grasp-11: (with COMMENT)]

2017-05-17 Thread Michael Richardson
be TCP. (In my opinion, inside the point to point mesh ACP, one might as well keep a single TCP connection up for every M_DISCOVER and M_FLOOD, as UDP has no advantage there) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.

Re: [Anima] Artart telechat review of draft-ietf-anima-grasp-11

2017-05-10 Thread Michael Richardson
o suggest that not having > confidentiality for the general discovery case is unwise and not > having authentication for the same seems like a real deal-breaker. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT

[Anima] Use of M_FLOOD for discovery of Proxy

2017-06-12 Thread Michael Richardson
/draft-ietf-anima-bootstrapping-keyinfra-06#section-3.1.1 As there is no dispute about it, I think. If it should be named AN_PROXY, that's fine. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature __

[Anima] minor clarifications to voucher

2017-06-20 Thread Michael Richardson
consider to be its owner. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/li

Re: [Anima] minor clarifications to voucher

2017-06-20 Thread Michael Richardson
William Atwood <william.atw...@concordia.ca> wrote: > Nit: > s/manufacture/manufacturer/ > See below for position. Thanks, edited. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Descr

[Anima] voucher question re: pinned-domain-cert

2017-06-21 Thread Michael Richardson
main-cert, which we did not include in the example. I am guessing that we would write "base4-encoded X509 DER" The question is, would this be in any way different than writing "X509 PEM"? One would want to omit the "BEGIN FOO", lines, and all newlines, but I think it would b

Re: [Anima] [Anima-bootstrap] Voucher signing method

2017-05-22 Thread Michael Richardson
56r1 because the examples are in that, and the libraries are up-to-date for it. But I'd rather be using Ed25519: it becomed bleeding edge work. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature __

Re: [Anima] dealing with multiple manufacturer services with a single certificate extension

2017-05-22 Thread Michael Richardson
to create a > table that MUD/ANIMA controllers simply download when they see the URL. It > might look something like this: When you say ANIMA controller, I think you mean the JRC? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-

Re: [Anima] Adam Roach's No Objection on draft-ietf-anima-grasp-12: (with COMMENT)

2017-05-24 Thread Michael Richardson
h subsequent such registration using the > next smaller number available. Actually, we aren't limited to 1-octet. It's a CBOR integer, and grows automatically. So we could have >=256 for GRASP-only things. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -=

Re: [Anima] WG input needed: Ben Campbell's question on GRASP (1)

2017-05-29 Thread Michael Richardson
Required" or even FCFS for M_* values >65536, btw. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

[Anima] [Cbor] FYI: JSON Constrained Notation (fwd) Peter Saint-Andre - Filament: [Cbor] FYI: JSON Constrained Notation

2017-05-18 Thread Michael Richardson
nd Message --- -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima

Re: [Anima] [Cbor] FYI: JSON Constrained Notation (fwd) Peter Saint-Andre - Filament: [Cbor] FYI: JSON Constrained Notation

2017-05-19 Thread Michael Richardson
overage of low-resource, low-energy devices. I agree. I see it easier to teach non-constrained devices new tricks. I'm not convinced we can use any of the deployed JOSE infrastructure *completely* unchanged, so as long as changes are needed... -- Michael Richardson <mcr+i...@sandelman.ca>, Sandel

Re: [Anima] Need WG input: Adam Roach's comment on GRASP

2017-05-30 Thread Michael Richardson
dn’t be very small; say, 65280 to 65535.) -1 to -32! -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailing list Anima@ietf.org https://www.i

Re: [Anima] Need WG input: Alexy Melnikov's suggestion on GRASP

2017-05-30 Thread Michael Richardson
ld text, transport-proto be? > "https://example.com:9943/my/path;, Null, Null perhaps. > Also of course see the thread on Adam Roach's comment. okay, then give me an example where it wouldn't be null and null? -- ]

Re: [Anima] [Anima-bootstrap] Voucher signing method

2017-05-31 Thread Michael Richardson
to > github tomorrow so you can see what i mean. Max, can you indicate what your current thinking is in the movement From PKIX signed custom JSON to ... a) JWS signed custom JSON? b) JWT, with standard claims? -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works

[Anima] 200 vs 201 responses from MASA to Registrar (BRSKI-MASA protocol)

2017-06-04 Thread Michael Richardson
just the 201, and expect the Registrar to do a GET, although that would be more correct. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signature.asc Description: PGP signature ___ Anima mailin

Re: [Anima] RPL alternatives in ACP?

2017-06-07 Thread Michael Richardson
standard? Why discussing it here? You could make > your own choice for protocol without asking for WG opinion/consensus. Exactly, well said. -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =- signatu

  1   2   3   4   5   >