IETF Host Identity Protocol (HIP) mailing list ()

headers WongErnuz | 6 Aug 2008 09:19

_______________________________________________
Hipsec mailing list
Hipsec <at> ietf.org
https://www.ietf.org/mailman/listinfo/hipsec

_______________________________________________
Hipsec mailing list
Hipsec <at> ietf.org
https://www.ietf.org/mailman/listinfo/hipsec

Hi,

Yes it is possible to posses multiple HIs. If I understood your concern
correctly then I'll just want to correct one wrong assumption you have
made. The responder (peer) gets both the initiator's HI and HIT in the
I2 message so it there is no need to extract the HI from the DNS in
order to verify the signature. When the I2 is received the responder
verifies that the HIT matches with the HI received in the packet.

Regards,
Jan

WongErnuz wrote:
> Hi!
>
> I've been reading drafts on HIP and related papaers, and I kinda got
> the idea that it is OK for a single host to possess multiple HIs (is
> that really possible?). If so, I think there has to be a one-to-one
> binding relationship between a certain HI and a FQDN, otherwise, when
> a peer host needs to extract the sender's HI from the DNS according to
> the received FQDN to check the signature, wouldn't it be possible for
> the host to obtain multiple HIs all at once? (since the sender has
> many HIs itself) Therefore, how is the host supposed to know which one
> to use? If HIP RR contains HIT in addition to HI, the receiver can
> compare the HIT received in the header with each of the HITs obtained
> from DNS to find the corresponding HI the sender is currently using
> with the FQDN. However, since HIT provision is optional in DNS, I
> think it is necessary to recommend each host use a unique HI for a
> particular FQDN to avoid the one-to-many mapping. Am I right?
>
> I'm sorry if the quesiton seems stupid; I'm new on this...
>
> ------------------------------------------------------------------------
> 使用新一代 Windows Live Messenger 轻松交流和共享！ 立刻下载！
> <http://im.live.cn/>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Hipsec mailing list
> Hipsec <at> ietf.org
> https://www.ietf.org/mailman/listinfo/hipsec
>   

_______________________________________________
Hipsec mailing list
Hipsec <at> ietf.org
https://www.ietf.org/mailman/listinfo/hipsec

Hi all,

I asked a few questions related to the HIP Registration Extension back on 
April, but I think I never got an answer to these questions. The draft is 
now known as RFC 5203, but the issues remain unanswered. So I send my 
previous mail again, hoping to get an answer this time.

In addition to the issues presented below, I would like to propose a new 
Failure Type to be used in the REG_FAILED parameter. We have currently two 
Failure Types defined:

     Failure Type    Reason
     ------------    --------------------------------------------
     0               Registration requires additional credentials
     1               Registration type unavailable

Now, when the server is able to provide multiple services and some of 
these services cannot co-exist i.e. a single requester cannot be 
registered to these services simultaneously, how does the server respond 
to a registration attempt?

For example, if a server is able to provide both rendezvous service and 
full relay for HIP packets service (used in ICE), a single requester 
cannot be allowed to register to both of these services without canceling 
the previously granted service first.

For this type of situation, I suggest a new Failure Type:

     Failure Type    Reason
     ------------    --------------------------------------------
     2               Cancellation required

The other possibility would be to just silently overwrite the previous 
registration.

Best regards,
Lauri

---------- Forwarded message ----------
Date: Mon, 14 Apr 2008 16:30:40 +0300 (EEST)
From: Lauri Silvennoinen

Hi,

I am implementing / improving the existing implementation of the HIP
Registration Extension for InfraHIP project (HIPL). I have a few questions
concerning draft-ietf-hip-registration-02:

1) How does a registrar announce that it is capable of providing multiple
    services with different lifetimes?

     In Section 3.1 it is said that "a registrar SHOULD include a REG_INFO
     parameter in the R1 packets it sends during all base exchanges." The
     REG_INFO parameter, however, is of the following form:

         0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |             Type              |             Length            |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     | Min Lifetime  | Max Lifetime  |  Reg Type #1  |  Reg Type #2  |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |      ...      |     ...       |  Reg Type #n  |               |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+    Padding    +
     |                                                               |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

     I.e. it has single "Min Lifetime" and "Max Lifetime" values. The issue
     would be solved if the registrar could include multiple REG_INFO
     parameters in the R1 packets, but nothing is said about multiple
     REG_INFOs in the draft.

2) How to handle REG_REQUEST, REG_RESPONSE and REG_FAILED parameters that
    have redundant services? These parameters are of the following form:

      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |             Type              |             Length            |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |   Lifetime    |  Reg Type #1  |  Reg Type #2  |  Reg Type #3  |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |      ...      |     ...       |  Reg Type #n  |               |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+    Padding    +
     |                                                               |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

     Now, what happens if, say, both "Reg Type #1" and "Reg Type #2" are of
     type RVS? Not that it would make any sense to build such parameters, but
     the hosts should be ready to handle such parameters.

3) What happens if registration cancellation does not succeed? In Section
    5 it is said:

     "A zero lifetime is reserved for canceling purposes.  Requesting a zero
     lifetime for a registration type equals to canceling the registration
     of that type.  A requester MAY cancel a registration before it expires
     by sending a REG_REQ to the registrar with a zero lifetime.  A
     registrar SHOULD respond and grant a registration with a zero lifetime.
     A registrar (and an attached service) MAY cancel a registration before
     it expires, at its own discretion.  However, if it does so, it SHOULD
     send a REG_RESPONSE with a zero lifetime to all registered requesters."

     Thus if the requester wants to cancel a service it sends a REG_REQUEST
     parameter with zero lifetime to which the registrar should answer with
     a REG_RESPONSE with zero lifetime respectively. But what happens if the
     registrar is unable to cancel the registration due to transient
     conditions or some other reason? Does the registrar just remain silent
     or send a REG_FAILED?

Thanks,
Lauri

Hi Lauri,

Lauri Silvennoinen wrote:
> Hi all,
> 
> I asked a few questions related to the HIP Registration Extension back 
> on April, but I think I never got an answer to these questions. The 
> draft is now known as RFC 5203, but the issues remain unanswered. So I 
> send my previous mail again, hoping to get an answer this time.

Sorry for not answering before. Better later than never :)

Some comments inlined below:

> In addition to the issues presented below, I would like to propose a new 
> Failure Type to be used in the REG_FAILED parameter. We have currently 
> two Failure Types defined:
> 
>     Failure Type    Reason
>     ------------    --------------------------------------------
>     0               Registration requires additional credentials
>     1               Registration type unavailable
> 
> Now, when the server is able to provide multiple services and some of 
> these services cannot co-exist i.e. a single requester cannot be 
> registered to these services simultaneously, how does the server respond 
> to a registration attempt?
> 
> For example, if a server is able to provide both rendezvous service and 
> full relay for HIP packets service (used in ICE), a single requester 
> cannot be allowed to register to both of these services without 
> canceling the previously granted service first.

Ok for the usecase, but shouldn't this be considered as an error from 
the MN. The MN implementation supposedly knows that RVS and ICE are 
exclusive, and shouldn't try to register for both at the same time on 
the same node.

> For this type of situation, I suggest a new Failure Type:
> 
>     Failure Type    Reason
>     ------------    --------------------------------------------
>     2               Cancellation required

In that case, wouldn't be needed to signal to the MN which types of 
registration have to be canceled for the requested one to be granted?

> The other possibility would be to just silently overwrite the previous 
> registration.

Silent overwriting wouldn't be good. The registrar should grant the new 
registration and cancel the old one (see below excerpt from Sec. 5 of 
RFC 5203), or vice versa:

    A registrar (and an attached service) MAY cancel a
    registration before it expires, at its own discretion.  However, if
    it does so, it SHOULD send a REG_RESPONSE with a zero lifetime to all
    registered requesters.

[...]

> 1) How does a registrar announce that it is capable of providing multiple
>    services with different lifetimes?

When we wrote that spec we didn't foresee such a usecase. The lifetime 
was on per-server basis, i.e. the time the server is willing to provide 
registrations, the time it expects to stay up, etc.

>     In Section 3.1 it is said that "a registrar SHOULD include a REG_INFO
>     parameter in the R1 packets it sends during all base exchanges." The
>     REG_INFO parameter, however, is of the following form:
> 
>         0                   1                   2                   3
>      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>     |             Type              |             Length            |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>     | Min Lifetime  | Max Lifetime  |  Reg Type #1  |  Reg Type #2  |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>     |      ...      |     ...       |  Reg Type #n  |               |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+    Padding    +
>     |                                                               |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> 
>     I.e. it has single "Min Lifetime" and "Max Lifetime" values. The issue
>     would be solved if the registrar could include multiple REG_INFO
>     parameters in the R1 packets, but nothing is said about multiple
>     REG_INFOs in the draft.

Thus an additional specification would be required it seems.

> 2) How to handle REG_REQUEST, REG_RESPONSE and REG_FAILED parameters that
>    have redundant services? These parameters are of the following form:
> 
>      0                   1                   2                   3
>      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>     |             Type              |             Length            |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>     |   Lifetime    |  Reg Type #1  |  Reg Type #2  |  Reg Type #3  |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>     |      ...      |     ...       |  Reg Type #n  |               |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+    Padding    +
>     |                                                               |
>     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> 
>     Now, what happens if, say, both "Reg Type #1" and "Reg Type #2" are of
>     type RVS? Not that it would make any sense to build such parameters, 
> but
>     the hosts should be ready to handle such parameters.

I consider this as broken behavior from the registrar side, but anyway 
it seems the MN could simply ignore duplicates Reg types with no harm.

> 3) What happens if registration cancellation does not succeed? In Section
>    5 it is said:
> 
>     "A zero lifetime is reserved for canceling purposes.  Requesting a zero
>     lifetime for a registration type equals to canceling the registration
>     of that type.  A requester MAY cancel a registration before it expires
>     by sending a REG_REQ to the registrar with a zero lifetime.  A
>     registrar SHOULD respond and grant a registration with a zero lifetime.
>     A registrar (and an attached service) MAY cancel a registration before
>     it expires, at its own discretion.  However, if it does so, it SHOULD
>     send a REG_RESPONSE with a zero lifetime to all registered requesters."
> 
>     Thus if the requester wants to cancel a service it sends a REG_REQUEST
>     parameter with zero lifetime to which the registrar should answer with
>     a REG_RESPONSE with zero lifetime respectively. But what happens if the
>     registrar is unable to cancel the registration due to transient
>     conditions or some other reason? Does the registrar just remain silent
>     or send a REG_FAILED?

Again that would be broken behavior from the registrar side, we have a 
SHOULD there. If it doesn't do so, then it either doesn't reply or send 
REG_FAILED, in any case the MN would not be be mistaken in believing the 
cancellation was successful. Do you think more text is needed?

--julien

Hello,

As you might know, previously Host Identity Protocol (HIP) daemon made 
by hip4inter.net has been published under Ericsson Public License (a 
derivate from Mozilla Public License), but now the license has been 
changed and the new license is FreeBSD license or “2-clause BSD license” 
if you like to call it that.

The new code can be downloaded from 
http://www.hip4inter.net/download/download.php

On Behalf of whole hip4inter.net team
Jan Melen

On Mon, 18 Aug 2008, Julien Laganier wrote:

Hi Julien,

> Hi Lauri,
> Some comments inlined below:
>
>> ...
>
> Ok for the usecase, but shouldn't this be considered as an error from the MN. 
> The MN implementation supposedly knows that RVS and ICE are exclusive, and 
> shouldn't try to register for both at the same time on the same node.

It can and should be considered as an error from the Requester. However, 
this does not mean that the Requester cannot send such a message. I'm 
mostly concerned about the server implementation in all of the issues. 
Thus the question is: how does the server respond to a registration 
attempt having services that cannot co-exist. RFC 5203 does not provide 
instructions for this. Are you suggesting that the server should just 
silently drop such a request? If so, this should be put in clear text into 
the RFC.

>> ...
>
> In that case, wouldn't be needed to signal to the MN which types of 
> registration have to be canceled for the requested one to be granted?
>

This would be even better, but then we would need individual Failure Types
for each registration that needs to be cancelled. So instead of

     Failure Type    Reason
     ------------    --------------------------------------------
     2               Cancellation required

we would have for example:

     Failure Type    Reason
     ------------    --------------------------------------------
     101             RVS Cancellation required
     102             HIP RELAY Cancellation required
     103             ...
     ...

This could get too complicated when the number of HIP services (and HIP 
service related specifications) increases. So I would stick to the single 
"Cancellation required" value instead and let it be local policy at the 
Requester to know which services cannot co-exist. Either way, isn't it 
better to signal "Cancellation required" than "Registration requires 
additional credentials" or "Registration type unavailable" (or to remain 
silent) in this case?

>> ... 
>> but nothing is said about multiple REG_INFOs in the draft.
>
> Thus an additional specification would be required it seems.

Yes.

>>  2) How to handle REG_REQUEST, REG_RESPONSE and REG_FAILED parameters that
>>     have redundant services? These parameters are of the following form:
>> ...
>
> I consider this as broken behavior from the registrar side, but anyway it 
> seems the MN could simply ignore duplicates Reg types with no harm.

Broken behavior yes, but again, the RFC does not state in clear text how 
to handle such a case. If a REG_REQUEST has redundant services, then it's 
broken behavior at the Requester side. If a REG_RESPONSE or a REG_FAILED 
has redundant services, then it's broken behavior at the Registrar side. 
I suggest the following:

The REG_REQUEST case i.e. the client has requested redundant services. The 
server should not allow any broken behavior from the client. Therefore 
the whole packet having redundant services should be just silently 
dropped. Note that the process of handling the REG_REQUEST parameter at 
the server involves the creation of some kind of registration state and 
that this creation can be time and resource consuming.

The REG_RESPONSE and REG_FAILED cases i.e. the server has granted/denied 
redundant services. This should be a local policy issue at the client. If 
the server shows broken behavior, the client can always choose to use 
another server.

>>  3) What happens if registration cancellation does not succeed? In Section
>>     5 it is said:
>> ...
>
> Again that would be broken behavior from the registrar side, we have a SHOULD 
> there. If it doesn't do so, then it either doesn't reply or send REG_FAILED, 
> in any case the MN would not be be mistaken in believing the cancellation was 
> successful.

Perhaps this could be clarified by saying "The Requester cannot assume 
that the cancellation was successful until it receives a REG_RESPONSE with 
a zero lifetime."

> Do you think more text is needed?

Yes, at least for the "Reg Types" with different "Min Lifetime" / "Max 
Lifetime" / "Lifetime" values.

-Lauri

Hi Lauri,

Some more thougths...

Lauri Silvennoinen wrote:
> On Mon, 18 Aug 2008, Julien Laganier wrote:
>>
>> Ok for the usecase, but shouldn't this be considered as an error from 
>> the MN. The MN implementation supposedly knows that RVS and ICE are 
>> exclusive, and shouldn't try to register for both at the same time on 
>> the same node.
> 
> It can and should be considered as an error from the Requester. However, 
> this does not mean that the Requester cannot send such a message. I'm 
> mostly concerned about the server implementation in all of the issues. 
> Thus the question is: how does the server respond to a registration 
> attempt having services that cannot co-exist. RFC 5203 does not provide 
> instructions for this. Are you suggesting that the server should just 
> silently drop such a request? If so, this should be put in clear text 
> into the RFC.

I think since the RFC allows the server to cancel the earlier 
registration (sending

>>> ...
>>
>> In that case, wouldn't be needed to signal to the MN which types of 
>> registration have to be canceled for the requested one to be granted?
>>
> 
> This would be even better, but then we would need individual Failure Types
> for each registration that needs to be cancelled. So instead of
> 
>     Failure Type    Reason
>     ------------    --------------------------------------------
>     2               Cancellation required
> 
> we would have for example:
> 
>     Failure Type    Reason
>     ------------    --------------------------------------------
>     101             RVS Cancellation required
>     102             HIP RELAY Cancellation required
>     103             ...
>     ...
> 
> This could get too complicated when the number of HIP services (and HIP 
> service related specifications) increases. So I would stick to the 
> single "Cancellation required" value instead and let it be local policy 
> at the Requester to know which services cannot co-exist. Either way, 
> isn't it better to signal "Cancellation required" than "Registration 
> requires additional credentials" or "Registration type unavailable" (or 
> to remain silent) in this case?
> 
>>> ... but nothing is said about multiple REG_INFOs in the draft.
>>
>> Thus an additional specification would be required it seems.
> 
> Yes.
> 
>>>  2) How to handle REG_REQUEST, REG_RESPONSE and REG_FAILED parameters 
>>> that
>>>     have redundant services? These parameters are of the following form:
>>> ...
>>
>> I consider this as broken behavior from the registrar side, but anyway 
>> it seems the MN could simply ignore duplicates Reg types with no harm.
> 
> Broken behavior yes, but again, the RFC does not state in clear text how 
> to handle such a case. If a REG_REQUEST has redundant services, then 
> it's broken behavior at the Requester side. If a REG_RESPONSE or a 
> REG_FAILED has redundant services, then it's broken behavior at the 
> Registrar side. I suggest the following:
> 
> The REG_REQUEST case i.e. the client has requested redundant services. 
> The server should not allow any broken behavior from the client. 
> Therefore the whole packet having redundant services should be just 
> silently dropped. Note that the process of handling the REG_REQUEST 
> parameter at the server involves the creation of some kind of 
> registration state and that this creation can be time and resource 
> consuming.
> 
> The REG_RESPONSE and REG_FAILED cases i.e. the server has granted/denied 
> redundant services. This should be a local policy issue at the client. 
> If the server shows broken behavior, the client can always choose to use 
> another server.
> 
>>>  3) What happens if registration cancellation does not succeed? In 
>>> Section
>>>     5 it is said:
>>> ...
>>
>> Again that would be broken behavior from the registrar side, we have a 
>> SHOULD there. If it doesn't do so, then it either doesn't reply or 
>> send REG_FAILED, in any case the MN would not be be mistaken in 
>> believing the cancellation was successful.
> 
> Perhaps this could be clarified by saying "The Requester cannot assume 
> that the cancellation was successful until it receives a REG_RESPONSE 
> with a zero lifetime."
> 
>> Do you think more text is needed?
> 
> Yes, at least for the "Reg Types" with different "Min Lifetime" / "Max 
> Lifetime" / "Lifetime" values.
> 
> -Lauri

[sorry for resent, wronly hit CTRL+ENTER]

Hi Lauri,

Some more thougths...

Lauri Silvennoinen wrote:
> On Mon, 18 Aug 2008, Julien Laganier wrote:
>>
>> Ok for the usecase, but shouldn't this be considered as an error from 
>> the MN. The MN implementation supposedly knows that RVS and ICE are 
>> exclusive, and shouldn't try to register for both at the same time on 
>> the same node.
> 
> It can and should be considered as an error from the Requester. However, 
> this does not mean that the Requester cannot send such a message. I'm 
> mostly concerned about the server implementation in all of the issues. 
> Thus the question is: how does the server respond to a registration 
> attempt having services that cannot co-exist. RFC 5203 does not provide 
> instructions for this. Are you suggesting that the server should just 
> silently drop such a request? If so, this should be put in clear text 
> into the RFC.

I think since the RFC allows the server to cancel the earlier 
(incompatible) registration, then it should do that, and grant the new one:

    A registrar (and an attached service) MAY cancel a
    registration before it expires, at its own discretion.  However, if
    it does so, it SHOULD send a REG_RESPONSE with a zero lifetime to all
    registered requesters.

>>> ...
>>
>> In that case, wouldn't be needed to signal to the MN which types of 
>> registration have to be canceled for the requested one to be granted?
>>
> 
> This would be even better, but then we would need individual Failure Types
> for each registration that needs to be cancelled. So instead of
> 
>     Failure Type    Reason
>     ------------    --------------------------------------------
>     2               Cancellation required
> 
> we would have for example:
> 
>     Failure Type    Reason
>     ------------    --------------------------------------------
>     101             RVS Cancellation required
>     102             HIP RELAY Cancellation required
>     103             ...
>     ...
> This could get too complicated when the number of HIP services (and HIP 
> service related specifications) increases. So I would stick to the 
> single "Cancellation required" value instead and let it be local policy 
> at the Requester to know which services cannot co-exist. Either way, 
> isn't it better to signal "Cancellation required" than "Registration 
> requires additional credentials" or "Registration type unavailable" (or 
> to remain silent) in this case?

Defining new failure types wouldn't be good. I was thinking more about 
piggybacking to the REG_FAILED for "cancellation required" with a 
REG_TYPES_TO_CANCEL parameter containing the registrations types that 
shall be cancelled before the requested registration is granted. But 
that seems to complex. Since this is somehow an error case from the 
requester I think we should do as I suggested earlier, i.e. the 
registrar signal that incompatible registations were cancelled, and 
accpet the new one.

>>> ... but nothing is said about multiple REG_INFOs in the draft.
>>
>> Thus an additional specification would be required it seems.
> 
> Yes.

I am not sure it is required to indicate different lifetimes for 
different services though. If you really want to handle various 
lifetime, you can get the same result by announcing the min lifetime of 
services you're offering for all services.

>>>  2) How to handle REG_REQUEST, REG_RESPONSE and REG_FAILED parameters 
>>> that
>>>     have redundant services? These parameters are of the following form:
>>> ...
>>
>> I consider this as broken behavior from the registrar side, but anyway 
>> it seems the MN could simply ignore duplicates Reg types with no harm.
> 
> Broken behavior yes, but again, the RFC does not state in clear text how 
> to handle such a case. If a REG_REQUEST has redundant services, then 
> it's broken behavior at the Requester side. If a REG_RESPONSE or a 
> REG_FAILED has redundant services, then it's broken behavior at the 
> Registrar side. I suggest the following:
> 
> The REG_REQUEST case i.e. the client has requested redundant services. 
> The server should not allow any broken behavior from the client. 
> Therefore the whole packet having redundant services should be just 
> silently dropped. 

I disagree. If we follow the "be conservative in what you send, liberal 
in what you accept", a peer receiving duplicate registration types 
should just ignore the duplicated occurrences.

> Note that the process of handling the REG_REQUEST 
> parameter at the server involves the creation of some kind of 
> registration state and that this creation can be time and resource 
> consuming.
> 
> The REG_RESPONSE and REG_FAILED cases i.e. the server has granted/denied 
> redundant services. This should be a local policy issue at the client. 
> If the server shows broken behavior, the client can always choose to use 
> another server.
> 
>>>  3) What happens if registration cancellation does not succeed? In 
>>> Section
>>>     5 it is said:
>>> ...
>>
>> Again that would be broken behavior from the registrar side, we have a 
>> SHOULD there. If it doesn't do so, then it either doesn't reply or 
>> send REG_FAILED, in any case the MN would not be be mistaken in 
>> believing the cancellation was successful.
> 
> Perhaps this could be clarified by saying "The Requester cannot assume 
> that the cancellation was successful until it receives a REG_RESPONSE 
> with a zero lifetime."

I think this is implicit in the specification, don't you think so?

>> Do you think more text is needed?
> 
> Yes, at least for the "Reg Types" with different "Min Lifetime" / "Max 
> Lifetime" / "Lifetime" values.

As I said, not sure that's really needed for any usecase. And in case 
you really have a hard requirement to support that, you could configure 
different Registrars announcing different lifetimes w/ different HITs on 
the same node. That can be left to implementation.

--julien

Hi Julien,

On Tue, 19 Aug 2008, Julien Laganier wrote:
> Hi Lauri,
> Some more thougths...
>>
>>  It can and should be considered as an error from the Requester.
>>  However, this does not mean that the Requester cannot send such a
>>  message. I'm mostly concerned about the server implementation in all
>>  of the issues. Thus the question is: how does the server respond to a
>>  registration attempt having services that cannot co-exist. RFC 5203
>>  does not provide instructions for this. Are you suggesting that the
>>  server should just silently drop such a request? If so, this should be
>>  put in clear text into the RFC.
>
> I think since the RFC allows the server to cancel the earlier 
> (incompatible) registration, then it should do that, and grant the new 
> one:
>
>    A registrar (and an attached service) MAY cancel a
>    registration before it expires, at its own discretion.  However, if
>    it does so, it SHOULD send a REG_RESPONSE with a zero lifetime to all
>    registered requesters.

This would be reasonable behavior from the server. However, this is not 
implicit in the RFC and in my opinion needs clarification. The paragraph 
from the RFC above talks about "sending a REG_RESPONSE with a zero 
lifetime to _all_ registered requesters". Because of the word "all" there, 
the paragraph gives the impression that the server decides to remove the 
whole service from the supported services' pool and thus signals to all 
its clients the new set of supported services.

This is not what we want here. A server can support both RVS and full 
relay services at the same time but a single client cannot be registered 
to both these services simultaneously. Therefore, the server should send a 
REG_RESPONSE with a zero lifetime only to the client who sent the 
REG_REQUEST.

Also, because "the registrar MUST NOT include more than one REG_RESPONSE 
parameter in its R2 or UPDATE packets" the client will receive at least 
two packets in response to a sent REG_REQUEST in this case. The figure on 
[Page 3] is in conflict with this behavior.

> Defining new failure types wouldn't be good. I was thinking more about 
> piggybacking to the REG_FAILED for "cancellation required" with a 
> REG_TYPES_TO_CANCEL parameter containing the registrations types that 
> shall be cancelled before the requested registration is granted. But 
> that seems to complex. Since this is somehow an error case from the 
> requester I think we should do as I suggested earlier, i.e. the 
> registrar signal that incompatible registations were cancelled, and 
> accpet the new one.

This works but as I said earlier, at least two packets will be sent in 
response. With Failure Type "Cancellation required" this would not happen. 
Alternatively multiple REG_RESPONSEs could be allowed in one packet.

> I am not sure it is required to indicate different lifetimes for 
> different services though. If you really want to handle various 
> lifetime, you can get the same result by announcing the min lifetime of 
> services you're offering for all services.

This is confusing for the server administrator. If the server supports two 
services S1 and S2 with lifetime boundaries configured as:

S1 min 30s   max 120s
S2 min 3600s max 86400s

the server would then signal [S1, S2 (30 86400)] in REG_INFO, and so the 
administrator's configurations are not respected.

Next, the client wants to register to service S2 for 3600 seconds and 
sends a REG_REQUEST [S2 (3600)]. The server then checks the lifetime 
boundaries for the service S2 again and sends a REG_RESPONSE [S2 (120)].

Yep, this works, but it is illogical to signal different lifetime 
boundaries than what are later granted. This issue could be easily fixed 
by allowing multiple REG_INFOs / REG_RESPONSEs / REG_REQUESTs in one 
packet or by altering the parameters' formats.

>>  The REG_REQUEST case i.e. the client has requested redundant services.
>>  The server should not allow any broken behavior from the client.
>>  Therefore the whole packet having redundant services should be just
>>  silently dropped.
>
> I disagree. If we follow the "be conservative in what you send, liberal 
> in what you accept", a peer receiving duplicate registration types 
> should just ignore the duplicated occurrences.

Fair enough, but this should be said in the RFC.

>> >  Again that would be broken behavior from the registrar side, we have 
>> >  a SHOULD there. If it doesn't do so, then it either doesn't reply or 
>> >  send REG_FAILED, in any case the MN would not be be mistaken in 
>> >  believing the cancellation was successful.
>>
>>  Perhaps this could be clarified by saying "The Requester cannot assume
>>  that the cancellation was successful until it receives a REG_RESPONSE
>>  with a zero lifetime."
>
> I think this is implicit in the specification, don't you think so?

Hmmm...

    The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
    "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
    document are to be interpreted as described in RFC 2119 [RFC2119].

RFC 2119:

3. SHOULD   This word, or the adjective "RECOMMENDED", mean that there
    may exist valid reasons in particular circumstances to ignore a
    particular item, but the full implications must be understood and
    carefully weighed before choosing a different course.

So are "the full implications understood and carefully weighed" when the 
server does not send a REG_RESPONSE? "Carefully weighing" for me means 
that the issue is thought over and written in the RFC. I'm not saying this 
is an important point, but if the RFC is to be revised, the following 
clarification wouldn't hurt:

"The Requester SHOULD NOT assume that the cancellation was successful 
until it receives a REG_RESPONSE with a matching Reg Type and a zero 
lifetime."

>>  Yes, at least for the "Reg Types" with different "Min Lifetime" / "Max
>>  Lifetime" / "Lifetime" values.
>
> As I said, not sure that's really needed for any usecase. And in case 
> you really have a hard requirement to support that, you could configure 
> different Registrars announcing different lifetimes w/ different HITs on 
> the same node. That can be left to implementation.

Good point, but this would increase the administrative work.

-Lauri

Mon	Tue	Wed	Thu	Fri	Sat	Sun

				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

10	June 2013
7	May 2013
8	April 2013
9	March 2013
9	February 2013
5	January 2013
10	December 2012
15	November 2012
26	October 2012
40	September 2012
6	August 2012
17	July 2012
13	June 2012
5	May 2012
10	April 2012
9	March 2012
4	February 2012
6	January 2012
5	December 2011
7	November 2011
8	October 2011
21	September 2011
1	August 2011
9	July 2011
5	May 2011
12	April 2011
32	March 2011
33	February 2011
41	January 2011
16	December 2010
17	November 2010
40	October 2010
26	September 2010
15	August 2010
45	July 2010
46	June 2010
68	May 2010
78	April 2010
48	March 2010
55	February 2010
68	January 2010
75	December 2009
10	November 2009
23	October 2009
11	September 2009
40	August 2009
101	July 2009
22	June 2009
13	May 2009
2	April 2009
20	March 2009
6	February 2009
5	January 2009
15	November 2008
16	October 2008
13	September 2008
12	August 2008
34	July 2008
7	June 2008
10	May 2008
14	April 2008
1	March 2008
11	February 2008
22	January 2008
50	December 2007
26	November 2007
6	October 2007
63	September 2007
20	August 2007
20	July 2007
103	June 2007
28	May 2007
31	April 2007
31	March 2007
17	February 2007
10	January 2007
2	December 2006
7	November 2006
12	October 2006
13	September 2006
12	August 2006
7	July 2006
22	June 2006
26	May 2006
71	April 2006
40	March 2006
19	February 2006
13	January 2006
7	December 2005
48	November 2005
42	October 2005
24	September 2005
47	August 2005
74	July 2005
48	June 2005
48	May 2005
21	April 2005
53	March 2005
46	February 2005
33	January 2005
29	December 2004
48	November 2004
133	October 2004
67	September 2004
12	August 2004
58	July 2004
69	June 2004
50	May 2004
109	April 2004
56	March 2004

Question about multiple HIs for a single host

Question about multiple HIs for a single host

Re: Question about multiple HIs for a single host

HIP Registration Extension (fwd)

Re: HIP Registration Extension (fwd)

hip4inter.net HIP daemon code relicensed

Re: HIP Registration Extension

Re: HIP Registration Extension

Re: HIP Registration Extension

Re: HIP Registration Extension