Summary: Needs 7 more YES or NO OBJECTION positions to pass.
Thank you for this useful and easy to read document. Please also address the IoT Directorate review by Samita Chakrabarti: https://datatracker.ietf.org/doc/review-ietf-dhc-mac-assign-06-iotdir-lc-chakrabarti-2020-05-11/ Regards -éric
[ Thank you for addressing my DISCUSS, I've cleared.] Thank you for writing this -- I *do* like this document, and agree that it solves a real problem (e.g: http://grouper.ieee.org/groups/802/PrivRecsg/email/msg00164.html ), but would like to make sure that it is deployable without causing sadness... I think it would be useful to also add some text around policy limits / DoS. As examples, would you expect that this would be enabled on "regular" user interfaces (e.g at my local coffee shop), or is it more designed for datacenters and IoT VLANs? Either way, should a device be able to ask for 00:00:00:00:00:01 and 2^48-2 addresses? The document does say things like: "In particular, the server may send a different starting address than requested, or grant a smaller number of addresses than requested.", but it might be nice to also include something like "implementations should allow configuration of the maximum number of addresses to allocate" or something similar (yes, an attacker could keep coming back and looking like a new device, but...)
Amazingly, “MAC” is not flagged as well-known in the RFC Editor abbreviations list (we probably should suggest that “MAC address” be so flagged), so it should be expanded on first use in the Introduction. — Section 1 — a link-layer assignment mechanisms allows for conflicts to be avoided Nit: “mechanism”, singular. types of resources (non-temporary addresses, temporary addresses, prefixes, but also many options) The “but” feels wrong here. I think I would change “but also” to “as well as”. and has necessary infrastructure (numerous server and client implementations, large deployed relay infrastructure, supportive solutions, like leasequery and failover) to maintain such assignment Two things here: you used “allocate” before, not “assign”, so “such assignment” doesn’t work. And the parenthetical is too long for it to split the sentence as it does: NEW and has necessary infrastructure to maintain such allocation (numerous server and client implementations, large deployed relay infrastructure, supportive solutions like leasequery and failover) END specified an optional specification (IEEE 802c) that divides this “specified a specification” is awkward. It’s probably better as “published an optional specification”. Also, why isn’t “IEEE 802c” a proper reference citation? You do have the reference, and it’s cited in Appendix A. Why not cite it here? — Section 4.1 — block), to be then assigned for use to the final end-devices. I would say, “to be then assigned for use by the final end-devices,” or, “to be then assigned to the final end-devices for their use.” One relevant example of scenario of application of this mode is large scale virtualization. “example of scenario of application of this mode” doesn’t work. How about, “Large-scale virtualization is one application scenario for proxy client mode.”? hypervisor is likely to increase its addresses usage. Nit: “address usage” — Section 4.2 — This mode is used when an entity acts as a DHCP client and requests available DHCP servers to assign one or more addresses (an address block) for its own use. I don’t think you mean “for its own use”, which would be referring to one of the servers. I think you mean that the block is for the client’s use, so just “for its use.” — Section 4.3 — An administrator may also disable the need for the renewal mechanism by setting the T1 and T2 values to infinity. You already said this a few paragraphs earlier. Maybe check the organization of this section? small footprint devices may choose to not support it. Nit: hyphenate “small-footprint”. — Section 6 — A client sets the extra-addresses field to either 0 for a single address or to the size of the requested address block minus 1. Think of “either” and “both” as parentheses. Here, the word “to” is outside the parentheses and shouldn’t be repeated inside. So make it “to either 0 for a single address or the size...” or “either to 0 for a single address or to the size...”. — Section 7 — or an address or addresses different than those requested. Nit: either “different from” (US usage) or “different to” (UK usage), but not “different than”. — Section 13 — There is a possibility of the same link-layer address being used by more than one device if not all parties on a link use this mechanism to obtain a link-layer address from the space assigned to the DHCP server. It is also possible that a bad actor purposely uses a device's link-layer address. It seems that it would be worth adding something about what the consequences of that are. Might it also be worth mentioning that a malicious client could request a very large block of addresses and thus deplete the supply available to legitimate clients? If so, noting possible defense against that (such as a server policy about maximum address block size) might also be useful.