Multicast Listener Discovery Version 2 (MLDv2) for IPv6
draft-ietf-pim-3810bis-12
Yes
Gunter Van de Velde
No Objection
Erik Kline
Jim Guichard
Warren Kumari
Note: This ballot was opened for revision 11 and is now closed.
Gunter Van de Velde
Yes
Deb Cooley
No Objection
Comment
(2024-08-04 for -11)
Sent
Thanks to Valery Smyslov for his secdir review. I'm copying part of his review here: -------------------------------------------- I think that the Security Consideration section should be expanded and be rewritten in a more structural way. In particular, it should be mentioned that the protocol lacks any cryptographic protection, thus its messages are not authenticated, provide no confidentiality and can be replayed. Then I would discuss the consequences of each of these deficiencies. The lack of replay protection seems to have no effect on the protocol security, because it is (at least it should be) designed so that it tolerates IP packets duplication (correct me if I'm wrong, I read the protocol itself briefly, but this was my impression). The lack of authentication leads to possible message forgery. The corresponding attacks are described in the draft, however, I'm not sure taht the list is complete. For example, it seems to me that forged Current State Report message from a malicious node may report a lot number of faked listening multicast addresses, aiming to consume router's resources (a kind of DoS attack). The lack of confidentiality is not discussed in the draft. In fact, it leads to privacy issues - any passive attacker on the local link can learn what multicast addresses other nodes are listen to, which may be quite sensitive information. --------------------------- With respect to that review, and the author response: It is understood that it is very difficult/impossible to provide either confidentiality or integrity protection for traffic in protocols such as MLD - both multicast and discovery. From my point of view, the only option would be to modify the Security Consideration section. I think one could use Valery's suggestions, as appropriate (if replay isn't an issue, then leave that part out, etc.). Thanks for your attention.
Erik Kline
No Objection
Jim Guichard
No Objection
Murray Kucherawy
No Objection
Comment
(2024-08-07 for -11)
Sent
I reviewed the diff between this and RFC3810 only for this position. I don't understand the SHOULD NOTs in Section 5.2.13. What harm to interoperability results from sending them if they are simply ignored?
Orie Steele
No Objection
Comment
(2024-08-04 for -11)
Sent
# Orie Steele, ART AD, comments for draft-ietf-pim-3810bis-11 CC @OR13 https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-pim-3810bis-11.txt&submitcheck=True ## Comments ### Why not MUST NOT? ``` 1182 multicast address, if it is non-empty. An SSM-aware host 1183 SHOULD NOT send a MODE_IS_EXCLUDE record type for multicast 1184 addresses that fall within the SSM address range as they will 1185 be ignored by SSM-aware routers [RFC4604]. ``` ``` 1206 the specified multicast address, if it is non-empty. An SSM- 1207 aware host SHOULD NOT send a CHANGE_TO_EXCLUDE_MODE record 1208 type for multicast addresses that fall within the SSM address 1209 range. ``` Is this simply a SHOULD because it won't cause harm, because it is ignored? Are there cases where an SSM-aware host MUST / MUST NOT send MODE_IS_EXCLUDE or CHANGE_TO_EXCLUDE_MODE ? ### Why not MUST? ``` 1292 Records of the Report message. From now on, it will treat packets 1293 sent to those multicast addresses according to this new listening 1294 state. Once a valid link-local address is available, a node SHOULD 1295 generate new MLDv2 Report messages for all multicast addresses joined 1296 on the interface. ``` Under which conditions should a node not generate new new MLDv2 Report messages. ``` 2414 SHOULD log an error. It is RECOMMENDED that implementions provide a 2415 configuration option to disable use of Host Compatibility Mode to 2416 allow networks to operate only in SSM mode. This configuration 2417 option SHOULD be disabled by default. ``` implementions -> implementations Under which conditions is it ok to leave this configuration enabled by default?
Roman Danyliw
No Objection
Comment
(2024-07-29 for -11)
Sent
Thank you to Russ Housley for the GENART review. ** Idnits reported the following: -- The document seems to contain a disclaimer for pre-RFC5378 work, and may have content which was first submitted before 10 November 2008. The disclaimer is necessary when there are original authors that you have been unable to contact, or if some do not wish to grant the BCP78 rights to the IETF Trust. If you are able to get all authors (current and original) to grant those rights, you can and should remove the disclaimer; otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) Has one of the original authors of RFC3376 been approached to file the appropriate paperwork with the Trust to assign the new rights?
Warren Kumari
No Objection
Zaheduzzaman Sarker
No Objection
Comment
(2024-08-08 for -11)
Not sent
Thanks for working on this specification.
Éric Vyncke
No Objection
Comment
(2024-08-06 for -11)
Sent
# Éric Vyncke, INT AD, comments for draft-ietf-pim-3810bis-11 Thank you for the work put into this document. I have mainly reviewed the diff with RFC 3810: https://author-tools.ietf.org/iddiff?url1=rfc3810&url2=draft-ietf-pim-3810bis-11&difftype=--html Please find below some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and one nit. Special thanks to Stig Venaas for the shepherd's detailed write-up including the WG consensus *but it lacks* the justification of the intended status (i.e., it is "Internet Standard"). Other thanks to Sheng Jiang, the Internet directorate reviewer (at my request), please consider this int-dir review: https://datatracker.ietf.org/doc/review-ietf-pim-3376bis-11-intdir-telechat-halley-2024-07-28/ (just one nit that I have repeated in my ballot) I hope that this review helps to improve the document, Regards, -éric # COMMENTS (non-blocking) ## Section 5.1.6 Should the IANA registry name be used rather than the reference to the RFC creating that registry ? Unsure whether allocation is the right term to be used here, suggest to use "Specification". Should there be the usual text "unassigned bits in the Flags field MUST be set to 0 on transmission and MUST be ignored on reception" ? ## Section 5.1.11 Should `unicast addresses` be refined ? I.e., can it be link-local ? or unspecified ? ## Appendix B.1 Unsure whether this section (about changes from MLDv1) is useful in a -bis document. # NITS (non-blocking / cosmetic) ## Sections 7.6.2 Repeating Sheng Jiang nits about using lower case in IPv6 addresses per RFC 5952 (especially since all other IPv6 addresses are rightfully written).