Telechat Review of draft-ietf-core-cocoa-03
review-ietf-core-cocoa-03-secdir-telechat-roca-2018-03-22-00
Request | Review of | draft-ietf-core-cocoa |
---|---|---|
Requested revision | No specific revision (document currently at 03) | |
Type | Telechat Review | |
Team | Security Area Directorate (secdir) | |
Deadline | 2018-03-06 | |
Requested | 2018-02-09 | |
Authors | Carsten Bormann , August Betzler , Carles Gomez , Ilker Demirkol | |
I-D last updated | 2018-03-22 | |
Completed reviews |
Tsvart Early review of -02
by Wesley Eddy
(diff)
Opsdir Telechat review of -02 by Scott O. Bradner (diff) Secdir Telechat review of -03 by Vincent Roca Opsdir Telechat review of -03 by Scott O. Bradner Tsvart Telechat review of -03 by Wesley Eddy Genart Telechat review of -03 by Christer Holmberg |
|
Assignment | Reviewer | Vincent Roca |
State | Completed | |
Request | Telechat review on draft-ietf-core-cocoa by Security Area Directorate Assigned | |
Reviewed revision | 03 | |
Result | Has nits | |
Completed | 2018-03-22 |
review-ietf-core-cocoa-03-secdir-telechat-roca-2018-03-22-00
Hello, I have reviewed this document as part of the security directorate’s ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Summary: Ready with nits This document proposes an improved congestion control for CoAP. Its Security Considerations section lists several RFCs whose security discussion may apply, and in particular [RFC7252]. This is a bit annoying as the security considerations section of RFC 7252 is 6 pages long. What do you mean more precisely? What should the implementer care about? Otherwise I agree with the authors that attacks preventing the delivery of some packets are hard to prevent while seriously impacting CoCoA. Such attacks are however limited to a single flow. What about the opposite (misleading the sender and making him unresponsive to congestion signals)? This would be a more serious issue. This is not specific to CoAP but could CoAP simplify this type of attack? Other comments: ** Introduction: In sentence "For non-confirmable packets, it also limits the sending rate to 1/RTO;" I have problems understanding what "non-confirmable" means. ** Section 3: When saying that "CoCoA has been found to perform well in scenarios with latencies ranging from the order of milliseconds to peaks of dozens of seconds,..." what do you mean by "latency"? Is it the transmission and/or propagation times? Is it related to the access method? Not very clear. And I'm a bit surprised by the value of "dozens of seconds »? Is it just a simulation parameter or is it realistic. ** Section 3: (corollary) the default initial RTO is set to 2 to 3 seconds, i.e., well below the "dozens of seconds" mentioned above. ** Appendix B. Pseudocode: As a general comment, I don't like function definitions where input and output are not defined, where global versus local variables are not defined, where persistant variables (global or static local variables) are not defined. For instance, between two calls to updateRTO(), should the RTO variable keep its previous value (I assume it is the case) or not? Same question for RTTVAR_strong, RTT_strong. And in appendix B.1., since you provide C-type pseudo-code, it's better to use a final ";" during default value initialisation (or #define if this is a constant). Cheers, Vincent