[DRAFT] ICD - Design document for Check-in handler #35866
Draft
+18
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Review changes with SemanticDiff. |
bba5d02 to
d50dba3
Compare
|
PR #35866: Size comparison from 83159c2 to d50dba3 Full report (88 builds for bl602, bl702, bl702l, cc13x4_26x4, cc32xx, cyw30739, efr32, esp32, linux, nrfconnect, nxp, psoc6, qpg, stm32, telink, tizen)
|
| @@ -0,0 +1,18 @@ | |||
| # Check-in handler overview | |||
|
|
|||
| ICD servers send check-in messages to a registered ICD client when a subscription is lost or one was never established. A subscription can be lost for several reasons, such as: | |||
There was a problem hiding this comment.
Suggested change
| ICD servers send check-in messages to a registered ICD client when a subscription is lost or one was never established. A subscription can be lost for several reasons, such as: | |
| ICD servers send check-in messages to a registered ICD client when a subscription is lost or one was never established. A subscription can be lost for a variety of reasons. Some non-exhaustive examples are: |
|
|
||
| • The client is unavailable for any reason | ||
|
|
||
| The Check-In handler in an ICD client is responsible for handling unsolicited check-in messages from an ICD server. All ICD clients should add support for Check-In protocol as it is a fail safe mechanism that provides a means to re-establish a secure session with an ICD server. The heart of the module is the check-in handler that receives and parses check-in messages from ICD servers. After ensuring the validity of the message, the check-in handler passes it on to the check-in protocol to parse the message and retrieves the ICD counter value. The ICD counter is used to derive the nonce in the encryption process of the check-in protocol. Beyond that, ICD counters are also used to detect repeated reception of the same message and eliminate duplicates. Once the maximum value for an ICD counter is reached, the counter should roll-over to 0 and when that is done, it is necessary for the ICD client to re-register with the ICD server using a fresh key. |
There was a problem hiding this comment.
Suggested change
| The Check-In handler in an ICD client is responsible for handling unsolicited check-in messages from an ICD server. All ICD clients should add support for Check-In protocol as it is a fail safe mechanism that provides a means to re-establish a secure session with an ICD server. The heart of the module is the check-in handler that receives and parses check-in messages from ICD servers. After ensuring the validity of the message, the check-in handler passes it on to the check-in protocol to parse the message and retrieves the ICD counter value. The ICD counter is used to derive the nonce in the encryption process of the check-in protocol. Beyond that, ICD counters are also used to detect repeated reception of the same message and eliminate duplicates. Once the maximum value for an ICD counter is reached, the counter should roll-over to 0 and when that is done, it is necessary for the ICD client to re-register with the ICD server using a fresh key. | |
| The Check-In handler in an ICD client is responsible for handling unsolicited check-in messages from an ICD server. All ICD clients should add support for Check-In protocol as it is a fail safe mechanism that provides a means to re-establish a secure session with an ICD server. The heart of the module is the check-in handler that receives and parses check-in messages from ICD servers. After ensuring the validity of the message, the check-in handler passes it on to the check-in protocol to parse the message and retrieve the ICD counter value. The ICD counter is used to derive the nonce in the encryption process of the check-in protocol. Beyond that, ICD counters are also used to detect repeated reception of the same message and eliminate duplicates. Once the maximum value for an ICD counter is reached, the counter should roll-over to 0 and when that is done, it is necessary for the ICD client to re-register with the ICD server using a fresh key. |
|
|
||
| • The client is unavailable for any reason | ||
|
|
||
| The Check-In handler in an ICD client is responsible for handling unsolicited check-in messages from an ICD server. All ICD clients should add support for Check-In protocol as it is a fail safe mechanism that provides a means to re-establish a secure session with an ICD server. The heart of the module is the check-in handler that receives and parses check-in messages from ICD servers. After ensuring the validity of the message, the check-in handler passes it on to the check-in protocol to parse the message and retrieves the ICD counter value. The ICD counter is used to derive the nonce in the encryption process of the check-in protocol. Beyond that, ICD counters are also used to detect repeated reception of the same message and eliminate duplicates. Once the maximum value for an ICD counter is reached, the counter should roll-over to 0 and when that is done, it is necessary for the ICD client to re-register with the ICD server using a fresh key. |
There was a problem hiding this comment.
I do wonder whether it's worth pointing to the relevant spec section here instead of trying to (poorly) duplicate it.
There was a problem hiding this comment.
It was just an attempt to provide a gist of what spreads across multiple paragraphs in the spec to someone who is looking at the design without any context. Didn't intend to make a poor duplicate. FYI, the PR is still a draft.
There was a problem hiding this comment.
@thivya-amazon I appreciate that this is still a draft, and if you would prefer that I not provide feedback on drafts, just let me know.
For the rest: It's hard to figure out, for me, what the right tradeoff here between talking about details and just giving an overview. But what I would suspect is most useful here is to give a high-level overview of what this thing is trying to accomplish, point to the relevant parts of the specification for details, and discuss which parts of the spec and which invariant enforcement are handled by the SDK code vs which parts are expected to be handed by the application.
Talking about behavior details here but simplifying compared to the spec risks getting them wrong in ways that will confuse people. As a concrete example, it is not in fact necessary for the ICD client to register when roll-over to 0 happens. It's necessary to do when 2^31 values have passed by, which could be way before rollover, or way after, depending on where one starts initially....
There was a problem hiding this comment.
What's the mechanism for ensuring this diagram is updated when the code changes?
The diagram is clearly generated by some tool; can the actual data file for the tool be checked in, so that the diagram is easy to fix if things change?
|
This pull request has been automatically marked as stale because it has not had recent activity. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Added a docs folder under src/app/icd to add implementation related documents and diagrams.