>          A single advertisement MUST be broken into separately sent
>          components if there is more than one Certificate option, in
>          order to avoid excessive fragmentation at the IP layer.  Unlike
>          the fragmentation at the IP layer, individual components of an
>          advertisement may be stored and used before all the components
>          have arrived; this makes them slightly more reliable and less
>          prone to Denial-of-Service attacks.

Seems wrong. the sender should definitely fragment as necessary, but
the protocol should not require it if two Certificate options could
fit in a single message. some link types have large MTUs. Hmm, maybe
this is to keep the algorithms simple. That might be OK.

> Component
> 
>        A 16-bit unsigned integer field, used for informing the
>        receiver which certificate is being sent, and how many are
>        still left to be sent in the whole chain.

I don't see how the receiver can learn (definitively) how many
certificates there are in a reply. the protocol seems to assume the
first response will not get lost, and the component value indicates
the number of messages. This seems unrobust. Given that there are
reserved/unused fields, why not just include the total number in all
messages? (And for that matter, would it be useful to allow a request
to indicate which component needs to be retransmitted? This would
help remove systematic failures, which is one of  the reasons IP
fragmentation is problematic.

---------

James Kempf:

Yes, the idea is to keep the processing simple. The receiving host can
validate one certificate while the other is being sent.

We can modify Component so that it is the total length of the path,
and the total number. We can also add a field in the DCS allowing the
sender to request specific certificates in the path. Would that
address the concern?

---------

Thomas Narten: Yep.

---------

Arkko: Frag scheme, Ok to send one cert at a time for simple protocol
and implementation, add length of chain.

Bellovin: Add Appendix about length of DCA packets in prototype impl.

Action Item: Write appendix with length of DCA packets.

---------

---------

---------

---------