IETF Logo Mail Archive

Re: [AVTCORE] Review of draft-engelbart-rtp-over-quic (David Schinazi)

Lucas Pardue <lucaspardue.24.7@gmail.com> Mon, 06 June 2022 22:50 UTC

Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A681C15AAC0 for <avt@ietfa.amsl.com>; Mon, 6 Jun 2022 15:50:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.856
X-Spam-Level:
X-Spam-Status: No, score=-1.856 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0FNr0OsUK4y9 for <avt@ietfa.amsl.com>; Mon, 6 Jun 2022 15:50:28 -0700 (PDT)
Received: from mail-qv1-xf34.google.com (mail-qv1-xf34.google.com [IPv6:2607:f8b0:4864:20::f34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F26A9C159497 for <avt@ietf.org>; Mon, 6 Jun 2022 15:50:27 -0700 (PDT)
Received: by mail-qv1-xf34.google.com with SMTP id ca19so4158442qvb.10 for <avt@ietf.org>; Mon, 06 Jun 2022 15:50:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bnaqfpr1djRYaHfHtqinzv7CUKU3ghelZdqXD2DOUc8=; b=muX9POT9jc/SFEcTIJPLiQD/t3Ls8gqzdL6892esWdEKuW8zVtitXD81c9nPaQfQu/ 7UO+UoPNJ13lB9Z5icQ9uOfsZT2atUAPOojaFf362RSpak8O5NCAiMyKJB5QCL4bIZFV dI4pWQJgzmnA1kHtVahgg85dQlfGAuczH/v0erSrBSOqry/+XSK6EArNmfX0uYvYLGEh G4/H2t9CophimYJkd1rg7VMpQTPzEZXaoSxzaMwVQZsnBc/ZSrrvtJCBMXHYLLLXWNKQ AlxMOSHB4u44BJm7sV2EODC8j0r+SE2JeKjEEdVGB3vrQjnXEqVwnNUwBnIVS0FKnWKz KXYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bnaqfpr1djRYaHfHtqinzv7CUKU3ghelZdqXD2DOUc8=; b=JY9q2iVexNTKgvQxp9O0Cxxs55CgQy/pPe4roikjv08XNAYSnRBbBalpe6fMjNVlvr NaAt7FWHFG2g5l0I78Tx3nmvTMqVkee4CuvWUoEPkMvLynecmYg6Ac0AJFMMxKNdCoqf B+gyHe8MlGOvdNSZb5IfwmxaqokC8DtT16JtMZ600Nz1UwQzeOJy54PHk36fyYkP7ykN bkr3nrOuZDf/HxEqyf/LZ5xSWlmbVmHl5bdkQ4dCwNjxGr04LXwAQ3bjMUiX08Getrkm PaHvtFKWF6p2NRcvr+K+uV8hya4EUpI06iZjELtlGOd/8c91VLat4DjtBIS1I8gWQS1g GB0Q==
X-Gm-Message-State: AOAM531LMJXSGCHJVdpF4mb//QNbVQPP29i7ae4nCvy6Nj7g4nGBGZl5 ZcId8+8YzquB+kty1lXWl6IY48SPdYfQXvFV1jnkfBAb
X-Google-Smtp-Source: ABdhPJywX5skiMvdoz7VBjzepP/sJmEWO8aroK+7HA1k/2IRqoJPhYWBl/yUVcL/4oOeq/DzAgzsU7ixQhrL4XpDqJA=
X-Received: by 2002:a05:6214:518f:b0:464:5788:fe55 with SMTP id kl15-20020a056214518f00b004645788fe55mr30712250qvb.4.1654555826776; Mon, 06 Jun 2022 15:50:26 -0700 (PDT)
MIME-Version: 1.0
References: <CAOW+2duZuSb_w2jAARmPYq0O0b4fYGtMtbPWAYxZDf8r-q=Cng@mail.gmail.com> <a75e4d70-b11e-d5a0-ce19-ce90bf8f2a84@in.tum.de> <CALGR9oY2jQuKvE_ES=_kb7XoQ6KCoxJtoyc0VdAZ4P-L4QT3Gg@mail.gmail.com> <CAPDSy+5Yud2rU4-0jA2UnuKwaX6TGiof6QHECDvaRosHd1sdsA@mail.gmail.com> <CAOW+2dsx-+jFiUgoAE3Rx1EB_f+=stXo9X2xeXw111jrR9Jn_Q@mail.gmail.com> <CAPDSy+4hvJ7icFtT3sgjAs4SBEKQ9E1LEDOYZ2fLbi60W_=+sg@mail.gmail.com> <CAOW+2dui5pBbyvxW+Af9AWjbKc7ROyZSBmt0MuKGSk0-oYzg6Q@mail.gmail.com> <CAPDSy+4COC-yyn0eDrYKYiDD6nCFUHA6kR+8FRzcKT82xA-8Og@mail.gmail.com> <1fcdc9a3-027a-a675-d850-84777d881c9a@in.tum.de> <CALGR9oYELJh9_vcaXSON81U_k6qAUA-=gSMcU0xNRsBaszWW3A@mail.gmail.com> <fd3f7252-ac24-9974-44d1-7dc76776d169@in.tum.de>
In-Reply-To: <fd3f7252-ac24-9974-44d1-7dc76776d169@in.tum.de>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Mon, 06 Jun 2022 23:50:17 +0100
Message-ID: <CALGR9oZhabGUqq06xAAshS0LNVEgjByX1VNpC9ZuuvVERnykKw@mail.gmail.com>
To: Joerg Ott <ott@in.tum.de>
Cc: David Schinazi <dschinazi.ietf@gmail.com>, Bernard Aboba <bernard.aboba@gmail.com>, IETF AVTCore WG <avt@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000050f02505e0cf4c4f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/c_jipJMvdEg6na7duqHbtLDctZ0>
Subject: Re: [AVTCORE] Review of draft-engelbart-rtp-over-quic (David Schinazi)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Jun 2022 22:50:28 -0000

Hey Joerg,

Thanks for working through that with me and I think we're aligned. The ALPN
codespace is wide, I think we have room to come up with some type of new
value that is clear and expressive for the various needs.

Something to to consider also, an approach that has worked well in the past
for HTTP/2 and HTTP/3.  Encode a draft version identifier in the ALPN
itself, this allows for endpoints to overcome  breaking changes to the wire
format while things are evolving.

Cheers
Lucas

On Mon, 6 Jun 2022, 23:41 Joerg Ott, <ott@in.tum.de> wrote:

> Hi Lukas,
>
> just to wrap this up:
>
> [snip]
>
> >     Now:
> >
> >     It is well understood that an ALPN is needed to identify a
> connection's
> >     target "instance" and thus indicate the protocol to be carried on
> top,
> >     be it h3 or something else.
> >
> >
> > I'd disagree a little with that interpretation. The ALPN token, by my
> > operating knowledge, denotes the specific pairing of an application
> > protocol bound to a secure protocol. For instance, there isn't a generic
> > "http" ALPN that can be used across TLS and QUIC, but rather each
> > version of HTTP describes a wire format and how it is expected to be
> > mapped on to the layer beneath it. That gives us "h2" and "h3", that are
> > used unambiguously.
> >
> > One might argue that it should be obvious what the app:security binding
> > is at the point when the ALPN extension is exchanged - the security
> > handshake. However, we've unfortunately decided in the IETF to use ALPN
> > tokens in other places outside the handshake, such as the Alt-Svc
> > header, the SVCB [2], the ALPN header [3], and possibly more.
>
> Ok, I wasn't much aware of the ALPN use outside the security handshake
> and hence considered this to be implied.
>
> I suppose with this correct interpretation we are in agreement.  Should
> not change anything else but confirm that we will need to have a
> separate registration for media-over-quic (as we cannot reuse 'webrtc'
> which assumes SRTP over DTLS IIRC).
>
> >     The reason I brought up the -- admittedly simplistic -- p2p vs. c-s
> >     dichotomy is that, in client-server interactions, we signal the
> protocol
> >     to be used with the initial contact to the server in the first
> packet we
> >     send.  That is, the semantics of the application protocol are derived
> >     exclusively from the (IANA-registered or otherwise uniquely defined
> >     ALPN).
> >
> >     In contrast, in the p2p real-time multimedia case, we usually do
> have an
> >     established signaling channel (SIP/SDP, HTTPS/SDP, whatever) via
> which
> >     the two endpoint negotiate which transports they want to use and how
> to
> >     use those.  That is, a complex SDP specification could clearly
> determine
> >     how many QUIC (or other) connections to open and how to use those
> and it
> >     could also define which ALPN to use for this very setup.  Whether
> this
> >     would be ephemeral ALPN or whether one would define (just for the
> sake
> >     of example) "rtp" (for a single RTP session), "rtp-mux" (for multiple
> >     multiplexed RTP sessions), and "rtp-udp-mux" (for mixed RTP and
> non-RTP
> >     sessions) would be up to be defined.  So, we could have well-defined
> >     ALPNs if needed and we would of course expect the QUIC library to
> ensure
> >     that ALPNs are checked and handled properly.  Your favorite
> quic_bind ()
> >     would be parameterized accordingly.  It seems that RFC 8833 defines
> an
> >     ALPN ("webrtc") for both RTP and data channels (in this case muxed in
> >     DTLS records) as one example for multiple protocols on top.
> >
> >
> > QUIC requires authenticated application protocol negotiation. So even if
> > you have an out of band mechanism like SDP, each QUIC handshake needs
> > something in band to support that.
> >
> > For the reasons I set out above, I would discourage people from defining
> > new generic ALPN tokens, or to overload an existing one to cover usage
> > of an application protocol over QUIC. For example, avoid using "rtp",
> > "webrtc" etc to mean anything special if it were seen in a QUIC
> handshake.
>
> Agreed.  As I noted above, I wasn't aware of the binding to a specific
> security mechanism, so would certainly not suggest a reinterpretation
> but do a clean new registration.
>
> > Where we do agree though is that an ALPN token can be used to clearly
> > express an application mapping over QUIC that allows multiple concurrent
> > application protocols in the same QUIC connection. The document defining
> > that ALPN token is then required to explain exactly how that wire format
> > works.
>
> Cheers,
> Jörg

v2.23.0 | Report a Bug | By Email