Re: [Edm] Thoughts on greasing mechanisms

Mirja Kuehlewind <ietf@kuehlewind.net> Fri, 13 November 2020 08:34 UTC

Return-Path: <ietf@kuehlewind.net>
X-Original-To: edm@ietfa.amsl.com
Delivered-To: edm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F25CD3A164E; Fri, 13 Nov 2020 00:34:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dxiPoaakCyDD; Fri, 13 Nov 2020 00:34:16 -0800 (PST)
Received: from wp513.webpack.hosteurope.de (wp513.webpack.hosteurope.de [IPv6:2a01:488:42:1000:50ed:8223::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FAFB3A1648; Fri, 13 Nov 2020 00:34:15 -0800 (PST)
Received: from p200300dee707b600088b61e08819d0e9.dip0.t-ipconnect.de ([2003:de:e707:b600:88b:61e0:8819:d0e9]); authenticated by wp513.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1kdUX2-0000LH-Na; Fri, 13 Nov 2020 09:34:08 +0100
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Mirja Kuehlewind <ietf@kuehlewind.net>
In-Reply-To: <515CABD7-FC05-443E-8DB1-8C34DB47A394@mnot.net>
Date: Fri, 13 Nov 2020 09:34:06 +0100
Cc: edm@iab.org, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>, Martin Thomson <mt@lowentropy.net>
Content-Transfer-Encoding: quoted-printable
Message-Id: <A3F4201B-0595-4967-AED6-01B9567D5BBB@kuehlewind.net>
References: <C26B3C62-D9DA-4A86-A60B-AB61A4F899C5@apple.com> <FDDC396D-8712-4995-9C47-D0E630E90BF0@kuehlewind.net> <515CABD7-FC05-443E-8DB1-8C34DB47A394@mnot.net>
To: Mark Nottingham <mnot@mnot.net>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-bounce-key: webpack.hosteurope.de;ietf@kuehlewind.net;1605256456;9d1ad855;
X-HE-SMSGID: 1kdUX2-0000LH-Na
Archived-At: <https://mailarchive.ietf.org/arch/msg/edm/YVW1jcRslJ0VqSPbmIu-IQ7UHNo>
Subject: Re: [Edm] Thoughts on greasing mechanisms
X-BeenThere: edm@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Evolvability, Deployability, & Maintainability \(Proposed\) Program" <edm.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/edm>, <mailto:edm-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/edm/>
List-Post: <mailto:edm@iab.org>
List-Help: <mailto:edm-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/edm>, <mailto:edm-request@iab.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2020 08:34:18 -0000


> On 12. Nov 2020, at 23:26, Mark Nottingham <mnot@mnot.net> wrote:
> 
> 
> 
>> On 13 Nov 2020, at 6:06 am, Mirja Kuehlewind <ietf@kuehlewind.net> wrote:
>> 
>> Hm… I guess I have to say I’m not the biggest greasing “fan”. Greasing has proven a really useful mechanism, e.g. in the case of TLS to actually detect broken systems, however, I’m a bit sad that we need to build in the same hack into brand new protocols as it feels to me like a waste to reserve codepoints for that (as a German always looking for efficiency ;-) ). And what you propose maybe feels like you just add more bits to it.
> 
> Why are new protocols different? Once they get deployed, they become not-new protocols, so why should our expectations change regarding ossification? 

I’m still hoping we can be smarter than this for new protocols… As I said greasing is a good way to detect ossification. Not sure if it really will avoid ossification.

> 
>> Maybe we need to consider better in protocol design that we not only make sure extension mechanisms are available but also frequently used and tested? Just a though…
> 
> I think that's exactly what greasing is -- exercising extension points artificially to assure that they maintain flexibility. 

The difference might be the word artificial.

> 
> 
> 
>>> On 8. Nov 2020, at 05:40, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org> wrote:
>>> 
>>> One of the items I’d like to get kicked off for our work in the EDM program is updating and working on draft-iab-use-it-or-lose-it, which analyzes some problems with extension point use and makes recommendations. One of the newer approaches it covers is “greasing”. I filed the following issue for discussion, and would like to hear the input of the people on this list.
>>> 
>>> https://github.com/intarchboard/edm/issues/7
>>> 
>>> Can greasing mechanisms avoid reserving or coordinating "fake" values?
>>> 
>>> In TLS, GREASE (https://www.rfc-editor.org/rfc/rfc8701.html) reserves several values in different extension code point spaces to be used for greasing—that is, endpoints will randomly select some of the reserved values to send to the peer in order to ensure that the peer can handle unknown values.
>>> 
>>> This is also described in the use-it-or-lose-it draft which EDM is looking at (https://intarchboard.github.io/use-it-or-lose-it/draft-iab-use-it-or-lose-it.html#rfc.section.4.3). The description here also refers to the approach of reserving these values.
>>> 
>>> For existing protocols like TLS, reserving values seems to be the safest option. The downside is that these values represent only a finite subset of possible values; it is possible to still ossify to allow reserved greased values, but not allow others (if your implementation is particularly obstructive). It is also necessary to choose a wide distribution of values that ensure that the entire range of possible values is kept from ossifying.
>>> 
>>> Reservation of values is harder for other kinds of extension points. For example, the proposed HTTP greasing (https://tools.ietf.org/html/draft-nottingham-http-grease-01) discusses greasing header names and values. Since these are strings and other arbitrary values, simply reserving these ahead of time doesn't make sense. The proposal here is to have a coordination effort where greased values are agreed upon by the community.
>>> 
>>> If we are looking at recommendations for new protocol design, I wonder if we can come up with recommendations that achieve the goals of greasing without needing to rely on either reservation or coordination.
>>> 
>>> A goal we could have is that an endpoint can (and would) generate random or unknown values for various extension points to prevent ossification; but not risk causing a peer that actually does understand and handle that value to think that the endpoint is trying to use a protocol feature. Put another way, the random value should be indistinguishable from a valid value to the receiver of the value that doesn't support the valid version of the value; but a receiver that does understand the valid version of the value should be able to distinguish a greased/random value from an intentional value.
>>> 
>>> Consider an extension point like the ones that are greased in TLS, where the values are numbers within a range (say, 16-bit integers). Rather than just using these as Types in a Type-Length-Value scheme, the encoding could also include a value that proves if the sender is using a type based on a given version of a standard, or is just sending random data. Call this Type-Length-Hash-Value. In this case, when a given type is reserved, it could also define a unique pattern that can be hashed with something that changes in a message where the extension appears (like a nonce). If the receiver also knows the same unique pattern, it could confirm that the sender has the same understanding of the type by calculating the hash. A receiver that doesn't understand the type wouldn't be able to tell whether or not this was greased or valid.
>>> 
>>> A similar approach could be taken when the extensible values are strings, etc, allowing implementations to send random values without coordination.
>>> 
>>> Curious to hear people’s thoughts!
>>> 
>>> Best,
>>> Tommy
>>> -- 
>>> Edm mailing list
>>> Edm@iab.org
>>> https://www.iab.org/mailman/listinfo/edm
>> 
> 
> --
> Mark Nottingham   https://www.mnot.net/
> 
> -- 
> Edm mailing list
> Edm@iab.org
> https://www.iab.org/mailman/listinfo/edm