IETF Logo Mail Archive

Re: [Edm] Please review draft-iab-use-it-or-lose-it-01

Toerless Eckert <tte@cs.fau.de> Fri, 16 July 2021 23:17 UTC

Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: edm@ietfa.amsl.com
Delivered-To: edm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8324C3A0983 for <edm@ietfa.amsl.com>; Fri, 16 Jul 2021 16:17:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T2hVAlxd5LQi for <edm@ietfa.amsl.com>; Fri, 16 Jul 2021 16:17:38 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [131.188.34.40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABBEE3A097F for <edm@iab.org>; Fri, 16 Jul 2021 16:17:38 -0700 (PDT)
Received: from faui48e.informatik.uni-erlangen.de (faui48e.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:51]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 7C06C548056; Sat, 17 Jul 2021 01:17:31 +0200 (CEST)
Received: by faui48e.informatik.uni-erlangen.de (Postfix, from userid 10463) id 755604E7A74; Sat, 17 Jul 2021 01:17:31 +0200 (CEST)
Date: Sat, 17 Jul 2021 01:17:31 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: Martin Thomson <mt@lowentropy.net>
Cc: edm@iab.org
Message-ID: <20210716231731.GR24216@faui48e.informatik.uni-erlangen.de>
References: <162626887655.14379.5438309391409890693@ietfa.amsl.com> <80F3F8A2-2C3C-4DE8-BD1D-07842F5B2F89@apple.com> <20210715154649.GD24216@faui48e.informatik.uni-erlangen.de> <5149e82e-4f98-411b-9e34-27f243352b95@www.fastmail.com> <a2a718ba-7231-449f-8a55-fcc6a7823d59@www.fastmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <a2a718ba-7231-449f-8a55-fcc6a7823d59@www.fastmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/edm/t6GUYQYJpni5BwvLKBKGiXdjX9E>
Subject: Re: [Edm] Please review draft-iab-use-it-or-lose-it-01
X-BeenThere: edm@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Evolvability, Deployability, & Maintainability \(Proposed\) Program" <edm.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/edm>, <mailto:edm-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/edm/>
List-Post: <mailto:edm@iab.org>
List-Help: <mailto:edm-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/edm>, <mailto:edm-request@iab.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Jul 2021 23:17:44 -0000

On Fri, Jul 16, 2021 at 06:06:17PM +1000, Martin Thomson wrote:
> Just one note.  Throughout you mention authentication where the draft uses the word "cryptography".  My understanding of cryptography is that it encompasses a broad discipline that includes encryption and integrity protection and authentication and a bunch of related things.  Are you perhaps reading that word with the narrow meaning of "encryption"?

https://en.wikipedia.org/wiki/Cryptography
  "More generally, cryptography is about constructing and analyzing protocols
   that prevent third parties or the public from reading private messages"

So yes, i would very much appreciate if authentication without encryption
is explicitly mentioned as an option to limited arbitrary interaction
with a protocol:

"In particular, one of the consequences of an unencrypted protocol is that any element on path can
 interact with the protocol."

I don't think anyone would consider that a protocol with authentication
but without encryption is covered by that sentence. Likewise:

"Cryptography can be used to reduce the number of middlebox entities that can
 participate in a protocol or limit the extent of participation.  Using TLS or
 other cryptographic tools can therefore reduce the number of entities that can
 influence whether new features are usable."

With TLS-1.3 having removed null encryption, that text too is leading toward
only considering encryption.

Cheers
    Toerless

> Cheers,
> Martin
> 
> On Fri, Jul 16, 2021, at 17:14, Martin Thomson wrote:
> > Hi Toerless,
> > 
> > Thanks for the review.
> > 
> > It's going to take me a little while to just read your email.  If there 
> > are specific items that you think need to be drawn out in particular, I 
> > would encourage you to open issues or new threads on just those.  It 
> > will be easy to lose things with an email this long.
> > 
> > I'm just going to reply to your meta-level comments here.  I might try 
> > to turn the rest of this into issues on the repository.
> > 
> > On Fri, Jul 16, 2021, at 01:46, Toerless Eckert wrote:
> > > I think it would be good to write that the problems an solutions likely
> > > fall all into three high level categories:
> > > 
> > > a) p2p protocol extension considerations.
> > > b) 3 or more party protocol extension considerations
> > >    (including middleboxes as supported parties).
> > > c) 2 or more party protocol considerations plus undesirable middleboxes.
> > > 
> > > Separating b) and c) is IMHO most important, 
> > 
> > I disagree.  The draft does acknowledge the fact that difficulty scales 
> > poorly as more protocol participants are involved, but this is not the 
> > focus of the draft at all.  The text exists to acknowledge that as a 
> > problem, but the core thesis is not that these are different but that 
> > they are _fundamentally_ the same.  The number of participants just 
> > scales the problem (often very quickly out of reach).
> > 
> > Your category (c) is almost out of scope.  The text on limiting 
> > unwanted participation is very narrowly focused here.  It only exists 
> > because it was necessary to point out that unprotected protocols can 
> > have more participants than expected and that - once the problem is 
> > identified - the most obvious solution seemed worth noting (not that it 
> > is always a *practical* solution, of course).
> > 
> > See also https://martinthomson.github.io/tmi/draft-thomson-tmi.html
> > 
> > > The other high-level suggestion is that at least in my opinion
> > > there is more that could be written about reasons.
> > > 
> > > IMHO: The deeper the extension point is within a protocol, and the
> > > more complex the protocols starte machienry reaction to
> > > unsupported extensions hs to be in the state machinery,
> > > the more difficult it is to make sure it will work correctly
> > > when needed. Of course, the most easy case is when you have
> > > extensible data structures signalled and some parts can
> > > just be ignored, but that is not always the semantic required.
> > 
> > I think that this is just a matter of degree.  Whether an extension 
> > point is hard to reach hasn't seemed to affect its availability in the 
> > cases we've gathered thus far.  It's whether people have been motivated 
> > to seek it and actively use it that has mattered.  It's not like the IP 
> > version field is hard to find or complicated.  And - not in the draft - 
> > arguably some of the extension points in SDP are harder to reach than 
> > others, but the hard ones (a=extmap) are often more reliable than the 
> > easy ones (RTP/SAVPF).
> > 
> > -- 
> > Edm mailing list
> > Edm@iab.org
> > https://www.iab.org/mailman/listinfo/edm
> > 
> 
> -- 
> Edm mailing list
> Edm@iab.org
> https://www.iab.org/mailman/listinfo/edm

-- 
---
tte@cs.fau.de

v2.23.0 | Report a Bug | By Email