IETF Logo Mail Archive

Re: draft-dolson-plus-middlebox-benefits (was RE: Review of draft-mm-wg-effect-encrypt-09)

Nico Williams <nico@cryptonector.com> Tue, 11 April 2017 17:18 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BC5B12955B for <ietf@ietfa.amsl.com>; Tue, 11 Apr 2017 10:18:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, RCVD_IN_SORBS_SPAM=0.5, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E8O7CgAOiys5 for <ietf@ietfa.amsl.com>; Tue, 11 Apr 2017 10:18:40 -0700 (PDT)
Received: from homiemail-a26.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D334B129A98 for <ietf@ietf.org>; Tue, 11 Apr 2017 10:18:37 -0700 (PDT)
Received: from homiemail-a26.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a26.g.dreamhost.com (Postfix) with ESMTP id 4F0D8A007634; Tue, 11 Apr 2017 10:18:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=6HwIemMY1bCP6U JfSBxKB26a8p8=; b=JcJpy8eX48QfeEaqT8enI+3+P/RCaEZxqIhSM6y4l6+WVQ XO7OWlzcBa1Pc1KF2UnYAYRxCI0HVy+3XAtjXzVVKnLDfggj2pwdxJeLyAV4WIdJ XyuwxgNKXc0jLR2lE7rCSYh6t4AaX6LzvMctZqrMe0U9tRTPTNVstksu/VWUc=
Received: from localhost (gzac12-mdf2-1.aoa.twosigma.com [208.77.215.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a26.g.dreamhost.com (Postfix) with ESMTPSA id 4F69BA00762E; Tue, 11 Apr 2017 10:18:36 -0700 (PDT)
Date: Tue, 11 Apr 2017 12:18:34 -0500
From: Nico Williams <nico@cryptonector.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: mohamed.boucadair@orange.com, Martin Thomson <martin.thomson@gmail.com>, "ietf@ietf.org" <ietf@ietf.org>, "draft-dolson-plus-middlebox-benefits@tools.ietf.org" <draft-dolson-plus-middlebox-benefits@tools.ietf.org>
Subject: Re: draft-dolson-plus-middlebox-benefits (was RE: Review of draft-mm-wg-effect-encrypt-09)
Message-ID: <20170411171831.GA23461@localhost>
References: <787AE7BB302AE849A7480A190F8B933009E4B818@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <11843452-d76d-50e3-c162-155f4d1621e2@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <11843452-d76d-50e3-c162-155f4d1621e2@cs.tcd.ie>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/7Is7VnZmfRrvwYEzGznMMRpbCsM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 17:18:42 -0000

On Tue, Apr 11, 2017 at 09:51:14AM +0100, Stephen Farrell wrote:
> On 11/04/17 09:15, mohamed.boucadair@orange.com wrote:
> >> I hope that the IETF never publishes
> >> draft-dolson-plus-middlebox-benefits; it makes claims about the
> >> benefits of specific solutions for different use cases with the
> >> goal of justifying those solutions.
> 
> > [Med] I'm afraid this is speculating about the intent of
> > draft-dolson. Assured this is not the purpose of that document. The
> > motivation is to document current practices without including any
> > recommendation or claiming these solutions are superior to others.
> 
> Just to note that I completely agree with Martin's interpretation
> of the thrust of this draft and I totally fail to see how your
> argument above can be justified given that draft title, abstract
> and even filename (and also the content;-). When the abstract
> says "This document summarizes benefits" then I cannot interpret
> that as other than being intended to justify the uses described.
> 
> A fairly thorough re-write to aim to describe the pros and cons
> would be a different and more useful document. Similarly a draft

Documenting the good, the bad, and the ugly, would be much better than
documenting only the good.  Documenting only one half of the story seems
to me like a bad idea on its face.

> that strives to neutrally describe existing reality could maybe
> be useful (*) but one that only describes middlebox friends with
> "benefits" is not IMO beneficial ;-)

Agreed.

I can think of a number of problems with middle boxes:

 - scalability

   Middle boxes may need to expend much more computational power in
   order to do more than forward packets, and they need to do this for
   as many extant packet flows as will fit on their pipes at full tilt.

   Middle boxes may also have to be stateful, which quickly turns into a
   morass.

 - security

   Middle boxes can get intrusive and require sharing either more
   information with the public at large, or more information with
   "trusted" middle boxes, which in turn requires more complex key
   management and more failure modes.

 - reliability

   More failure modes (see security above).  More middle boxes to
   inspect for diagnostics.  More middleboxes to fix.

 - extensibility

   Want to extend the protocol?  You can't.  You'd have to upgrade all
   the middle boxes first.  You can only get the extensibility that you
   can foresee.  If you screw up the first time, the screw up will take
   15 years to work out of the Internet in the best case, and in the
   worst case you'll never get it out.

I can probably add more later when I have more time for this thread.

One could give a lot of advice for design of protocols with "friendly"
middle boxes.  Merely saying "hey, they are good" is not enough.  We
might want to revisit end-to-end protocol design as well (e.g., maybe
ICMP isn't working so well; what can we do?).  Perhaps we can get some
of the benefits of middle-box-aware protocols without the middle boxes.
Suppose a secure middle-box quench protocol by which nodes under DDoS
can enable DDoS counter-measures in upstream routers...  Suppose a
generic, non-TCP congestion control capable but UDP-like transport with
a reusable header prefix and ICMP-ish messages for QoS and congestion
control...  I'm certain we can do more within the end-to-end model with
minimal middle-box involvement (though never zero; we need at least
packet forwarding middle boxes).

IMO the IETF must not publish draft-dolson-plus-middlebox-benefits as it
is today.

Nico
--

v2.23.0 | Report a Bug | By Email