IETF Logo Mail Archive

Re: [Lwip] [T2TRG] QUIC on IoT boards

Mohit Sethi M <mohit.m.sethi@ericsson.com> Tue, 21 January 2020 10:07 UTC

Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BB381200B6 for <lwip@ietfa.amsl.com>; Tue, 21 Jan 2020 02:07:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HK_SCAM=1.999, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z91z7jWT7fF8 for <lwip@ietfa.amsl.com>; Tue, 21 Jan 2020 02:07:25 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on062d.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0e::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9263812004C for <lwip@ietf.org>; Tue, 21 Jan 2020 02:07:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OT3qHSqf0GQvZQm9E2qwt6nlAmRFog1O4vpCitnxJPlwvo0h+K0F3DiJTQC8wGOf6sffPNW5oFBjmM3ZujAciwBMe5bW6rp32dKi3rMiSoe5aEiAABSrfxkXTmgdETqRf68T/B8Gjpjw13oVZt128K+ZVpT+3xR7+lFK9hUQlqcKRMuG7PBeBBVx2JXNpVu3G+QOUT2GDjrqzJNeq16ob4xn93CkYbshGHGhfNomq05MiewGVHHgL30/8rxwi3eqWurm44KCcxoZ+Re/qNH6jb8plBEEaUxHTVZlAOyXD4jjZiNs50vHwizULeQWneporeBuEUlMslQpR+kfMrQp8w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=noE8i6tArzuVkeTs8b+14nVkZ0X8uvsNR8x+5oR1MqU=; b=CXPtkzqsY9CVJ0P4s5UWTaUUwomgRRbUb0OKe837YpO9/ioGlXjam/e0XeZJrXBh2WsgJns2z23imO6ppmWC3f8jTXW7grkSuZYFLuQ7m12tCVm6LIWINcsL65I7KTtMGAU+29lxjHtZAwSUBFMuHqoHRa2wED0oTZ2r3nd8+jYO5ziVwx7NRoeoEBPpxq5OH6HI6u7hq1/8iU7EA61WCzGmTLmPuh2ytKpCBHaZapPI3J/tsLZNqiwCHCg9Bgq4xsuJN7T/YcOb3g/wPfjiGvPxm9rGcIqy9mnkY4Ovv+AceYREeDOXfaDAbP3LHXg254BuKMC75nmelGonu6cmgA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=noE8i6tArzuVkeTs8b+14nVkZ0X8uvsNR8x+5oR1MqU=; b=uxSr7Q/c9ApXQtoHWxTVfTAXy89CvbqIA0OT8LLBcMJx26rrH+0FDKOMtnvwKhTlcpxIPvrtWwX/VSrzfMQXO/2lUawSHnO9JJopbjTR3+6EAG7JVSo8uylD0nX3Kbqkbi/nnKJ5J1C+UptREmEwlo+tozCpv5ohfTstiRNsRiY=
Received: from DB6PR0701MB2904.eurprd07.prod.outlook.com (10.168.84.145) by DB6PR0701MB2934.eurprd07.prod.outlook.com (10.168.84.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2665.14; Tue, 21 Jan 2020 10:07:18 +0000
Received: from DB6PR0701MB2904.eurprd07.prod.outlook.com ([fe80::69fa:e9b6:4a20:3ede]) by DB6PR0701MB2904.eurprd07.prod.outlook.com ([fe80::69fa:e9b6:4a20:3ede%8]) with mapi id 15.20.2665.015; Tue, 21 Jan 2020 10:07:18 +0000
From: Mohit Sethi M <mohit.m.sethi@ericsson.com>
To: Eliot Lear <lear@cisco.com>, Lars Eggert <lars@eggert.org>
CC: Василий Долматов <vdolmatov@gmail.com>, "lwip@ietf.org" <lwip@ietf.org>, "t2trg@irtf.org" <t2trg@irtf.org>, Dave Oran <daveoran@orandom.net>
Thread-Topic: [Lwip] [T2TRG] QUIC on IoT boards
Thread-Index: AQHV0EKQrPXvnC2SEESINP8gCxtD2w==
Date: Tue, 21 Jan 2020 10:07:18 +0000
Message-ID: <08fa9838-bfa3-2b91-c7ba-9631a73da264@ericsson.com>
References: <6CB4D459-4AAA-4313-B95C-05DF22C9A9DD@eggert.org> <E7C38177-DD0B-4D92-AE0E-EB457691E493@cisco.com> <6B9FFEF5-CDC9-4703-BB10-616DBEDE80AB@gmail.com> <4528ED27-E3B6-43C4-99A5-715DE1B79A09@cisco.com> <247FD52A-D90D-498E-AD79-9DADA8653EB2@eggert.org> <C210C02A-B6E3-46E4-A3FC-6534490783B5@cisco.com>
In-Reply-To: <C210C02A-B6E3-46E4-A3FC-6534490783B5@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mohit.m.sethi@ericsson.com;
x-originating-ip: [2001:14bb:140:3307:cc1e:8406:7a73:dca9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0e1d76ce-e5ce-4fe9-e908-08d79e59b2ef
x-ms-traffictypediagnostic: DB6PR0701MB2934:
x-microsoft-antispam-prvs: <DB6PR0701MB293406B7375656A1B50C8E60D00D0@DB6PR0701MB2934.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0289B6431E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(396003)(376002)(366004)(136003)(346002)(189003)(199004)(6486002)(31696002)(316002)(478600001)(8676002)(6506007)(81156014)(81166006)(86362001)(53546011)(2616005)(31686004)(966005)(186003)(8936002)(6512007)(4326008)(21615005)(66476007)(66556008)(66446008)(36756003)(2906002)(66574012)(76116006)(64756008)(5660300002)(66946007)(4001150100001)(54906003)(110136005)(71200400001); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0701MB2934; H:DB6PR0701MB2904.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /n3qVGp7WqYPZNANsMXwupQQlQBu+80kQ1j3VxDsMs7Jub0HL0SUS3L/qGOGFEEqPjCKDV35WlFpE3gPYPHciFHaYqeCn5mcsn6Dx3s8RYQzecQWnO9cwFl+w6eH6cplVKfbqP2TyBEpBjvyzUM4AWU4k0wTL73a6EMW/kYvS7E7JnwoCZyV+lvot+kWfovBkg0PcFScQ8/mxGGRNm19XGu9km1/ad/CwrEXMCIcBiBkm0tqP9bG4TFyJlQnLVKRWJlqii5lzqqVLivh9jTcU2UsDnITDVIEY64TwC59tskkGBkVmk5eU0RsSOjZ0oxc5GZejlNdmtpubI0ySwEM62yaNO4P4JD6Cy1vX01OenmRxXi1LLUYowxjFYaXy6UwRgkw5WRcRUPZlZuiyc1HqM7XfVT1+fDAaj/iFWQ+OPhuKCHBSkG/J1sFqeqEgLIornOx0UEdM0dVDMMmsoHdAPsY9WWgsn32Ju/CZEN/AbdoQXPOucflLxNsJg1+2izs1/r1/MZLJLPotEB5LE/7YA==
x-ms-exchange-antispam-messagedata: 8YlxMRZZAzuGmLzoEUh3BEWZQTH6Tx4ssb9Ig+KrjHlbKqS4oWr48zkfTWkfS+FKXc3FKGMrmzjv7NgzNViheI7+nAEJPCBr1+N0tgOsbWMOa/OGreD9n77cb0hhVLxLUm60/i4vW8wLqjlqPMBJVD0ILhiAVT71EiBcMwgNrPVS4d2e6gZ67+McFeoFIhx/BQwhIMIJmpKtoD5Kf0T0ew==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_08fa9838bfa32b91c7ba9631a73da264ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0e1d76ce-e5ce-4fe9-e908-08d79e59b2ef
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jan 2020 10:07:18.6780 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oZobUj65pXHM5pS4Fegu3RulWWHLJBcISeXWt6AAQGxyiLde5aWNytyeGHQEx7S0SRp1+3U+Q6QX//igim7v6nPK0F5+LQq74Un3QoDIq2c=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0701MB2934
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/ZDGwO8WTJ9Tm0UeLygMztPtiWxc>
Subject: Re: [Lwip] [T2TRG] QUIC on IoT boards
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Lightweight IP stack. Official mailing list for IETF LWIG Working Group." <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2020 10:07:29 -0000

Hi Eliot,

I find your example rather disturbing. I am sure a dad does not want everyone else on the Internet to see what his daughters toy is exfiltrating. You would need encryption for that?

I am totally with you on the need for knowing what's inside the device and how is the device behaving. RFC 8576 identifies this in Section 5.6 'Verifying Device Behavior': https://tools.ietf.org/html/rfc8576#section-5.6

--Mohit

On 1/20/20 7:00 PM, Eliot Lear wrote:
Hi Lars,

On 20 Jan 2020, at 16:08, Lars Eggert <lars@eggert.org<mailto:lars@eggert.org>> wrote:

Hi,

On 2020-1-20, at 16:52, Eliot Lear <lear@cisco.com<mailto:lear@cisco.com>> wrote:
• I only want that device speaking protocols it was designed to speak.

It’s that last one that has me worried from a long term perspective with QUIC.

I don't quite follow. Surely if someone ships an IoT device that uses QUIC for communication, that *is* a device "designed to speak" QUIC?

QUIC is the substrate.  It’s the applications atop that really are at issue.

If the stack hides means to determine directionality, as it does, and applications, as it does, we should take a pause to determine how we would detect whether it has services running on it that aren’t intended, as has happened all too often.[1]. These are use cases that QUIC was not designed to address.

So [1] is a case where the firmware web server had an embarrassing bug - it's not an example where someone hacked in and ran another service in addition to (or instead of) the manufacturer one. So that's not a fitting example for the point you are trying to raise.

Yes it is.  It’s a misconfiguration that could easily be blocked with the existing TCP model, and it was in a great many environments.  With QUIC, spotting these sorts of misconfigurations may prove more difficult.  Not impossible, mind you.


We can certainly debate whether more encryption and/or obfuscation makes network-based threat detection harder or not. It might even be the case that there are wrinkles in the IoT space that aren't there in the broader web space, in terms of appropriateness or trade-offs. But in general, I think this issue is a general one, and not IoT-specific.

Let’s agree that IoT is a pretty big category.  I gave you two very specific examples of where TLS 1.3 itself is more of a hindrance than a help because of the nature of the system in play.  Those examples comprise a common case for IoT.  I would never say the same thing about browser based communications.  Because IoT is such a big category, there may be cases where privacy issues either conflict with or will overtake other concerns.

Let me give you a good example of conflict:

Dad wants to know what information daughter’s Internet toy is exfiltrating and to whom.  Does the toy have a camera or a microphone that wasn’t advertised in the documentation, as happened with one particular device[1]?  On the other hand, dad would very much like whatever information is being shared to only be shared with authorized parties.

Want more conflict?  Let’s assume that the CPAP machine I described above uses my local wifi and something goes wrong, and the patient dies.  The next of kin want the data, but the CPAP service owner refuses.  In fact, the CPAP service owner even refuses to describe what data is being collected.  On the other hand, a patient would very much like whatever information is being shared to only be shared with authorized parties (2nd verse, same as the first).

Now… some of this is encryption and some of this is transport, but the QUIC and H3 have intentionally intertwined the two to attempt to reduce middle box interference.  That very interference is what a great many IoT deployments need.


On the other hand, we do want the IoT community to leverage the best that the Web community has delivered, if and when it is appropriate, and even when the whole package is not, it is best that they adopt the components that are, so that they don’t end up having to repeat old mistakes.

Exactly. Given the ever increasing amount of engineering cycles that are being poured into QUIC, the IoT community should absolutely try to leverage that to the max, where it can.

But the community also requires guidance to understand where it is appropriate, and quite frankly I don’t think we know that yet.

Eliot

[1] https://edition.cnn.com/2019/02/20/tech/google-nest-microphone-secret/index.html




_______________________________________________
Lwip mailing list
Lwip@ietf.org<mailto:Lwip@ietf.org>
https://www.ietf.org/mailman/listinfo/lwip

v2.23.0 | Report a Bug | By Email