Re: [Masque] FW: New Version Notification for draft-kuehlewind-quic-proxy-discovery-00.txt

Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> Mon, 03 February 2020 14:47 UTC

Return-Path: <mirja.kuehlewind@ericsson.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C07941200C4; Mon, 3 Feb 2020 06:47:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VfvLZPiwOr73; Mon, 3 Feb 2020 06:47:01 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80055.outbound.protection.outlook.com [40.107.8.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3C55120044; Mon, 3 Feb 2020 06:47:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BnoInmgkez4sqP2aD5elC7uR7JNec79Au5VZx+v4d2cRZ82+am8YwijPOJyraqWEUOQCvAd8XpuqaTncgYnW+pF+KAFKWjTeeMnZ98l7XNH4VL8psh+lSBXodxFEg9amjatla78tIo0ZxSVuGYde9gz0LnU8FSaftkyG381ZsnLsltBZc7jRKB3gAvlsxHxrSdu56PuBbzRn990DWAgNh/LkU2T1H50P3j6vZRDhs/VQ6QNh6HAVXeErHlwhLvYmG/GcprkLqoxKe0EZw+yvssKWOa87p6rFTepHInTczJp645GPvrqkCNq9AvFQZxlljtzHq5geBt3U7EWj4jBEig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SW0AwAY3d2eLe5ALLwbsvyiltI5WEAz5lqEdHtO9S2A=; b=Mg+3l3rJNJO7/rZw+dDCSefEjje1OTJJb+q5IYAK6aKf3wauE2b4W0y+A0PV4oIMSYNPdyrL3BS6tGicETZUiLsyAdq++eHfrsNwsPknFEMXvKeXm156YBrkudBxBuZw/HazGaBcof2RwETiOmihGMxTrormbhVm+pfm3W/GkWc8MBuh2+7+Wj2doGdzQow8D4hYw3sbd48pHjKlpOgWIrxUgelmfItFUO4gQeWRtVTDemxbBS71JRF6I5s8QF+penRbRDfqijPNWYQ4KHdpTJYpxkp8odg/sHcYkyiQG+ZOvUkKAyJ/dwR82Zh0/E1zdHXZM25jpryPxbql0Cbg2A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SW0AwAY3d2eLe5ALLwbsvyiltI5WEAz5lqEdHtO9S2A=; b=b/hHJVJBOt78RY6kFQp8Nd5i8T7pkMCanr3vY+FiWmW/NO9TViwVQ9zIg0EJlsQBSRpOAxuj82hKEBXPcHuKUvvUOVv61WK08VIq4urExwEXJVGTnzOGlEGPuGrlJU062pwZN+GM3VxPn1IY7nsUU6GSrniHxgMDo3ordgCBzys=
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com (52.135.149.158) by AM0PR07MB5810.eurprd07.prod.outlook.com (20.178.115.222) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2707.15; Mon, 3 Feb 2020 14:46:53 +0000
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::4879:46ae:16e:f5b7]) by AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::4879:46ae:16e:f5b7%7]) with mapi id 15.20.2707.018; Mon, 3 Feb 2020 14:46:53 +0000
From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
To: Eric Rescorla <ekr@rtfm.com>
CC: Patrick McManus <mcmanus@ducksong.com>, Lucas Pardue <lucaspardue.24.7@gmail.com>, "quic@ietf.org" <quic@ietf.org>, "Su, Chi-Jiun" <Chi-Jiun.Su@hughes.com>, Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>, "masque@ietf.org" <masque@ietf.org>
Thread-Topic: [Masque] FW: New Version Notification for draft-kuehlewind-quic-proxy-discovery-00.txt
Thread-Index: AQHVkzBtXqSCGBS1QEWLK0BXXTrwWKd7THMA///xkwCAABGsgP//8OCAgAA2fICAAaTLAIB6JW6AgBK7DoCAAC+ZgA==
Date: Mon, 3 Feb 2020 14:46:53 +0000
Message-ID: <9AA1F2AB-AF93-4A28-B258-3A691A4DCDEC@ericsson.com>
References: <157288641719.16495.4218503379126128243.idtracker@ietfa.amsl.com> <CA5EB3C0-F510-4883-B50B-51A3E46B47CA@ericsson.com> <CALGR9obp-YARLEXDVWvTqZ_h=Ocbn6m2On+uovK-SL-6TaOSXg@mail.gmail.com> <3F20108D-DEED-4AEF-89D3-55F11058110B@ericsson.com> <CALGR9oYHce0mnkj5Kz13EoR-zN3-xSr0igkJF2Z_dJ2vgfVNSQ@mail.gmail.com> <SN6PR11MB3087D25371090E7E40FA32B2CE7F0@SN6PR11MB3087.namprd11.prod.outlook.com> <CAOdDvNruDZuBYp2ABfWCKMF4o6rY5Qk6x6ofH1qCJgLfKpsCUg@mail.gmail.com> <65CD80F2-11BF-4D48-A011-17F6E431D209@ericsson.com> <CABcZeBMd+1X674qJcxLpD2CGPSduO8G1rM1s-r_ccXXy7pn++A@mail.gmail.com>
In-Reply-To: <CABcZeBMd+1X674qJcxLpD2CGPSduO8G1rM1s-r_ccXXy7pn++A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mirja.kuehlewind@ericsson.com;
x-originating-ip: [2a00:79e1:abc:301:5816:11c5:461d:3738]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e8c849eb-4ce0-4cd0-f5a8-08d7a8b7e8f0
x-ms-traffictypediagnostic: AM0PR07MB5810:|AM0PR07MB5810:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM0PR07MB5810F584A2780AA67A567437F4000@AM0PR07MB5810.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0302D4F392
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(39860400002)(136003)(366004)(376002)(346002)(189003)(199004)(8936002)(71200400001)(478600001)(54906003)(186003)(81156014)(81166006)(6512007)(6916009)(5660300002)(4326008)(8676002)(86362001)(66574012)(53546011)(6506007)(6486002)(33656002)(316002)(91956017)(44832011)(64756008)(66446008)(36756003)(76116006)(15650500001)(2616005)(66946007)(2906002)(66476007)(66556008); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR07MB5810; H:AM0PR07MB4691.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VqtBj1LsvdpWubMJ2P9PKjptjcuI6m0IeYPUnSusQHmtqbvw0nEyKm4P8a7+lHDbO8t/TSKDPDfZT/4M+c4QlGP4WQy9TZQE4L/6Sy5FR/rGyVoNHmf5YjpGNluzsXrU6eNSr8G/W8oAKM7eweFC7AOcpVrj04DmvmPaQYvlqVKKq/rAYLHMqQ2wDZZXIBhnjvC2aKLVDxgbndA4aWv10ypzJR9m7DRwHzXct2rX5mgcTwNT4f8NYrRCRFEDyz6CLoN3/AOqf89nq8mGDh1/bNevMThi0AbTmtR8qQI8msoimabuCCm9rQ1muHKXnaWe9rFO0g+tXARdjgHaMw5qRHG2wbRlRSphKfOubBYaiGYrG4zf7xGFoVA7BDVzJRlVw0hLcfkbpKpzD+GwzasypHF9mre8fqogYZwV8dTAzwxecY+kHxJI6dg2BLkjkyce
x-ms-exchange-antispam-messagedata: zl8YFrVvPysNn1CBiXcP4SwOzFxogQWwxKKOVHtO6YudMIbOPJkhEW6eUJyz9C8zNnVuCFVmR4HdTFxcM0dRddqietnPwc1kwZhg3lzAZtD4X5kcexAdeueQs9o7bdSxUyb54LM0gzeHxyg2v7KJVqVygLEIy3rZyd4aen7aWdC7VnoCYe5XJci2NN8uCoNX0KO/egrGnhJvkfBm+/88Xg==
Content-Type: multipart/alternative; boundary="_000_9AA1F2ABAF934A28B2583A691A4DCDECericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e8c849eb-4ce0-4cd0-f5a8-08d7a8b7e8f0
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Feb 2020 14:46:53.6072 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: utuPwlJhfcbY8M5UFW/wKh3TAbh6wna915nfx2kHNEA3RxQwO8+chA1frlcCoTglHPNFGbK9OuC9Z9nV76bSYNM/SF/FRM45woX3LSjX+Jg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB5810
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/32u0tkOy-l3qeFQhslkuV__JuOo>
Subject: Re: [Masque] FW: New Version Notification for draft-kuehlewind-quic-proxy-discovery-00.txt
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2020 14:47:04 -0000

Hi Ekr,

TLS MITM is not the right analogy here. As I said in my email below we only look at services for the proxy could to provide that do not intercept the end-to-end connection. Instead the client would either request a certain network service from the proxy (in any case at least simple forwarding) or, what we have in mind for performance optimization, the proxy would provide additional information to the client that then can be used in the endpoints to optimize traffic.

Further you can still configure a trust anchor in your client and use local recovery to dynamically find the IP address. And not all mechanisms described in the draft are actually for local recovery.

And at the end it depends on the service the proxy provides if a local proxy makes sense or not. E.g. if you only look at forwarding and address translation in order to conceal the client IP address from the server, not that much trust is needed and a local proxy can make a lot of sense as your access provider knows you IP address anyway.

Mirja



From: Eric Rescorla <ekr@rtfm.com>
Date: Monday, 3. February 2020 at 13:57
To: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
Cc: Patrick McManus <mcmanus@ducksong.com>om>, Lucas Pardue <lucaspardue.24.7@gmail.com>om>, "quic@ietf.org" <quic@ietf.org>rg>, "Su, Chi-Jiun" <Chi-Jiun.Su@hughes.com>om>, Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>om>, "masque@ietf.org" <masque@ietf.org>
Subject: Re: [Masque] FW: New Version Notification for draft-kuehlewind-quic-proxy-discovery-00.txt



On Wed, Jan 22, 2020 at 5:54 AM Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org<mailto:40ericsson.com@dmarc.ietf.org>> wrote:
Hi Partick, hi Lucus, hi all,

I’m currently updating the discovery draft and therefore looking at this email thread.

So looking at WPAD, it also uses DHCP and/or DNS to get a config file. In the draft we mentioned also the use of Provisioning Domains (PvDs) to get information about local configuration. This seems to be the more appropriate and soon to be standardized alternative, so I don’t think mentioning WPAD will add much. Lucas?

Mentioning WPAD could maybe lead to a discussion about who this information can be access by an application/browser (if needed because it could also be the OS that handles the proxying transparently for the app), however, this seems a bit out of scope for this document and probably is mostly covered by taps for PvDs.

Patrick, you said below that “series of CONNECT tunnels to the proxy are giving up the end to end security of transport features that QUIC“. In the setup we have in mind for use with MASQUE, we never touch the encrypted QUIC end-to-end connection and just forward those packets. Other than for HTTP/TCP proxies, the idea is to always have an outer QUIC connection between the client and the proxy and an inner QUIC connection between the client and the server. So I think if you only look for a forwarding service (+ address translation/anonymization), it’s actually okay to rely on potentially unauthenticated local discovery as you basically only have to trust the proxy as much as you trust any router on the path.

Well,  one of the most common reasons why you would want some sort of tunnel proxy is to conceal your behavior from the local network, which is clearly inconsistent with having the local network supply the proxy information.

More generally, I find the whole premise of this draft somewhat confusing. If we look at TLS MITM proxies as a loose analogy, there are two kinds of configuration one might want:

1. To tell the client to trust the proxy
2. To tell the client to connect to the proxy

However, as a practical matter, TLS MITM proxies don't do (2) and just rely on network mechanisms to make that work. They only configure trust anchors to let the client trust the proxy. Similarly here, the challenge with QUIC is that you want the client to engage in some behavior that has trust implications, but for this you need some discovery mechanism that is secure, which the ones you propose are not.

-Ekr