[Masque] Capsules
Martin Thomson <mt@lowentropy.net> Tue, 02 November 2021 06:25 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA21D3A0B67 for <masque@ietfa.amsl.com>; Mon, 1 Nov 2021 23:25:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=ZMFYkfqN; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=J1yIRbG4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9gKf_UqK7ayG for <masque@ietfa.amsl.com>; Mon, 1 Nov 2021 23:25:08 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 167043A0B58 for <masque@ietf.org>; Mon, 1 Nov 2021 23:25:07 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 1B2E85C0182 for <masque@ietf.org>; Tue, 2 Nov 2021 02:25:06 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute5.internal (MEProxy); Tue, 02 Nov 2021 02:25:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm3; bh=LJgnIy5MwPj8TBF+eSG/gWZmkwEoczfpIkpJwr7xMrE=; b=ZMFYkfqN p0sn1ZOVG5x6/2cYNwjNA4vr7i0oWafOvE5kH+dXCnD/bGlX8QYlJpSBGiSi4tnW DtC17NXjRz3O5y8X1ziv98UUFj4QMK10NQo3dZUSaV/lEvzclc9MzoVw/3lZl+S2 /q85X5hJvAI7AI7Z3UmEhMdb8GsDxSZm7DT8l/iTs+QjDsIOGGNYy+WNUbEnMHIa 622xy0nIVoHd1Mct27rDF3FWrDkLx3M3AbNuL8M5tlN8VKOy+yrTJQuGJR7hTizB 2WjBm7g3KRe6DlqbCiYCtNhWH9ukiEJd2Hy3dITE8rvRZzZuZlIT5iwErx0T/aW2 RjqOklD/zM+I7Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=LJgnIy5MwPj8TBF+eSG/gWZmkwEoc zfpIkpJwr7xMrE=; b=J1yIRbG4K/M6z0rEWtR/vMKXpnr6IEng6/jKQk4yLzLCK zO+igwcRSYtFuKO54F9FeiNUCkh87kTKVahp+KIZDMoHVOtF320pcggO7d5nY/CS 8SaWgr1huOzb2K8sCNqbJYY4q5hRi/+OZD32+T0fb2mH3aS1M5X1KcMWmTvFtCeE LBaNRP19XvzbnNSHmuSdQfF/s6w24mnJyb6gd9USwQJwNtjlEX1lO5sSY920b62e gjp+Q8EyPVnwzCpnteKqr4HUojdwI5xy6M4mF2vyqww61U6g3+KBl41nU3MF1p6A Cl1B6GQZdT/Ol1uc9naeEcTQPnN7eoxbN0DsJUzLA==
X-ME-Sender: <xms:wdmAYfJPkpJ83LRAmvT7lZsYQH27EOmbJ5VRLz_C5ES9lOOiozR5UA> <xme:wdmAYTKSLbOBu6D4fJD7C4q4ijLF8OI5bkSCXfru8n5z3g7RYjp_t3buwJR4XuKnX scLmy8vf0yxdn3xL68>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrvdehgedgkeekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfffhffvufgtsehttdertd erredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigv nhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeevgfdutdfgjeefudeuheekhe ekudeugeehfeegveekkeegleevveffueduffehheenucevlhhushhtvghrufhiiigvpedt necurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvght
X-ME-Proxy: <xmx:wdmAYXuDOFVzKJhOuEYpnz-Bh2oNwYzmiF1brhrFH03b2R5vPmFt9g> <xmx:wdmAYYbpdzM43jbJzbwqPGXc__3NDN0Bs4Vm_AMOrOCxVG-Ps-ej-w> <xmx:wdmAYWaWqF1TISdjhHssRN6JZA5a__SFtdkNtsfBg99qHlBzPkyrbw> <xmx:wtmAYfkGziyDxCARqj5ZepsMzhzSKCEFW1gwhqrS8MUJzfibvWtIfQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id BD1F13C044D; Tue, 2 Nov 2021 02:25:05 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-1369-gd055fb5e7c-fm-20211018.002-gd055fb5e
Mime-Version: 1.0
Message-Id: <85634900-dbbc-497a-aa97-cd6b29b4cc73@www.fastmail.com>
Date: Tue, 02 Nov 2021 17:24:40 +1100
From: Martin Thomson <mt@lowentropy.net>
To: masque@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/6UL3Kh40_0OFPRnX2G3_26lrLME>
Subject: [Masque] Capsules
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Nov 2021 06:25:13 -0000
I've just reacquainted myself with the ever-shifting content of draft-ietf-masque-h3-datagram (-05 specifically). My conclusion: this document is about 10x longer and more complex than it needs to be and maybe three or four times more complex than it could be if you accept some of the underlying assumptions. --- The source of this added complexity is a desire to construct an abstract framework that allows intermediaries to participate in the protocols that this document attempts to facilitate. The key functional role for an intermediary here is for it to take datagrams and forward them in a way that best suits the HTTP version in use, allowing the same datagram to traverse different versions. Forwarding in HTTP/3 wants to use native DATAGRAM frames, whereas fowarding elsewhere needs to use the stream established by extended CONNECT. The goal in creating a generic framework was to enable some common handling between different protocols (UDP proxying, IP proxying, WebTransport). This is a bit of narrow use case. An intermediary that understands that a capsule-based protocol can take datagrams from a stream of capsules and send them in DATAGRAM frames. In the opposite direction, they can fold DATAGRAM frames into streams. This forwarding behaviour depends on the intermediary understanding that the protocol in use is a capsule-based protocol. This is done by looking at the :protocol pseudo header field on the extended CONNECT and looking that up in a list of known capsule-based protocols. This is necessary because not all protocols that use extended CONNECT use capsules. After all, the only use of extended CONNECT that currently exists, websockets, doesn't. That's not so far removed from a system where the intermediary understands the contents of different CONNECT-based protocols that do not share a framework. It is possible to have different protocols that use extended CONNECT with shared design elements that maximize code reuse at intermediaries WITHOUT a framework like this. Those protocols can all use the same format, name, and registry if that helps maximize code reuse. At that point that is functionally indistinguishable from the system that uses a framework. >From this perspective, a framework like this becomes something of an academic exercise. A lot of work is done to document the framework and describe its properties, but as the effect on deployed code is non-existent, it has no real effect on what people do. And it comes with risks, like leading people who build intermediaries to start making bad assumptions about how extended CONNECT works generally. The editors of the WebTransport over HTTP/2 draft are currently debating whether to propose the use of capsules there. There, we have some interesting design constraints that might be cause to use a different format. One option that is being considered is reusing design elements from QUIC to make the protocol easier to implement. I don't think that we should feel constrained to use capsules, except to the extent that it might be nice to make implementation in intermediaries easier. --- I'd like to propose a different approach: 1. When datagram support is negotiated at the QUIC transport layer, HTTP uses datagrams by associating them with request streams. This uses the system described in the draft (prepending the stream id divided by four). 2. Different uses of datagrams need to be individually negotiated using settings. (WebTransport negotiates use of both datagrams and extended CONNECT with a single setting.) 3. Each of the protocols we have describe the use of capsules. Separately. That's it. It's perhaps a shade minimal, but it is sufficient. I can see the advantage of a shared registry for capsule types. That has some real advantages in terms of code reuse. This document might be a good home for doing a little unification of the clerical stuff. I'm OK with doing that (this is the 10x saving -> 3x saving I alluded to), but it does not need the supporting machinery in the current draft. It just needs to make a registry, describe the generic capsule format and define the DATAGRAM capsule and forwarding rules for that capsule. The rules that talk about opaque capsules and whatnot is unnecessary. --- This would mean losing all the text about datagram contexts with their format types. I can't see any justification for a generic framework for those functions. I can see protocols in which these might be useful constructs. However, use of those constructs would benefits from closer tuning of the mechanisms to the problem domain, something that a framework cannot do. draft-schwartz-masque-h3-datagram-ping proposes using the format type to create a separation between that and "other" uses of datagrams. It's important to note that identical treatment at intermediaries is a necessary feature for that draft, but I don't think that is necessary. It also depends on datagram contexts being used, which is a big assumption as they are effectively pointless for many protocols. WebTransport doesn't seem inclined to want them. Should WebTransport want this, it has to pay a pretty high price (>=1 byte on every datagram sent), but that should be something that protocol decides. Maybe that protocol can come up with a better means of distinguishing datagrams that results in less overhead. Earlier, it was suggested that datagram contexts might be used for ECN signaling. At the time, it seemed clever. But now I realize that it is more like one-step forward, four-steps backwards compression. --- Sorry for the long missive. I hope that I was able to capture the rationale so we can discuss this next week in more detail. Regards, Martin
- [Masque] Capsules Martin Thomson
- Re: [Masque] Capsules Ben Schwartz
- Re: [Masque] Capsules David Schinazi
- Re: [Masque] Capsules Alan Frindell
- Re: [Masque] Capsules Martin Thomson
- Re: [Masque] Capsules Martin Thomson
- Re: [Masque] Capsules Victor Vasiliev
- Re: [Masque] Capsules David Schinazi
- Re: [Masque] Capsules Eric Rescorla