IETF Logo Mail Archive

Re: [Masque] Proposed draft charter

Eric Rescorla <ekr@rtfm.com> Mon, 03 February 2020 10:17 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E807E120077 for <masque@ietfa.amsl.com>; Mon, 3 Feb 2020 02:17:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uZw9jITZMf9P for <masque@ietfa.amsl.com>; Mon, 3 Feb 2020 02:17:46 -0800 (PST)
Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4593B12002E for <masque@ietf.org>; Mon, 3 Feb 2020 02:17:46 -0800 (PST)
Received: by mail-lj1-x22f.google.com with SMTP id d10so13959258ljl.9 for <masque@ietf.org>; Mon, 03 Feb 2020 02:17:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=83fBPifJft1CJEwdxlQDkKPhH1Wc5kD7QlRmauoFsmM=; b=AE5tJsgi5duIDqfDYcD0TrptMQZoPXOo7Ylz8Mozp+9AxKKKiBD1dkL0y4GnCTWj0a 9FPxLLhT3HXRqyq2gEHPJIw2PfL/4eyZSnAQbT7cNEsK8CpiqwZQl0I+KuBCLm5FXn/l heoxQ6626UNgiLmkJ9sF300cqmQnj1jAExCi0yGTxXM8VYIjDP1qOww9FgNCtwvpYQkQ tIwF4mcgVMu/3uo4yDZ1zMLNrw5JRXvIC0Tn7jiUhvO3vIUDNuGGIZz/tFcrqItx4Onc We1x2nEInywqeLNAHKWoShfMWahk2YCI205KRt9eF5JpQ5Ag/E7FFK12ECGsNH2IYVlx Z+bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=83fBPifJft1CJEwdxlQDkKPhH1Wc5kD7QlRmauoFsmM=; b=C3oOspVRcPkAcYNu/Re3P8RgJUiBn+xwCgsn83B4H+4WiwgQzm4VEvZQAIFX2rWSLA I1RBGWLuTAGurDy2jMtiu4zxXPLotxmpZE1ue/ov//U5EEeQq//qDmZ2Nv2DaWgQim85 B6ixJH5INHwpEOTwtEyD4VhCz09ACmVYyN/dZmiaD1gyLUOSUAuW54SWkxFB3ydjAU+N evCveAoDwUxLXD7uTxREWL+WALKJcEK/43eLtyQtc+gMaTyUay8dCyWdB+dz35gKQLwT 6UzjNtulpYrDGhbqCwPiI9p0yMRZbDmSEGnjxxk0u5UVHF9G2bEiivx3/HdznK8PrIoh 8B9Q==
X-Gm-Message-State: APjAAAX3YkTNwmdoynS9MNHhOUHYrJmjrpUg0aGcRrG1ZeJ+rXp3K3Oe cHwtGXS7NS10XyIPSBjh/y3HTw3E5wf+6Vcq22eBEWOtUJQfhQ==
X-Google-Smtp-Source: APXvYqzJwbTLvbjn0Z/SlZ/xzi878xDTRt0DUFxNB9BQ6QLRHlYMr17SVYGjKRWwVI4WOv7H3WxGweILrvTCZKMvuEI=
X-Received: by 2002:a2e:9b12:: with SMTP id u18mr13429241lji.274.1580725064379; Mon, 03 Feb 2020 02:17:44 -0800 (PST)
MIME-Version: 1.0
References: <845946C2-EB98-4F3A-966E-968AE349302C@ericsson.com>
In-Reply-To: <845946C2-EB98-4F3A-966E-968AE349302C@ericsson.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 03 Feb 2020 02:17:08 -0800
Message-ID: <CABcZeBOJtyaa+J9PqoEZ7n8QahFy4n8nbBaCwUd0W+1BoMNnZQ@mail.gmail.com>
To: Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org>
Cc: "masque@ietf.org" <masque@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f35604059da93b97"
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/Ib3z9wXGaItmn93RXuzb2dRb9zo>
Subject: Re: [Masque] Proposed draft charter
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2020 10:17:49 -0000

Hi folks,

I have reviewed this charter and I fear that it is going in the wrong
direction. When MASQUE was first proposed, it was conceptually simple:
effectively an HTTP CONNECT tunnel but (1) Implemented over QUIC/H3
rather than H1/H2 (2) Allowing for non-TCP protocols to be carried
over the tunnel. IOW, it was an application-level VPN. This is
something that clearly has a number of valuable uses cases. To name
two real-world applications where this would be valuable:

1. Tor has repeatedly discussed converting from their TCP-based
   protocol to something DTLS or QUIC-like.

2. Firefox Private Network (https://fpn.firefox.com/) has an
   H2-based secure proxy mode, and running it over QUIC would
   have some obvious advantages.

However, when I read this charter, that simple application is sort of
buried under a bunch of other stuff that seems more appropriate for
some other use cases, such as performance-enhancing proxies. proxy
caches, etc. While I appreciate that something like tunnel (as in
FPN/Tor) and PEPs are both technically proxies, they're fundamentally
dissimilar even though they occupy the same position in the data
stream (though not the same position in the network, given that PEPs
are typically on-path between endpoints whereas tunnel-type systems
typically are not).

It's not necessarily bad to charter work that handles multiple use
cases, but in this case, I think that it would be a severe distraction
because the requirements are totally different. In the tunnel-type
case, the point of the proxy is to a great extent to protect
client-server connection from interference by the local network
(as well as to conceal the client/server IP addresses). However, in
the PEP style case, the purpose appears to be to reestablish the
control that these network-level devices had prior to the advent
of QUIC's end-to-end encryption. This is readily apparent from the
text in this proposed charter that says:

  As use-cases for deploying MASQUE have different security or
  performance requirements, the working group may define multiple
  MASQUE services for proxying to suit these disparate use-cases.

This actually seems like an understatement.

IMO, we should simply strike all these use cases and focus on a
simple tunnel protocol, which seems comparatively straightforward.
Such a protocol should be designed to be extensible.

In parallel, those who are interested in designing protocols to
re-establish access by network intermediaries can work on those
separately, and, if there is sufficient implementor interest we
can then discuss whether those use cases should be served by
Masque extensions or by some other protocol.

-Ekr

v2.23.0 | Report a Bug | By Email