IETF Logo Mail Archive

Re: [Masque] Updated proposed charter text

Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> Mon, 06 April 2020 15:43 UTC

Return-Path: <mirja.kuehlewind@ericsson.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 480163A0AC9 for <masque@ietfa.amsl.com>; Mon, 6 Apr 2020 08:43:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.269
X-Spam-Level:
X-Spam-Status: No, score=-2.269 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gQk_rEFBFOrm for <masque@ietfa.amsl.com>; Mon, 6 Apr 2020 08:43:33 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2083.outbound.protection.outlook.com [40.107.22.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C1CD3A0AEC for <masque@ietf.org>; Mon, 6 Apr 2020 08:43:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NiWnAcrNOKFRaHWbTDy4lh/vRrOuiepTDf+DzQNP0f4HoRllvMqwp6ee2kr2WTIDph/johzCE6EclrUMTtrNYhlIaSJvZCCGvsGRDkL3Z1Dzh5YO/RVw9+R1hUGvH8d0ENv3NuePmsCMJE8cfANjageEn4zHtqCswBgAqiE41ljaHMMbtfPKzmsVdJfMjtHj0smnnVfJIlHiOk0u+oKS3x2IZoYcPItkqLDXCVI6XX4rByYxJitOhEBTeDFjRMYG+dccNJDh+bEYhtOaL9kI08DB/klPNwUOeTDiRHR+OgK0i5mrESiaRbUSxu+dIGd9xntcq1RWG+P4hoQwS3uRgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Jrwdh695xyIqlWrVNDZ8wd6/ZRMd8qvClzqq6KpvZ5k=; b=itcLhSbZQJV5UELBsx97Dtd61U5HqS7i/iOCBfOM9pYQnpTFq0rrqaWH5hgCfKMk99K/m555p+FaHzFEeAgTTJrR5cJL0kFXY8yk954/QqbLjhUGHmH7ckFENjsFNv9WDEUitPIQZQKwlzHHcMfhRVUU2i6rbWFsarc0lxcw3FGw2NfSyWP5U1YZOaNeS4jm5IxGw/TmiIBe6jaxch+E1+3lroisgC1y1a8bHCGb/2XGl+Ranivx07kP7U7HNXP5WiEv1CHLnMOIAs+BLlkH0+PalWtAnTIRbFcU61/Yl1inj+fon7v2wIEBJXXmcUzX2iOsALheyCCWDzZH/uVIzw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Jrwdh695xyIqlWrVNDZ8wd6/ZRMd8qvClzqq6KpvZ5k=; b=PEcpUOYl2DH/sVu1l/RIUridRAMBKW8/ZgwYkIBGEkRfHoQEfKgaBdqkWj3AabpLfDY23fdKWRrkcjEkvEZ27dDkVHHKYoSu6OOaWOdbselfyruvxUuQFloimfUcMerROBx74rWtSnvtiHBmGt/1i+Lc0kwn5Dfj2UBBT93CyKE=
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com (52.135.149.158) by AM0PR07MB3955.eurprd07.prod.outlook.com (52.134.82.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.12; Mon, 6 Apr 2020 15:43:29 +0000
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::298a:36c6:fff4:f8f8]) by AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::298a:36c6:fff4:f8f8%3]) with mapi id 15.20.2900.012; Mon, 6 Apr 2020 15:43:29 +0000
From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
To: Christopher Wood <caw@heapingbits.net>, "masque@ietf.org" <masque@ietf.org>
Thread-Topic: [Masque] Updated proposed charter text
Thread-Index: AQHWB3uA92K/zczuiE+AorwaveT5nqhnYlAAgATBMoCAAENJAA==
Date: Mon, 06 Apr 2020 15:43:29 +0000
Message-ID: <2B89357E-FA42-48D7-9645-781CBE912DFC@ericsson.com>
References: <89136f8b-70bd-40a0-b6d1-0e8a62a50ece@www.fastmail.com> <HE1PR07MB442601004BE58A00FD2D6B04E2C70@HE1PR07MB4426.eurprd07.prod.outlook.com> <30d32d26-7a6d-48d9-92b7-326ad08e5f08@www.fastmail.com>
In-Reply-To: <30d32d26-7a6d-48d9-92b7-326ad08e5f08@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.22.0.200209
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mirja.kuehlewind@ericsson.com;
x-originating-ip: [2003:de:e727:100:38a5:2983:a284:b7fb]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: beeba85e-39bf-4311-7081-08d7da4140db
x-ms-traffictypediagnostic: AM0PR07MB3955:
x-microsoft-antispam-prvs: <AM0PR07MB3955652CFF04A46A4A670AB7F4C20@AM0PR07MB3955.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0365C0E14B
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB4691.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(346002)(39860400002)(376002)(366004)(396003)(136003)(110136005)(6486002)(6512007)(86362001)(15650500001)(5660300002)(8936002)(316002)(71200400001)(81166006)(81156014)(8676002)(33656002)(2906002)(966005)(66446008)(64756008)(66946007)(66556008)(66476007)(76116006)(91956017)(36756003)(2616005)(6506007)(53546011)(44832011)(186003)(478600001); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Xm0vwYzPyZen7lPnfWAib+Z5ilzzQJiuSITFOsp32R0+pt7R04rK3CF02aj7MbmsgyC9XyPIsyjlybtXT0hMcgCOr0ZdJqdahJwxtMl7aKFeAwLhgdDvXqf/q/Ka7bpx33mt6BWl22jpJeeUF6d0f75vR3YxauEE7BI65ifBITX7S1rnN7njeRJFA1/D9nRNebjBAAoLAdzQOiby5qip+GMczPiqichXjEwJVZDLbqu0Pt7bZZwZi+jpfq9Lb9DNH+zw9derxZN+0WbpglOMUQXI9AtQk/xRofMxRnTxc9mEUff+kktgkQm+fib9AMfVhV/b1otSCysfIs3h5w3VF5k2G1CqWWcUQMnFOSPItZGBMkCPeMuPkb+3PdCo44uXE9qktUQs5Gkst0WH/6W+UA56dpDM0es79osmsBuvjjr6XBSTU5+VXV3SczobvCrspIuV346AgkyQN2xm7QkwkZ9zQddWUJ/wgzcKdMMnV1RAWFnEoLxLcVL04ZNpIMWW3a+HUsmWE0Mh+vnFImANmw==
x-ms-exchange-antispam-messagedata: l3G78wiZud5OnR9iFAZ1XWelaZ5qKi24GS5x1wLrGeKKXfIiZlaUpFp9JReDLz++kaEEmaQYCH0JT6QLnu2odmQHF5UHV65ls0AFvMHRNlwoAVHzagY/UA18jB7o9ZRQ7Getw0+vSM5uEb30kWJ0aVhPgp+pUPwPqWWbz5PFzGaU8FfhuUPHrIYeVpnspajCKUK4Z9XLPA7hdl39HIkJVA==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <A857CE17F98C414A969DCE7BAA9C62B0@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: beeba85e-39bf-4311-7081-08d7da4140db
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Apr 2020 15:43:29.1597 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: limiRm1j1AvnnBfBI/pdKdkEq2Zz7t4dqwqb6bnenPsR2RVH3CJFEMAScgSB501qJaXvwwYLfeYvfS6QxRRu1E+aMAfhLsJvCDYm/uMb5Yw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB3955
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/Ig0N1gklrhwl0qeRObljja7f9kw>
Subject: Re: [Masque] Updated proposed charter text
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Apr 2020 15:43:35 -0000

Hi Chris,

In draft-schinazi-masque-protocol I would say that the QUIC, UDP, and IP proxying services run directly on top of QUIC without any HTTP in between (HTTP is only used only for the negotiation part but not for the forwarding/multiplexing). Therefore I think it would be more correct to actually change this one occurrence of HTTP3 back to  QUIC in the following sentence:

"The primary goal of this working group is to develop mechanisms that allow configuring and concurrently running multiple proxied stream- and datagram-based flows inside a HTTP/3 connection"

Mirja





On 06.04.20, 15:43, "Masque on behalf of Christopher Wood" <masque-bounces@ietf.org on behalf of caw@heapingbits.net> wrote:

    Hi Marcus,
    
    For what it's worth, this change reflects the mechanism currently proposed in [1]. This seemed to have some measure of rough consensus based on comments we (chairs) heard before, during, and after the meeting. There are of course pros and cons with this change, e.g., it can re-use existing machinery (pro!), but that machinery might not always exist or can be too complex (con!).
    
    Best,
    Chris
    
    [1] https://tools.ietf.org/html/draft-schinazi-masque-protocol-01
    
    On Fri, Apr 3, 2020, at 6:06 AM, Marcus Ihlar wrote:
    > Hi,
    > The previous charter proposal, shown in the BoF slides, refers to using 
    > QUIC as a candidate protocol for proxying traffic.
    > In the text you propose below, all mentions of QUIC are replaced with 
    > HTTP/3.
    > I'm afraid that specifying that HTTP/3 should serve as the substrate 
    > for the proxied traffic at this point will limit the possible solutions 
    > the working group can consider. Using the word QUIC instead of HTTP/3 
    > in the charter text would allow the wg to consider a broader solution 
    > space, including something based on HTTP/3.
    > 
    > Marcus
    > 
    > -----Original Message-----
    > From: Masque <masque-bounces@ietf.org> On Behalf Of Christopher Wood
    > Sent: den 31 mars 2020 18:43
    > To: masque@ietf.org
    > Subject: [Masque] Updated proposed charter text
    > 
    > Based on last week's meeting, it seems folks are generally enthusiastic 
    > about some form of MASQUE moving forward. To help scope that particular 
    > form, here's an update to the proposed charter.
    > 
    > ~~~
    > Many network topologies lead to situations where transport protocol 
    > proxying is beneficial. For example, proxying enables endpoints to 
    > communicate when end-to-end connectivity is not possible and can apply 
    > additional encryption where desirable (such as a VPN). Proxying can 
    > also improve client privacy, e.g., by hiding a client's IP address from 
    > a target server.
    > 
    > Proxying technologies such as SOCKS and HTTP(S) CONNECT exist, albeit 
    > with their own shortcomings. For example, SOCKS signalling is not 
    > encrypted and HTTP CONNECT is currently limited to TCP. In contrast, 
    > HTTP/3 is a viable candidate protocol for proxying arbitrary traffic, 
    > as it provides secure connectivity, multiplexed streams, and migration 
    > for a single connection while taking advantage of a unified congestion 
    > controller. HTTP/3 datagrams provide for unreliable data transmission, 
    > which enables transporting UDP and other unreliable flows via a proxy 
    > without introducing potentially redundant or unnecessary recovery 
    > mechanisms. Further, HTTP/3 supports an established request/response 
    > semantic that can set up and configure flows for different services.
    > 
    > The primary goal of this working group is to develop mechanisms that 
    > allow configuring and concurrently running multiple proxied stream- and 
    > datagram-based flows inside a HTTP/3 connection. The group will specify 
    > an HTTP-based signaling protocol for creating and configuring each 
    > service flow. The group will first focus on a limited set of 
    > client-initiated services such as IP, UDP, and TCP proxying. Specifying 
    > proxy server discovery mechanisms is out of scope for the group. 
    > However, the group may specify techniques for identifying proxy servers 
    > to aid future discovery mechanisms.
    > 
    > The group will coordinate closely with other working groups responsible 
    > for maintaining relevant protocol extensions, such as HTTPBIS, QUIC, or 
    > TLS.
    > ~~~
    > 
    > This should address most of the issues raised during the meeting [1]. 
    > We'd like to hear what people think about this as a viable path forward.
    > 
    > Thanks,
    > Chris, on behalf of the chairs
    > 
    > [1] These issues include, though are not limited to:
    > 
    > 1. Whether or not this is a new protocol or an extension of an existing 
    > protocol must be clear before moving forward.
    > 2. Motivation for proxy technologies requires improvement. In 
    > particular, there’s no mention of privacy objectives.
    > 3. The proxy threat model is unclear or underspecified. Does it model 
    > Tor’s threat model, or is it something simpler? (Meta question: should 
    > this be part of an existing document?) 4. Why are services beyond 
    > simple “CONNECT for UDP or IP” in scope? Should we focus on the simple 
    > datagram proxy case first and carve out room for extensibility?
    > 5. To what extent is discovery out of scope?
    > 6. Framework is perhaps not the best word to describe MASQUE.
    > 
    > Any errors or omissions from this list are entirely my fault!
    > 
    > --
    > Masque mailing list
    > Masque@ietf.org
    > https://www.ietf.org/mailman/listinfo/masque
    > -- 
    > Masque mailing list
    > Masque@ietf.org
    > https://www.ietf.org/mailman/listinfo/masque
    >
    
    -- 
    Masque mailing list
    Masque@ietf.org
    https://www.ietf.org/mailman/listinfo/masque

v2.23.0 | Report a Bug | By Email