[Masque] Non-forwarding mode in quic-proxy
Martin Thomson <mt@lowentropy.net> Fri, 07 November 2025 17:56 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: masque@mail2.ietf.org
Delivered-To: masque@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id E41668589898 for <masque@mail2.ietf.org>; Fri, 7 Nov 2025 09:56:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b="sOz97HPw"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="D07qs7vR"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gSnfrAqRcUXK for <masque@mail2.ietf.org>; Fri, 7 Nov 2025 09:56:21 -0800 (PST)
Received: from fhigh-b2-smtp.messagingengine.com (fhigh-b2-smtp.messagingengine.com [202.12.124.153]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 651E685896F3 for <masque@ietf.org>; Fri, 7 Nov 2025 09:55:38 -0800 (PST)
Received: from phl-compute-04.internal (phl-compute-04.internal [10.202.2.44]) by mailfhigh.stl.internal (Postfix) with ESMTP id 5BC187A013B for <masque@ietf.org>; Fri, 7 Nov 2025 12:55:32 -0500 (EST)
Received: from phl-imap-15 ([10.202.2.104]) by phl-compute-04.internal (MEProxy); Fri, 07 Nov 2025 12:55:32 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1762538132; x=1762624532; bh=5c xmBa0LAboJTPAe3+AV8oAFiJiTu+pNPanZUTK+V0E=; b=sOz97HPwbenSujSYHs ThZmWqzqVYY0meB5pUwKo7Mw/9reVp8RYS+o3y7aLtI9W7BF/RgX9MPVsP99xrti YnEJdDqu5GnWWpLHDPKYegZOA2BlAv5f9Y0NNpY3LSGG8xA3jdMUpg2u4ea2yHv4 uAasD37MfkqSiphtiOzaAsHsoqPFxGKzuX6JiGzDMiWDoLHVuJjb2oKAuaMooCVI 4pPa5dTvnLRBx7NgvEyeFAloiHbxSxr4/mn+l9J34hQHw0JCzlt/PytVXM+BHv4e tnP9TqOifSkiu9/I6SKCgkBNo+R6PukRBday2gelry+rpq0ErZ6znglJvCj6ETde LHYw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1762538132; x=1762624532; bh=5cxmBa0LAboJTPAe3+AV8oAFiJiTu+pNPan ZUTK+V0E=; b=D07qs7vRCQf0w0bZhC0EVuDGRuXq3iZqHzxsOLUxTqCANfPCBxY PzHb1mOC0DCPlmgU8p1VVdmuYEeOnh9q1No59bwXfW2CmPiZZWUmqTYVqCMLfAD4 vvnbFny0YZ6wy7ZgXmHNqJag6rh0fjHySCDaT0hP0kfBlzKWFqk6Tr35E89iPLo0 AgrRX/LfvALfeiBT3GJ9o08nxNmaKS6K0NsHWTHqo/yQbq7hYc7Nj0Yqle8Ueo3n CmD3Q/7D9GkGT/iwMen0soP5aD7/OX7+BX2a3z5gC50mUdo30lIx44554Zjt7hi8 4pK13r0Rk76xt9vZhKBA+kF5UwpjbhCvs9A==
X-ME-Sender: <xms:kzIOaR3a7WPEq2bZc6_Zm7nuRK4R0kQO2N04PAEI8SXymiw81TIlTA> <xme:kzIOaS7AhlKIhLxhPOUQKjkNN5YsnN_KiyB3NtFT6fk2boFwtYNfHjq1THBj6_seY e0Ea01MwK-09gF5EO_ONkNzRL-EOgi0Ly68uBxBVLk47L0-MV61Jnw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdduledtfedvucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucenucfjughrpefoggffhffvkffutgfgsehtjeertdertd dtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhht rhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeevjedvvdfhheegleffhefhteelge eltdefgeegleejfeduueefkefhfedvteejueenucevlhhushhtvghrufhiiigvpedtnecu rfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvghtpdhnsg gprhgtphhtthhopedupdhmohguvgepshhmthhpohhuthdprhgtphhtthhopehmrghsqhhu vgesihgvthhfrdhorhhg
X-ME-Proxy: <xmx:lDIOadbrrxG5gbnNa_IvBRrzS8G81o4oZoqWa_Tsl3HrYLNieO4MTA> <xmx:lDIOabXCsTm60hh9Kgfggkjihi6NTopaGmU-CPUT5aNIjV_gt8A7rA> <xmx:lDIOaVnwnDbkMpd2L7Oou_n0byJ_5Af2-vBexT-ujQM6EYI6vMcCgA> <xmx:lDIOaQzNQ2lnqvoyzGtvq4Nr3w4-Q4tHc17QMZp_OluqL0V9twt8Kg> <xmx:lDIOacw1NoZDtAxJWVtp9nU9nF9oVvZ1TK2g9t39hTVOCxHh6KJ9tWfd>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501) id E24D87800DA; Fri, 7 Nov 2025 12:55:31 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
MIME-Version: 1.0
Date: Fri, 07 Nov 2025 12:55:10 -0500
From: Martin Thomson <mt@lowentropy.net>
To: masque@ietf.org
Message-Id: <de1070b2-06ca-4db1-badb-fccd1d17d489@app.fastmail.com>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-ID-Hash: 44K5RL4VU5Z6NOFQYYC42RHRD5CPWGPR
X-Message-ID-Hash: 44K5RL4VU5Z6NOFQYYC42RHRD5CPWGPR
X-MailFrom: mt@lowentropy.net
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Masque] Non-forwarding mode in quic-proxy
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/ZRaG-1bGY4-RRpvzdv4CWF9tETk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Owner: <mailto:masque-owner@ietf.org>
List-Post: <mailto:masque@ietf.org>
List-Subscribe: <mailto:masque-join@ietf.org>
List-Unsubscribe: <mailto:masque-leave@ietf.org>
The non-forwarded mode in quic proxy is not very well defined. I question whether this is a necessary feature. Or, I would suggest that serious attention be given to whether this is something that should be included in this document at all. The sole advantage of having a proxy be aware of QUIC is that it can share the same UDP port for multiple connections. But in order to do that, the proxy needs to choose the client connection IDs that the target will use to send packets. The present design does not allow that. It's backwards. In order to share ports, the proxy needs to also participate in stateless resets. I don't see how the present design allows that to happen. Of particular interest is the ability of a proxy to be able to deal with clients that go away. The client needs to be able to send a stateless reset to the proxy that will be mapped to a stateless reset that the server will recognize. In forwarded mode, this is easier if the proxy retains state, but the present design will fail badly if the proxy loses state. The proxy doesn't choose the connection ID that the server uses, so it can't provide a stateless reset. That the protocol defines a way to indicate that port sharing should be disabled is a mistake, I think. Port sharing is the point. Disabling it is easy: use regular connect-udp without this extension at all. In that mode, the proxy needs to allocate a port.
- [Masque] Non-forwarding mode in quic-proxy Martin Thomson