[Masque] (no subject)
Patrick McManus <mcmanus@ducksong.com> Wed, 19 June 2019 17:00 UTC
Return-Path: <mcmanus@ducksong.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50CBC12012B for <masque@ietfa.amsl.com>; Wed, 19 Jun 2019 10:00:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ducksong.com header.b=gGF1gu09; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b=Vb/RiiLx
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FxZwbokHXQTa for <masque@ietfa.amsl.com>; Wed, 19 Jun 2019 10:00:00 -0700 (PDT)
Received: from outbound2r.ore.mailhop.org (outbound2r.ore.mailhop.org [54.200.129.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF03112030D for <masque@ietf.org>; Wed, 19 Jun 2019 10:00:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560963599; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=SSnFKFDT0g6VM+1HrzMzjzRZiSg4QS7g6wSBbIrhtHrSA+AuYLr/7ZCugnJwDToWOd3a9C3HDSrOS jqRKoIpfbvgw/t9rcpZe4kuFh8bi+izfXOf8b0QDFmTSrjWg/FOXdXcP2R8i85oOBzVDaF7eHGHvZw DmyvxkxmJAkh4QsEX79fMKCPTzLYdVB49bCyt8cGbp6hHIu1m3uhsz1L8HQJ1uVwJak/lZsACWl+W+ Q3FiHmkQsbiG03gdz0xOSmwP+iiFI0gwlA/AR9t4wthzEYHyZK3K/BgF0SSVZEzvcSXFqttSMcqZAF yIzkFMsUsO1UwmFNUZnD/KZ9uiI0zRg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-type:to:subject:message-id:date:from:mime-version:dkim-signature: dkim-signature:from; bh=515zZPm3N5FY/oi0d9syhQB85SWrjAEmbHMCavf0VBY=; b=V8jT7Odxq2FVKVxeiv9sBkqpfO7VAP6AEZp+dZPOKaXObglANhlqVPAR7ONLbmk2Yv3OKcB9yWkci nZQSNMdql9oZVEuCl9hQ5RyiaBku4MML28d/6wdpm4hGG9CU6jz20dqJQip4zUJ7Ty479ijwZnFKJl JPK9DflEpCo1LN8gb3Sq8pBi2Mh/Goc6dWmpRK6ZnayMVQjHs0EZg3S/hwswA9h5wZKCNKibe2jnR+ EFaMH8MSe1Ob62ZuhrspsANHAh34FjjYgIXUh75S5B4j3+PKX2gFDgucsQ6OiKBirH8fDcviqe71nv 4ZSSMevsYNJvvRdVuRTDnul4TjkHlbg==
ARC-Authentication-Results: i=1; outbound4.ore.mailhop.org; spf=pass smtp.mailfrom=ducksong.com smtp.remote-ip=209.85.210.47; dmarc=none header.from=ducksong.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ducksong.com; s=duo-1537391512170-ea99bbb3; h=content-type:to:subject:message-id:date:from:mime-version:from; bh=515zZPm3N5FY/oi0d9syhQB85SWrjAEmbHMCavf0VBY=; b=gGF1gu09dNf54UPpy2z1Gb5KdQXwZ5evnlYRttq6BCMgLwCFjkDuFvirLLV+zpkriGnMgMLxONY3U ThT/ihPxpS/zIUB1SMeGGwv28ppAfip11U2bFjyB0H9Gtkgo01g+F/iKqZC6w75AEEG8RNGWt5AqdJ LyN/tyo1cNj/rKAU=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-type:to:subject:message-id:date:from:mime-version:from; bh=515zZPm3N5FY/oi0d9syhQB85SWrjAEmbHMCavf0VBY=; b=Vb/RiiLxLKNUKOJemvUDBBd4JxBeYsTedKJEWO/YdKRgICYvkMJ5jwp1v6Wb5zQlCbwa+ea3ETz6s HRdS8KcYPVhgQA4wV7ebZOMsi62UnczMNAW0q0LP9RpNQtbyZj9crG/nxcbhcfQJtLqcoYY0BaEE8o 1bcR/e/4dHSBWXyCJND1hr4oWt8xHSHkbPOlKH/mIZ6Us7tjJ0y2H0QDpj4rIecyB0gg/53rED87/9 Ko0/EaY2infgk7n/1LgMumNTw+Fi72Q98xIxbtek4pExPBQ1esWaAV0qEX8qk4nXBxEh1O45QbGiZD vuV/3gci9KQjUD3s+2cW7QUPXR7OlkA==
X-MHO-RoutePath: bWNtYW51cw==
X-MHO-User: aaced664-92b3-11e9-a46e-ff59a9ad0924
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 209.85.210.47
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from mail-ot1-f47.google.com (unknown [209.85.210.47]) by outbound4.ore.mailhop.org (Halon) with ESMTPSA id aaced664-92b3-11e9-a46e-ff59a9ad0924; Wed, 19 Jun 2019 16:59:58 +0000 (UTC)
Received: by mail-ot1-f47.google.com with SMTP id x21so19985345otq.12 for <masque@ietf.org>; Wed, 19 Jun 2019 09:59:57 -0700 (PDT)
X-Gm-Message-State: APjAAAVb/rOtNcNIEjtJEWpOjj1u7rR1B1rBEOO70tKKRvqq9N43wXIw yTIyxXPqMvM7RE6YweV/OxrronyuRYblrjY6svA=
X-Google-Smtp-Source: APXvYqz9hYeT0Nb4nbbvjKNeCKN1RMyG8AFg4qVmNSpswq07z7T85W6sHxcCBV1mSE0c4FnKaz0ulqs01/UxPjrW0hg=
X-Received: by 2002:a9d:6312:: with SMTP id q18mr3507234otk.45.1560963597010; Wed, 19 Jun 2019 09:59:57 -0700 (PDT)
MIME-Version: 1.0
From: Patrick McManus <mcmanus@ducksong.com>
Date: Wed, 19 Jun 2019 12:59:46 -0400
X-Gmail-Original-Message-ID: <CAOdDvNqoSv94fiGKdnKusqG5AvKbeYZ3LO-kKydVQkRr8hQ5-w@mail.gmail.com>
Message-ID: <CAOdDvNqoSv94fiGKdnKusqG5AvKbeYZ3LO-kKydVQkRr8hQ5-w@mail.gmail.com>
To: masque@ietf.org
Content-Type: multipart/alternative; boundary="000000000000b50fe5058bb02809"
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/ZnLn1dpv21fBx65qnj_xl4yhfuw>
Subject: [Masque] (no subject)
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jun 2019 17:00:04 -0000
David, thanks for writing up https://github.com/DavidSchinazi/masque-drafts .. it makes things a bit more concrete even at a very early stage. I have a couple drive by comments - I hope they help, and I'm sure its possible they've been discussed in another forum.. the general tech here has been in a number of different places. 1] istm the configuration primative should be a URI rather than an origin with a .wk.. there is a reason multiple masque instances couldn't co-exist on different streams? (different auth, different qos, whatever..) 2] I can't quite figure out what the document _is_. Is it an h3 and h2 extension? Is it a version independent http pattern? 3] You switch up a few things about CONNECT in the same way that rfc 8441 does (which obviously warms my heart!).. but note that 8441 had to be a negotiated extension to get opt in for breaking some of the base rules of 7540 (a totally allowable thing if negotiated)... specifically you can't send :protocol or implement CONNECT in some way other than opening a TCP connection to :authority. 3a - but you obviously don't want to announce your extension in the server SETTINGS. This seems more like a spec lawyer problem than a real problem. Nonetheless give the matter some thought, maybe CONNECT isn't the right way to do it (even though it seems in spirit). 4 - speaking of which, what do you set :authority to on this CONNECT request given CONNECT defines that.. 5 - "When the server receives this CONNECT request, it verifies the signature and if that fails responds with code “405 Method Not Allowed”, making sure its response is the same as what it would return for any unexpected CONNECT request." .. I'm not totally sure about my comment here, but my gut says you don't want to require 405 and instead have text about probing as it seems to me that servers might be inclined to do other things for existing errors. For instance I just tried two public facing servers (not proxies) and gave them CONNECT requests.. one gave me a 405 and one gave me a 500.. 6;plkjhghjkl;][poiuyguiop[]\[poiuytyuiop[][poiuyuiop[poip[][poikp[';[lpkjhbnm,./09865432 hth! -P
- [Masque] (no subject) Patrick McManus
- Re: [Masque] (no subject) Patrick McManus