Re: [Masque] Call for MASQUE use cases
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Mon, 24 February 2020 16:57 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F0A83A0E4A for <masque@ietfa.amsl.com>; Mon, 24 Feb 2020 08:57:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kHhC7Sndj9HH for <masque@ietfa.amsl.com>; Mon, 24 Feb 2020 08:57:37 -0800 (PST)
Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6FE93A0E56 for <masque@ietf.org>; Mon, 24 Feb 2020 08:57:36 -0800 (PST)
Received: by mail-lj1-x230.google.com with SMTP id x7so10930296ljc.1 for <masque@ietf.org>; Mon, 24 Feb 2020 08:57:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Uutkn+E2eWdPezRRZBXwYAxqfHzfTjSkrIfcCCqg7a0=; b=hrufLAaOGpa2j5RSRKCqG2cy0YWkb2NmTqDGFLBEpsH9ePAexbdbZhOD+ZjsPtR4cn z53DrKVBK7t8A6CJVRcj8SX1QGwo8v51nOJD0Z7VSMas7GWUrefG1+5djYC6KK1ydy6h w/BW95M9yFHAP5ThOpLYkGgu8urQPiZFOMv1ZdJ3vWv3YfHPmiPDeGVV+0nbAHsaJBOT 4bkr/74aHsivrP81gCYs7NOQ6yjR68RxknlAdKEgsVgT7kIp4NhXAfAC/YMAExlA1VLv p5/JkXI/p3qwro2+kmpAPvtFW3VVQTrxGpWSEIBpXO3koI1ewVH2+oX9Cbhm8TRXjolX p9Ew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Uutkn+E2eWdPezRRZBXwYAxqfHzfTjSkrIfcCCqg7a0=; b=FeN23q+CUxo0DZHDhcrWMawbEWYCe10y/LcHYHW3CdEmVvlCr/JWs/DQYkBCsXJ1+I OUnL7Ds0sKJ2+OTMU/VmXSsdaWVdwcl8Oczyp5qzxDuBtc5fXx+w5vH+R0/vnFNYQ0xh xa4Yg/yO6SodP6D/05Yx56aICL0MhVNju2+pcav21T3iqMnnSfkcaJUvzdhygCoizDsw uRAHYmkYicV6bq+SNBfCaxlYygPlZ7NRAvf144c5YLLYKsShhQworBBs8i5XM041yNPt piu706LcJIBkzdmYndV/rTFzg62u+jv3YcLYmCq6JK74BAtI9olk9PHl5xFWbYN6L5Q7 ajoQ==
X-Gm-Message-State: APjAAAVdgXaBpqDBD5RtWUQVL2Yt/ZCx6Qm4lH6ybqLOG3m/YNQpfVEp ykt5H7EIUWhvmcfuwXPvO+yxqyc6fcLw1TgMGk4=
X-Google-Smtp-Source: APXvYqwIo6RsR55fZp4ZeFfqOa2WvE2s4u64YIDQ762kpky76Zy+jZ6qC+/AQDdNb8wIudq6HYYsnHIuv8UrRl7CsFA=
X-Received: by 2002:a05:651c:2c7:: with SMTP id f7mr30141161ljo.125.1582563454915; Mon, 24 Feb 2020 08:57:34 -0800 (PST)
MIME-Version: 1.0
References: <D46D764C-F682-472A-AFDA-32DDF5CA5F6B@heapingbits.net> <CABcZeBPMUNgOVWMS_sXPTsCU2R+EaK9JDuZsJQ5KSQROXE+4Sg@mail.gmail.com> <CAHbrMsAVXmyvqJKNzcmHOvM3NvPqhpfC9MuDEq9kNUBKe7=7=g@mail.gmail.com>
In-Reply-To: <CAHbrMsAVXmyvqJKNzcmHOvM3NvPqhpfC9MuDEq9kNUBKe7=7=g@mail.gmail.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Mon, 24 Feb 2020 10:57:07 -0600
Message-ID: <CAKKJt-etTk6CAqbL1MdSV6gdCgqC2Wz8cdUqbdzbM2h3LKAMhw@mail.gmail.com>
To: Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
Cc: Eric Rescorla <ekr@rtfm.com>, Christopher Wood <caw@heapingbits.net>, MASQUE <masque@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000090996f059f5544c6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/f4Hgj0qHkvC6U1FYVQRaBhvyIMI>
Subject: Re: [Masque] Call for MASQUE use cases
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2020 16:57:40 -0000
Hi, Ben, I have a couple of questions about some use cases you described (inline), but thank you for sending out your list. On Sun, Feb 23, 2020 at 10:06 PM Ben Schwartz <bemasc= 40google.com@dmarc.ietf.org> wrote: > I think virtually all the use cases for SOCKS and HTTP CONNECT are also > in-scope for MASQUE. Additionally, there are some cases that they don't > handle, or that MASQUE could handle better: > > - TCP proxying over congested/lossy client-proxy links. SOCKS and > HTTP/1.1 don't multiplex, so the congestion controllers for each TCP > connection fight over this link. HTTP/2 multiplexes but has head-of-line > blocking on loss. CONNECT over HTTP/3 would get us unified > congestion control without blocking. > IIRC, CONNECT currently doesn't know how to do HTTP/3 over QUIC, right? So is what you're thinking about - Connect can do HTTP/3 - proxy - HTTP/3 or HTTP/2 - proxy - HTTP/2, OR - Connect can do HTTP - proxy - HTTP, where the HTTP versions don't have to match? - Proxied WebRTC (or RTC generally). Currently, using a proxy generally forces WebRTC to use TCP, which generally also forces it to route through a TURN server (another proxy!). This adds up to significantly impaired latency and quality. By supporting UDP, MASQUE could do better. > > - Virtual machine running in a webpage. MASQUE could enable standardized > networking for virtual machines in WebAssembly. > > - Network debugging when using a proxy. HTTP CONNECT doesn't provide any > indication of why a connection failed, e.g. to distinguish RST, FIN, > timeout, or an ICMP error. > We've come some distance since I was introducing myself at IESG meetings as "AD for the spin bit", but we haven't come a really long way - the spin bit is in and optional, which is fine, and we are noticing https://datatracker.ietf.org/doc/draft-ferrieuxhamchaoui-quic-lossbits/ as a related draft, but we haven't had it on a QUIC working group agenda in the past year (IIRC), even though it gets talked about in places like MOPS. And that's just one more (almost certainly optional) bit of information, if it does move forward. I'm intrigued by your proposed use case on network debugging, especially if proxying HTTP/3 using CONNECT becomes a common mode of operation - have you started to hash out details for this use case, what might be visible without revealing too much, etc.? If not, would you like to work on something with me (and, one hopes, smarter and more realistic QUIC people)? Best, Spencer > On Sat, Feb 22, 2020 at 6:14 PM Eric Rescorla <ekr@rtfm.com> wrote: > >> I am interested in this as an alternative transport for securely proxying >> HTTP traffic (cf. https://fpn.firefox.com/) >> >> -Ekr >> >> >> On Thu, Feb 20, 2020 at 7:13 PM Christopher Wood <caw@heapingbits.net> >> wrote: >> >>> The core MASQUE protocol [1] describes a simple negotiation mechanism >>> for various >>> applications. However, it omits use cases for these applications. MASQUE >>> obfuscation >>> in support of a "hidden VPN" service is one use case [2]. Tunneling QUIC >>> is another [3]. >>> >>> Given that MASQUE and the upcoming BoF will be successful insofar as it >>> addresses important >>> use cases, I think it'd be useful to discuss these application use cases >>> in more detail >>> before Vancouver. To that end, let's use this time before the meeting to >>> discuss them! >>> >>> I'd like to ask interested parties to please surface use cases they know >>> of (and care about). >>> >>> Thanks! >>> Chris >>> >>> [1] https://tools.ietf.org/html/draft-schinazi-masque-02 >>> [2] https://tools.ietf.org/html/draft-schinazi-masque-obfuscation-00 >>> [3] https://tools.ietf.org/html/draft-kuehlewind-quic-substrate-02 >>> >>> -- >>> Masque mailing list >>> Masque@ietf.org >>> https://www.ietf.org/mailman/listinfo/masque >>> >> -- >> Masque mailing list >> Masque@ietf.org >> https://www.ietf.org/mailman/listinfo/masque >> > -- > Masque mailing list > Masque@ietf.org > https://www.ietf.org/mailman/listinfo/masque >
- [Masque] Call for MASQUE use cases Christopher Wood
- Re: [Masque] Call for MASQUE use cases Eric Rescorla
- Re: [Masque] Call for MASQUE use cases Ben Schwartz
- Re: [Masque] Call for MASQUE use cases Spencer Dawkins at IETF
- Re: [Masque] Call for MASQUE use cases Ted Hardie
- Re: [Masque] Call for MASQUE use cases Spencer Dawkins at IETF
- Re: [Masque] Call for MASQUE use cases Ben Schwartz
- Re: [Masque] Call for MASQUE use cases Spencer Dawkins at IETF
- [Masque] TCP-CONNECT errors in H2 & H3 was Re: Ca… Lucas Pardue
- Re: [Masque] Call for MASQUE use cases Dallas McCall
- Re: [Masque] Call for MASQUE use cases Border, John
- Re: [Masque] Call for MASQUE use cases Ben Schwartz
- Re: [Masque] Call for MASQUE use cases Maxime Piraux
- Re: [Masque] Call for MASQUE use cases Dragana Damjanovic
- Re: [Masque] Call for MASQUE use cases Lucas Pardue
- Re: [Masque] Call for MASQUE use cases Dragana Damjanovic
- Re: [Masque] Call for MASQUE use cases David Schinazi
- Re: [Masque] Call for MASQUE use cases Dragana Damjanovic
- Re: [Masque] Call for MASQUE use cases Eric Kinnear
- Re: [Masque] Call for MASQUE use cases Mirja Kuehlewind