Re: [Masque] MASQUE and Tor "pluggable transports"

David Schinazi <dschinazi.ietf@gmail.com> Thu, 08 August 2019 00:59 UTC

Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 956F712030A for <masque@ietfa.amsl.com>; Wed, 7 Aug 2019 17:59:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SIuITCMyEOkV for <masque@ietfa.amsl.com>; Wed, 7 Aug 2019 17:59:41 -0700 (PDT)
Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D49F6120033 for <masque@ietf.org>; Wed, 7 Aug 2019 17:59:40 -0700 (PDT)
Received: by mail-lf1-x12d.google.com with SMTP id b17so65463163lff.7 for <masque@ietf.org>; Wed, 07 Aug 2019 17:59:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=gRsFVwAtBdUtyEquSXnpiKY5OBnxOSfHICXn+0clS3k=; b=oOEwdJTZEhsKGxMNtSTsgaK2YQ1ODGHHZ/7EedVxP62/mPEgEzhi06iA2h46tUEP0/ BYj+j8aXxZPIj9gcZ0lle3dOOI9RkENcqBPhFe3WB6eyd7JmQxc+OYsv6AFhmSFfjQgO 57veG2G3YlFaaGQjRpUP2QJ0RXHMyopgNJfxOwP2GQQxpwd9+HdmQGA0zadLXQ95O4L2 14vfbl++vLmDsxmxcyYLefKIP3aENIyaOKdIidlgb0G4mhkFOkTIo+FO8/d7P0ungxEh F4MlpD3SvOz+eFpP0Zl2MA8I0Cm4zz4G4nSNFEiKKy1Ci43HWaqPJzMuKqDWVTE81Mpa CfpA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=gRsFVwAtBdUtyEquSXnpiKY5OBnxOSfHICXn+0clS3k=; b=tpjw0uMkA7VcLPb8p6H+H0yrlv4JrFe8Mp27a5tGmkKWy4+1B64ij0LP+hKcIGtnwh 6zApg3YE5p8Jear1Voc4i1j3eNFLXrVPBnAgh4gG2K4mg3SRhR5vcE7f9WknmhGfGOG3 Gh3v0xhq7CadH0PFzdtWtPKTknYptV40+3kg7BO6L0fVvbDdVrB7ID0FtrVUuqDSNJDu JW3I1zZrrELBhxcKg2mbc1ITHmtwaraoTmj0m1eZtwbjh8X3HV4b+a6jrr+M8LU0ujvh N+nNyN92eVwE9ziPG2cZQ9DLNjR2wNTC2uXlBQ5aC6hCQtDmzXPU/h8yjOFudWjbL2x9 +veg==
X-Gm-Message-State: APjAAAXtYV8ZwXEoiFxpl2kosdnvYg/+93wbg9/dGJbyLFLHcNg5hEDu rA/6iU+v+unUKlnQ70Dyx71W6nhsD/vMd7ZwZMBASQ==
X-Google-Smtp-Source: APXvYqw1PCNyUDWAWQb77oYkAPIPXOO4ZM1J6riUVcM1v4hn1QVs+n3Yc5BKnOt2zxVK1BsZ+lbNX33P9rDrqNgoHBA=
X-Received: by 2002:a19:ec0c:: with SMTP id b12mr7593768lfa.107.1565225978833; Wed, 07 Aug 2019 17:59:38 -0700 (PDT)
MIME-Version: 1.0
References: <20190806162044.etph52mdghi6mtlb@nymity.ch> <CAHbrMsDCGzVeCj3v0CX6Q-zDNi_beEymA_Z0eKfyWYY933yBWw@mail.gmail.com> <CAG3f7MgynP7+fTYA_uojWxvzbMvbgrqfkZPFL4MvatAXNKF1WQ@mail.gmail.com> <CAPDSy+7JLSpNMfSH8520sbFDmd2=Ec+1sV92c3-QUi0r_-tkhA@mail.gmail.com> <20190807220514.6e4h5hkzrnkqpfpx@nymity.ch>
In-Reply-To: <20190807220514.6e4h5hkzrnkqpfpx@nymity.ch>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 7 Aug 2019 17:59:27 -0700
Message-ID: <CAPDSy+4UjFSHHF9P2TJ09YJsdpNfu6t2eBZanwKVmzAjRp-Kkg@mail.gmail.com>
To: masque@ietf.org, David Schinazi <dschinazi.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000762d9e058f9092f4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/j3BzJqYOkyM-IhdDTyWrtUQ28ZM>
Subject: Re: [Masque] MASQUE and Tor "pluggable transports"
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 00:59:44 -0000

Thanks for the link, Philipp. That was news to me, and really interesting!

The first thought that comes to mind is that we could use QUIC encryption
between relays (instead of DTLS) and even for the layered onion encryption.
That would require changing how QUIC authenticates, but IETF QUIC was
designed to allow that by having quic-transport
<https://quicwg.org/base-drafts/draft-ietf-quic-transport.html> and quic-tls
<https://quicwg.org/base-drafts/draft-ietf-quic-tls.html> be separate
documents.

Now it's just a matter of writing (a lot of) code :-)

David

On Wed, Aug 7, 2019 at 3:05 PM Philipp Winter <phw@torproject.org>; wrote:

> On Tue, Aug 06, 2019 at 12:29:37PM -0700, David Schinazi wrote:
> > We're still at the early stages for MASQUE - the document doesn't yet
> > define a wire-format that can be implemented - but once we get a first
> > draft of that written up and start implementing it, I'd love to
> > experiment with pluggable transports to see how well the obfuscation
> > bit of MASQUE plays with them.
>
> Thanks for your interest!  I'd be happy to help out once MASQUE reaches
> this stage.
>
> > Additionally, once we've accomplished the goal of using MASQUE to help
> > obfuscate Tor traffic, there is interest in the community to go for
> > something more ambitious, which is a tighter integration between
> > MASQUE (as a way to proxy QUIC over QUIC) and onion routing. We
> > suspect that this integration could help with overall performance, but
> > a lot of code needs to be written to see if the theory hold water.
>
> FYI, here's a recent summary of this effort, which you may already be
> familiar with:
> <https://lists.torproject.org/pipermail/tor-dev/2018-March/013026.html>
>
> Cheers,
> Philipp
>