Re: [Ohai] DoubleCheck and CONNECT-UDP
Tommy Pauly <tpauly@apple.com> Wed, 27 July 2022 18:25 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: ohai@ietfa.amsl.com
Delivered-To: ohai@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA7FEC14F718; Wed, 27 Jul 2022 11:25:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.993
X-Spam-Level:
X-Spam-Status: No, score=-4.993 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1-SHUxQC6bSt; Wed, 27 Jul 2022 11:25:51 -0700 (PDT)
Received: from ma1-aaemail-dr-lapp03.apple.com (ma1-aaemail-dr-lapp03.apple.com [17.171.2.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6332C159493; Wed, 27 Jul 2022 11:25:15 -0700 (PDT)
Received: from pps.filterd (ma1-aaemail-dr-lapp03.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp03.apple.com (8.16.0.42/8.16.0.42) with SMTP id 26RIEI8A034716; Wed, 27 Jul 2022 11:25:14 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=content-type : mime-version : subject : from : in-reply-to : date : cc : content-transfer-encoding : message-id : references : to; s=20180706; bh=950Ffu9rT4YJ2vj8SohkjfuuM+qubibLt3B/ZprsdKo=; b=LsLSrK0T3u2d6dIVzoxfZrZVkRlUcSXVeA38h8k/P9+snNHy/51h4QhsI6nitpqY04FB vQfRiTEX5GhGnbcw0Wy5uJLeFCN7zezXjA4GdM+NDvehm70/KSjhahzon8QqaMVMwOtP TmcllkroIrrIIFp9wXrtmOqYBwhlMzwJTPE0d3s63VYTMEQJSdEKBkmq+5PKSKcgMRb9 Jhbsv2xMrZjqrcOvK1KcTaPwaMlpqdmGHHK/gIjOSgndvw5Urd81ux7gRd522Deakid8 mblrN0q8LZMcs1atfXvBx/FmDia8pVQRVVzE96dGe37DiafBagIQIWBZgStWMOOTcO4X Zg==
Received: from ma-mailsvcp-mta-lapp03.corp.apple.com (ma-mailsvcp-mta-lapp03.corp.apple.com [10.226.18.135]) by ma1-aaemail-dr-lapp03.apple.com with ESMTP id 3hgfyw9gny-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 27 Jul 2022 11:25:14 -0700
Received: from ma-mailsvcp-mmp-lapp01.apple.com (ma-mailsvcp-mmp-lapp01.apple.com [17.32.222.14]) by ma-mailsvcp-mta-lapp03.corp.apple.com (Oracle Communications Messaging Server 8.1.0.18.20220407 64bit (built Apr 7 2022)) with ESMTPS id <0RFO00JPYZ62NB70@ma-mailsvcp-mta-lapp03.corp.apple.com>; Wed, 27 Jul 2022 11:25:14 -0700 (PDT)
Received: from process_milters-daemon.ma-mailsvcp-mmp-lapp01.apple.com by ma-mailsvcp-mmp-lapp01.apple.com (Oracle Communications Messaging Server 8.1.0.18.20220407 64bit (built Apr 7 2022)) id <0RFO00F00YPM8300@ma-mailsvcp-mmp-lapp01.apple.com>; Wed, 27 Jul 2022 11:25:14 -0700 (PDT)
X-Va-A:
X-Va-T-CD: e72da815dcb01dab2f988f94f1719970
X-Va-E-CD: 67a9621271b995c6f47e644e5f38935a
X-Va-R-CD: f47d7838e67971c473aab2975c0904fb
X-Va-CD: 0
X-Va-ID: 678bd230-802e-4909-9ea0-b2d754f1e86f
X-V-A:
X-V-T-CD: e72da815dcb01dab2f988f94f1719970
X-V-E-CD: 67a9621271b995c6f47e644e5f38935a
X-V-R-CD: f47d7838e67971c473aab2975c0904fb
X-V-CD: 0
X-V-ID: 57a387a9-de9e-4c34-b4f9-4e7d1e0d5b14
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.517, 18.0.883 definitions=2022-07-27_07:2022-07-27, 2022-07-27 signatures=0
Received: from smtpclient.apple (unknown [17.234.249.86]) by ma-mailsvcp-mmp-lapp01.apple.com (Oracle Communications Messaging Server 8.1.0.18.20220407 64bit (built Apr 7 2022)) with ESMTPSA id <0RFO00Z2SZ60TA00@ma-mailsvcp-mmp-lapp01.apple.com>; Wed, 27 Jul 2022 11:25:14 -0700 (PDT)
Content-type: text/plain; charset="utf-8"
MIME-version: 1.0 (Mac OS X Mail 16.0 \(3729.0.22.1.1\))
From: Tommy Pauly <tpauly@apple.com>
In-reply-to: <CAHbrMsATSEU0iqybh6vqH-Mv0egJiEhpxA8vEmJNehdE0i3adQ@mail.gmail.com>
Date: Wed, 27 Jul 2022 14:25:01 -0400
Cc: ohai@ietf.org
Content-transfer-encoding: quoted-printable
Message-id: <D4A56610-9E62-4F5F-BD89-47C78E47EC34@apple.com>
References: <CAHbrMsATSEU0iqybh6vqH-Mv0egJiEhpxA8vEmJNehdE0i3adQ@mail.gmail.com>
To: Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3729.0.22.1.1)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.517, 18.0.883 definitions=2022-07-27_07:2022-07-27, 2022-07-27 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ohai/-1ooXrQoYRq2S_hlsW5d2fmeuQI>
Subject: Re: [Ohai] DoubleCheck and CONNECT-UDP
X-BeenThere: ohai@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Oblivious HTTP Application Intermediation <ohai.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ohai>, <mailto:ohai-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ohai/>
List-Post: <mailto:ohai@ietf.org>
List-Help: <mailto:ohai-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ohai>, <mailto:ohai-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jul 2022 18:25:53 -0000
Trying to lock people into using CONNECT-UDP to an HTTP/3 server in order for key consistency to work seems to be a “not good” state to end in. Maybe better than locking in CONNECT, but locking in any particular protocol or version seems quite limiting. I don’t think that it follows that if we don’t have CONNECT-UDP, the clients would directly fetch the key config from your proposed SDH resource. To perform double checking, I think it just matters that we have one check that uses a TLS-authenticated connection to the authority for the key config, and one other check that uses a cached version on a TLS-authenticated connection to another entity that is not the authority for the key config; AND that these checks are done in such a way that the TLS-authenticated connection to the config authority does not get to track or identify the user. What method you use to proxy a connection is entirely up to the client’s favorite proxying method, I think. Let’s not try to drag specific transports into this. Thanks, Tommy > On Jul 26, 2022, at 10:57 PM, Ben Schwartz <bemasc=40google.com@dmarc.ietf.org> wrote: > > During my presentation today, I suggested that the DoubleCheck procedure might not need CONNECT-UDP if it's acceptable for the Service Description Host (SDH), which is presumed to be affiliated with the gateway, to learn the pool of client IPs. On second thought, I believe the CONNECT-UDP tunnel is indeed necessary. > > Without the CONNECT-UDP tunnel, clients would authenticate the KeyConfig by fetching it directly from the SDH. In this arrangement, it is often possible for the gateway to identify the precise client IP that issued a particular OHTTP request, due to timing correlation. If the rate of queries to this gateway (through this relay) is relatively low (<1 QPS), correlation is trivial. The gateway can constantly rotate its KeyConfig, forcing clients to reauthenticate it before each OHTTP request. > > At higher query rates, other tricks are possible, such as rotating the KeyConfig and then slow-walking the authentication responses. By sending authentication responses to each client "one at a time", the SDH and Gateway can observe the OHTTP request that follows each authentication response. > > In other words, OHTTP requests are linkable (via timing) to the corresponding KeyConfig authentication requests, so these authentication requests must not be linkable to anything else. This means authentication requests from all clients on the relay must be indistinguishable, so they must all go through a single proxy. > > Martin Thomson also mentioned the question of "CONNECT" vs. "CONNECT-UDP". The key point here is that we are building a standard for interoperability between Service Description Hosts and Relays (acting as transport proxies), and they need to agree on what transport to use. Thus, our options are: > > 1. Require Relays to implement CONNECT, and require Service Description Hosts to implement HTTP/1.1 or HTTP/2. > 2. Require Relays to implement CONNECT-UDP, and require Service Description Hosts to implement HTTP/3. > 3. Require Relays to implement CONNECT and CONNECT-UDP, and let Service Description Hosts do whatever they want. > > All of these options are acceptable to me, but note that whatever choice we make is essentially permanent. If we choose Option 1, Service Description Hosts will have to support TCP forever, for compatibility with existing Relays. If we choose Option 2, the entire system can be implemented without using TCP at all. I think the right answer depends on whether you believe HTTP/3 is "the future of HTTP". > > --Ben Schwarz > -- > Ohai mailing list > Ohai@ietf.org > https://www.ietf.org/mailman/listinfo/ohai
- [Ohai] DoubleCheck and CONNECT-UDP Ben Schwartz
- Re: [Ohai] DoubleCheck and CONNECT-UDP Tommy Pauly
- Re: [Ohai] DoubleCheck and CONNECT-UDP Ben Schwartz
- Re: [Ohai] DoubleCheck and CONNECT-UDP Matthew Finkel
- Re: [Ohai] DoubleCheck and CONNECT-UDP Tommy Pauly
- Re: [Ohai] DoubleCheck and CONNECT-UDP Ben Schwartz
- Re: [Ohai] DoubleCheck and CONNECT-UDP Ben Schwartz
- Re: [Ohai] DoubleCheck and CONNECT-UDP Tommy Pauly
- Re: [Ohai] DoubleCheck and CONNECT-UDP Matthew Finkel
- Re: [Ohai] DoubleCheck and CONNECT-UDP Christopher Wood
- Re: [Ohai] DoubleCheck and CONNECT-UDP Eric Orth
- Re: [Ohai] DoubleCheck and CONNECT-UDP Christopher Wood
- Re: [Ohai] DoubleCheck and CONNECT-UDP Ben Schwartz
- Re: [Ohai] DoubleCheck and CONNECT-UDP Christopher Wood