IETF Logo Mail Archive

[quicwg/base-drafts] Guidance for port number use (#495)

Mike Bishop <notifications@github.com> Wed, 03 May 2017 15:05 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48A121273E2 for <quic-issues@ietfa.amsl.com>; Wed, 3 May 2017 08:05:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.801
X-Spam-Level:
X-Spam-Status: No, score=-4.801 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-2.8, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eRBdooeVuZwn for <quic-issues@ietfa.amsl.com>; Wed, 3 May 2017 08:05:48 -0700 (PDT)
Received: from o3.sgmail.github.com (o3.sgmail.github.com [192.254.112.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46245129AFF for <quic-issues@ietf.org>; Wed, 3 May 2017 08:03:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=BdLcLk9n1lfgViK6QOmElvGHgEs=; b=g7yA+xAQV8xvM9Us k5QeTeX1KtHS51iP9wJ+2x9KWIrc0dokgvBYk/D9W80s0VYPdLHm4A6T9KH4htZp z17T7wpP/8rW6msLfgZ7wsfFkTNu4VaQXs5iCOTgja/uut80ls3qDp9/pnRzW38G 3mHKFPCo2+Q9aZkYocfLY7e9JZY=
Received: by filter0530p1mdw1.sendgrid.net with SMTP id filter0530p1mdw1-14035-5909F135-42 2017-05-03 15:03:17.570160392 +0000 UTC
Received: from github-smtp2b-ext-cp1-prd.iad.github.net (github-smtp2b-ext-cp1-prd.iad.github.net [192.30.253.17]) by ismtpd0003p1iad1.sendgrid.net (SG) with ESMTP id ohjym5yURwm1HoGY_QkynA for <quic-issues@ietf.org>; Wed, 03 May 2017 15:03:17.524 +0000 (UTC)
Date: Wed, 03 May 2017 08:03:17 -0700
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab14d418640a357a7437c661940ee5895a7955bc0c92cf000000011521b33592a169ce0d78bf28@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/495@github.com>
Subject: [quicwg/base-drafts] Guidance for port number use (#495)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5909f1356079e_7a1b3fe4fa6a1c3c282579"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3Gcl5SXf1Uj/0y17NxgP9pAo3e1A7jXq6sOT 8+BZ3fQ62Pl1mzFn6IY3zXIeuBjkDPSkrxd/GAkuCi4R/YoaIR2WPWyVyExh46AXtJK2Dv5oRAzmYK mzi7ExIqZQZm4MXqgYVcbJ6MJpOGhGJWxjdetKFeIm58UmlUDaX6rsEPs6UTv6sR+2187sm+J36dli c=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/3MJWHKyM7KbEpfY7JtBAvINydoM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 May 2017 15:05:49 -0000

Extracting this issue from Ben's #424 so we don't block an otherwise-simple change:

There's no requirement that servers use a particular UDP port for HTTP/QUIC or any other QUIC traffic.  Using Alt-Svc, the server is able to pick and advertise any port number and a compliant client will handle it just fine.  That's already the case, and isn't part of this issue.  #424 updates the HTTP draft to highlight this, increasing the odds that implementations will test and support that case.

This issue is to track that it might actually be *desirable* from a privacy standpoint for servers to pick arbitrary port numbers and perhaps even rotate them periodically (though that requires coordination with their Alt-Svc advertisements and lifetimes, which could be challenging) in order to make it more difficult for a network observer to classify traffic (and therefore more difficult to ossify).

On the other hand, as we're wrestling with in each of these privacy/manageability debates, removing easy network visibility into the likely protocol by using arbitrary port numbers means that middleboxes will probably resort to other means of attempting to identify protocols and potentially doing it badly, which could result in even worse ossification.  (E.g. indexing into the TLS ClientHello to find the ALPN list, then panicking on a different handshake protocol.)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/495

v2.43.4 | Report a Bug | By Email | System Status