Re: [quicwg/base-drafts] First byte changes (#2006)

Igor Lubashev <notifications@github.com> Mon, 19 November 2018 22:10 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CFB312D4E7 for <quic-issues@ietfa.amsl.com>; Mon, 19 Nov 2018 14:10:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.471
X-Spam-Level:
X-Spam-Status: No, score=-3.471 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cpu0dx5V0Mkj for <quic-issues@ietfa.amsl.com>; Mon, 19 Nov 2018 14:10:33 -0800 (PST)
Received: from o7.sgmail.github.com (o7.sgmail.github.com [167.89.101.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EAD2A1252B7 for <quic-issues@ietf.org>; Mon, 19 Nov 2018 14:10:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=MaI/iIVd86uCN3G6NFxKoXILA1A=; b=b00ti7gY145JoyCk OWx8UEipLi5QxOTEGuUohOOZ5aJ0XXGCg6PJEy+j2ASJ5XMU7MFVuqisqXoHG6o3 OnaaEdz6jTsOGJ2P5dJgZJkBPzhPkQWA4S2QZkp6Tm1juRnsbXt09cAA7MXJu/ur sufkABbs/+8XYDZKlPJBXS7l0Vw=
Received: by filter0665p1las1.sendgrid.net with SMTP id filter0665p1las1-8024-5BF334D7-12 2018-11-19 22:10:31.390996564 +0000 UTC m=+193456.298856121
Received: from github-lowworker-97d0962.cp1-iad.github.net (unknown [192.30.252.41]) by ismtpd0004p1iad2.sendgrid.net (SG) with ESMTP id wxwTXoI9TFKtPjINfl0qOg for <quic-issues@ietf.org>; Mon, 19 Nov 2018 22:10:31.187 +0000 (UTC)
Received: from github.com (localhost [127.0.0.1]) by github-lowworker-97d0962.cp1-iad.github.net (Postfix) with ESMTP id 3862180D43 for <quic-issues@ietf.org>; Mon, 19 Nov 2018 14:10:31 -0800 (PST)
Date: Mon, 19 Nov 2018 22:10:31 +0000
From: Igor Lubashev <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab2b70c63756dc559182f20b7355dd0e0844e3877092cf00000001180af6d792a169ce16b57ba1@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2006/review/176521195@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2006@github.com>
References: <quicwg/base-drafts/pull/2006@github.com>
Subject: Re: [quicwg/base-drafts] First byte changes (#2006)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf334d736ed3_7ec63ff4b1ad45b829684"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: igorlord
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3mjWbXAytSp9HbXZdd45MpSeMTMlaYLZY5v7 cDhfTS3RhqveJm7zCxkeZ+jaeHLCiQuvxWsSr2rJFKlhTYfyd80LwGL3jUU+iurGQpAC3yP/hYsGfE 2A+PkyhWge8z7rmABssbbQPHtPBwQtYF1XS4v9M7ICiJigCzJZzW2dZt0eNlMlhz0id8dQfudwdmNw U=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/N-KghKxvjQWpWfIMwqE_iMo5uf8>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Nov 2018 22:10:36 -0000

igorlord commented on this pull request.



>  
-: The fourth bit (0x10) of byte 0 is set to 1.
+: The next two bits (those with a mask of 0x18) of byte 0 are reserved.  These
+  bits are protected using header protection (see Section 5.4 of
+  {{QUIC-TLS}}).  The value included prior to protection MUST be set to 0.  An

@marten-seemann, as you said, it is impossible to prevent one party from disclosing anything about the connection to any third party. No shenanigans can make a dent in the amount or quality of info disclosed by a determined party. However, this setup can make it harder to troubleshoot network operations (if that involves unilaterally setting these bits for experimentation).

@martinthomson, yes, and the original comment was looking for a clarification of the threat that we are "protecting those bits the best way we know how".  Is it protecting the bits from an endpoint bent on disclosing some private information to a third party?  Or is it protecting from an endpoint accidentally exposing some information while trying to run an experiment (i.e. since one cannot be sure that everyone will run safe experiments, no one is allowed to run experiments unilaterally)? Or is it protecting from a middlebox ossifying some experimental usage of these bits? Or is it protecting from something else?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2006#discussion_r234800735