IETF Logo Mail Archive

Re: [quicwg/base-drafts] Compatible version upgrade (#1901)

David Schinazi <notifications@github.com> Thu, 01 November 2018 03:29 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54D1A130DF5 for <quic-issues@ietfa.amsl.com>; Wed, 31 Oct 2018 20:29:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tIRqle6J98qF for <quic-issues@ietfa.amsl.com>; Wed, 31 Oct 2018 20:29:26 -0700 (PDT)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B168F130DE1 for <quic-issues@ietf.org>; Wed, 31 Oct 2018 20:29:26 -0700 (PDT)
Date: Wed, 31 Oct 2018 20:29:25 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1541042965; bh=BEzB0NE7N8Da6Vfrd8DHMICTQb8fjC1vz7bn/m5UXbA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=KwsY2vZ1AdMSKCq4MKYPIS8J/vp0qy3BhslkvJeaLT8OSxFx28aL6apiuIw3mZbUN Ctn/XNewZIUOpZq2MWH+Wngf3BzSLm1yfj4VQRbfe+9gHjCGHpSXJcES01M6PKzY6Y WVNbNiI0hdjCBGFhGyCXSBGw223nLaMUf7RKVuOw=
From: David Schinazi <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4aba6d9292558f187f5ca3d05e1050ca748939db4b992cf0000000117f2351592a169ce1640b1a8@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1901/c434919277@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1901@github.com>
References: <quicwg/base-drafts/pull/1901@github.com>
Subject: Re: [quicwg/base-drafts] Compatible version upgrade (#1901)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bda7315d7c6d_22043f7f6c6d45b898891d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: DavidSchinazi
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/OUNh8Y514nayjg5rb0iu_TtEw3A>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Nov 2018 03:29:28 -0000

I agree with @martinduke. Making downgrade prevention more secure is important to QUICv1. However, I'm not yet convinced that "compatible version upgrade" makes sense as part of QUICv1. I think there are two use-cases for it:
1) Upgrade from QUICv1-draft to QUICv1-RFC
In this scenario we can safely assume that the relevant QUIC versions are compatible. However, we can also safely assume that the only deployments of QUIC will be HTTP. Therefore we can rely on Alt-Svc, and have no strong motivation for this mechanism.
2) Upgrade from QUICv1 to QUICv2
In this scenario we're not sure the versions will be compatible, and we also don't have a need to add this to QUICv1. If during design of QUICv2 we want this feature (and I personally believe we will), then we can add a QUICv1 extension indicating support for seamless upgrade to v2, and have browsers try v1 first.

To be clear, I really like this solution - I think it's elegant and efficient. However, it also adds complexity - do we really need it in v1?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1901#issuecomment-434919277

v2.23.0 | Report a Bug | By Email