IETF Logo Mail Archive

Re: [quicwg/base-drafts] Pad path validation in both directions (#4241)

Christian Huitema <notifications@github.com> Tue, 20 October 2020 19:24 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ED393A132B for <quic-issues@ietfa.amsl.com>; Tue, 20 Oct 2020 12:24:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.555
X-Spam-Level:
X-Spam-Status: No, score=-1.555 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Emxre4QsRE3B for <quic-issues@ietfa.amsl.com>; Tue, 20 Oct 2020 12:24:19 -0700 (PDT)
Received: from out-28.smtp.github.com (out-28.smtp.github.com [192.30.252.211]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EC823A1327 for <quic-issues@ietf.org>; Tue, 20 Oct 2020 12:24:19 -0700 (PDT)
Received: from github.com (hubbernetes-node-12bcab0.ash1-iad.github.net [10.56.121.41]) by smtp.github.com (Postfix) with ESMTPA id 3FE64902754 for <quic-issues@ietf.org>; Tue, 20 Oct 2020 12:24:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1603221858; bh=ZrQIOhcVmoq0HafpPtu+7pk+maoU85VwtYgP1qEUpSY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1E3nx4ZDep2Iw0sPO893Czlv6EVBpdJe+cD1hg70Bwb/6LGIPtHruH8Nq2LbjQIkd 44Kdra/uduf1gwbSpH1xMBcxvOtnVkyO67Tnm43rGr8A1CTtn03zKqUDJ9dC2sAZUJ q4/dBS5iblFbsfJtP7wWugeNxQBI0GjONw9ulMSo=
Date: Tue, 20 Oct 2020 12:24:18 -0700
From: Christian Huitema <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK2DQRMVPPYRYQW6KFN5TMNGFEVBNHHCWKQC3Q@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/4241/c713086130@github.com>
In-Reply-To: <quicwg/base-drafts/pull/4241@github.com>
References: <quicwg/base-drafts/pull/4241@github.com>
Subject: Re: [quicwg/base-drafts] Pad path validation in both directions (#4241)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f8f39623c664_4d19b4121045"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/_IK3IVFoEHb2t73rtFxEP4X6AXk>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2020 19:24:20 -0000

The proposed PR bakes the assumption that paths should be symmetric. This might be an OK restriction for V1, but I hate seeing that baked in the code. There are several scenarios in which data can be send one way on a broadcast channel (e.g., satellite or DVB), while the other way is through a slower but symmetric channel.

Supporting asymmetry requires testing each direction. The server, instead of changing the address at which it sends merely because it received data from the client on that new path, should perform its own Challenge/Response to validate the path. Since challenges have to be padded, this tests both continuity and MTU. The server learns that a path may exist by receiving packets on it; it only uses that path for sending if the path is validated.

I guess this is something we will need to revisit as part of support for multipath.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/4241#issuecomment-713086130

v2.23.0 | Report a Bug | By Email