IETF Logo Mail Archive

Re: [quicwg/base-drafts] Compatible version upgrade (#1901)

martinduke <notifications@github.com> Mon, 29 October 2018 17:03 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D503131023 for <quic-issues@ietfa.amsl.com>; Mon, 29 Oct 2018 10:03:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.47
X-Spam-Level:
X-Spam-Status: No, score=-3.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1vjhzyVcA2FD for <quic-issues@ietfa.amsl.com>; Mon, 29 Oct 2018 10:03:36 -0700 (PDT)
Received: from o10.sgmail.github.com (o10.sgmail.github.com [167.89.101.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF215131011 for <quic-issues@ietf.org>; Mon, 29 Oct 2018 10:03:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=yvdgmOqLHAk8AJWFHP+WKow39UU=; b=cI9HOvV/W1M9de/f xzODUZ1w58y9mHkHQf5eV2OGqZbcLYDAGC12R+U8XMcuCi8lUWIlAQchxNQRLKDQ iXbAdaCToOtvUMnpQhcsrRIdV/iGM8HbeQYx/HfH0iTWEa5UvX2oCPEsidvdYemn FHRzIrTyTdb5bQY2c0Y4i5z9xLc=
Received: by filter1777p1mdw1.sendgrid.net with SMTP id filter1777p1mdw1-5249-5BD73D59-8E 2018-10-29 17:03:21.99371013 +0000 UTC m=+232615.893209551
Received: from github-lowworker-5909e27.cp1-iad.github.net (unknown [192.30.252.35]) by ismtpd0003p1iad2.sendgrid.net (SG) with ESMTP id SDGcWh_iSjWHLafY0NdYSQ for <quic-issues@ietf.org>; Mon, 29 Oct 2018 17:03:21.969 +0000 (UTC)
Received: from github.com (localhost [127.0.0.1]) by github-lowworker-5909e27.cp1-iad.github.net (Postfix) with ESMTP id F1A763E0B12 for <quic-issues@ietf.org>; Mon, 29 Oct 2018 10:03:21 -0700 (PDT)
Date: Mon, 29 Oct 2018 17:03:22 +0000
From: martinduke <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab963c4f979ccda77f407b8de42e9d18415dfaf0f292cf0000000117eeff5992a169ce1640b1a8@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1901/c433991544@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1901@github.com>
References: <quicwg/base-drafts/pull/1901@github.com>
Subject: Re: [quicwg/base-drafts] Compatible version upgrade (#1901)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bd73d59efb39_52753fb9a1ad45b817015"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak2MyKjNJE1KteuWVnenK5mIujLNF0BX0gb2Vj NhOx8VnoUNnmBfUI3YjFZHQ4P27UUyBskDuKlRueRxHYEUQSL/s6TMNCuLR4xkhumeR+oCMWsM6TtY vCAPl2lyGyIDgOuh10X0rBsHvGWpRy4sTBCshAMV9FKQyWqTgmMZPCNwhb/JUVzDIJkwTPZ3Z+OnOK c=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/dd-16XR5LZg7qIFzwwGZmcG4T6E>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2018 17:03:39 -0000

As I see it, there are two separable changes here:

1) Moving validation from client to server. The necessary change here is to move the transport parameter from EE to ClientHello. IMO this is no biggie, and addresses the server upgrade problem (i.e. clients can't distinguish between a server pool rolling upgrade and a downgrade attack).

2) Allowing seamless transition between "compatible" versions. This certainly reduces the latency penalty. However this creates a more complicated hierarchy of versions, which is difficult to understand. I also do not feel great that we have though through the implications of taking a v1 packet and acking it in v2. For instance, what if v2 requires a different set of client transport parameters?

I would suggest a separate PR to move the TPs over, which should be merged relatively quickly, and a more extended discussion on seamless upgrade.

If we separate out item (2), however, I think we should retain supported_versions in Encrypted Extensions  purely for next-connection informational purposes (and not for validation).

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1901#issuecomment-433991544

v2.23.0 | Report a Bug | By Email