IETF Logo Mail Archive

Add application parameters to QUIC handshake and use it for H3 SETTINGS

Nick Harper <nharper@google.com> Fri, 27 September 2019 00:52 UTC

Return-Path: <nharper@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25AB3120112 for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 17:52:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ey9WmaNcVmr3 for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 17:52:00 -0700 (PDT)
Received: from mail-ot1-x32d.google.com (mail-ot1-x32d.google.com [IPv6:2607:f8b0:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A086A1200E0 for <quic@ietf.org>; Thu, 26 Sep 2019 17:52:00 -0700 (PDT)
Received: by mail-ot1-x32d.google.com with SMTP id o44so800904ota.10 for <quic@ietf.org>; Thu, 26 Sep 2019 17:52:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=B5qLtdNfs+48gUgbnCB3ak86VGXrChg81O8/t9uFXQU=; b=bgkGT6E/DTWR3zs7I43zyLTXaZ1cfsY40m/tdINKUnlbxQ8dga8KBN0QvgBWbIrAqp M7ymKk+hnwBi81CbO1cu0qtbV/DfMRgkUQK7XNlXn435E5dkucTqRiO90GcMCZF7XGCN PxS0dygTpto1JYvWkVtxEyjBKfAwGXN2BBCjcj9EqtHtQJTciaDzjVCVD0fsELG8xt8f +1+xjgVhWgFpCiSwKfCEzBcYzo5YfrnR5ApfXmmTiEMg/DLEWcXOQsNQgmRxdbPCncxg Z70OJ0EQIO/fnRtP1NQQAFWcnSx2XAFr8CapmP9mqdEs95L6ZhCZxqEiA3VBkVqI3NA8 m8Yg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=B5qLtdNfs+48gUgbnCB3ak86VGXrChg81O8/t9uFXQU=; b=VeGve8dCtsm1izJQZ7a7rF+Ek3nY5GjyrkXhYKVaHZFpnxrzGGDpIbCgeCGSDn5nIb yaRofayyMdoSXMdfAGUDSuceeKGGuurS9j9jW3l4BcBCvBG8JosqC8tL210RJiqz8Ouj /H1kBNyeDTMobEuZzYyvZAujvOuH0gZvWCy39qejKoPQ6+DPCAi1Uv3RycF6QaMJ/P9P rXXWuprwzZvFn9EzDkjWDaNKj9JANuYDWueD/k73jWYpTmSO5wk2DQgias+fGen8/zqP BGL/i2qWjke9cV9TTJE3WQDnUopSxe7Oir8Y6yI7Y6SAOIqTGUzTzTH2FbfyjK3OCaTd +ewg==
X-Gm-Message-State: APjAAAX7CvU07OTPUs/uH3xkB1tTKGMHKtmzzwj0NiOtCfa3ckRYH2U0 BcD2bzLeJtCbh6T1Bwc69JhDGAnqueBjG0hshp3jQmbemaxmiQ==
X-Google-Smtp-Source: APXvYqzx767tu733m3BElvKkk6y7C9Kq4GQtXWwRogesC3WTW8lnGb3ZMOJ5GGpdBS3Zad6LDMGt/FaTBL5YUj0cztQ=
X-Received: by 2002:a05:6830:443:: with SMTP id d3mr1138674otc.93.1569545519363; Thu, 26 Sep 2019 17:51:59 -0700 (PDT)
MIME-Version: 1.0
From: Nick Harper <nharper@google.com>
Date: Thu, 26 Sep 2019 17:51:48 -0700
Message-ID: <CACdeXiLEnvmqmxSgXbvAwEo0rgm-F59RL2sk0Ugu6PNuiDkfsw@mail.gmail.com>
Subject: Add application parameters to QUIC handshake and use it for H3 SETTINGS
To: IETF QUIC WG <quic@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/0ibfDvI7GndUOf3eqQZXf0aEQLA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 00:52:03 -0000

I propose introducing application parameters to the QUIC handshake and
using this new mechanism for H3 SETTINGS instead of sending them as
the first thing in the control stream. Application parameters would
allow applications using QUIC to advertise or negotiate
application-specific parameters during the cryptographic and transport
handshake. It would guarantee that the client and server have
exchanged their application parameters once the handshake is complete.

Specifically, I’m proposing a new “application_layer_parameters”
transport parameter, which when sent by the client is a series of ALPN
identifiers with an opaque blob of application parameters per
identifier, and when sent by the server is a single opaque blob of
application parameters for the application identified in the ALPN
extension.

Negotiating or advertising features is something multiple applications
will need to do and is not a feature specific to H3. Whatever we do in
H3 will likely be copied by other applications using QUIC. By
providing a general mechanism in QUIC transport, we provide
applications with a consistent way of achieving this goal. QUIC has a
design pattern of collapsing multiple layers into one to save on round
trips (e.g. combining crypto and transport handshake); this fits in
with that pattern.

Using application parameters for H3 SETTINGS clears up some issues. H3
doesn’t need to specify that an endpoint shouldn’t wait for its peer’s
SETTINGS since they’ve already arrived. Likewise, there is no
confusion about whether SETTINGS arriving after session tickets are
bound to the session tickets; SETTINGS arrives before the tickets and
the client doesn’t need to wait for the receipt of SETTINGS to bind
them to the ticket. It also simplifies the server binding SETTINGS to
the ticket since that is done as part of binding transport parameters
to the ticket.

This also provides opportunities for future features. Since the
exchange of SETTINGS occurs before application data, a new feature
doesn’t need to be specified in a way to provide an upgrade path from
“vanilla” H3 to something including this feature, and instead be
guaranteed that the new feature can be used for the entire connection.

Without application parameters, each application that needs to
advertise or negotiate application settings needs its own mechanism to
do so. This would result in multiple transport parameters or
extensions leading to duplication of work and layering violations.
Applications could instead exchange these settings in application
data, meaning that each application needs to define the semantics of
application data received before and after the settings have been
exchanged, as H3 currently does.

There is already a demonstrated need for an application parameters
mechanism in the QUIC handshake. One example is
https://tools.ietf.org/html/draft-vvv-webtransport-quic-00 which is
currently using a “web_accepted_origins” transport parameter but could
easily use an application parameters mechanism instead.

I see two downsides to this proposal. The first is that the client’s
application parameters are sent in the clear. Application designers
will need to make a decision of how much they want to use this
functionality (they could limit what is sent by the client or only use
application parameters in the server direction). For H3, there are
only three SETTINGS, QPACK_MAX_TABLE_CAPACITY, QPACK_BLOCKED_STREAMS,
and MAX_HEADER_LIST_SIZE, which do not reveal any information about
the user or the server they are connecting to and are likely constant
per H3 implementation.

The other downside is that if too much data is put in application
parameters, it could cause the number of packets for a client or
server’s flight to go from N to N+1, which would increase the chance
of head of line blocking.

Related issues:
https://github.com/quicwg/base-drafts/issues/2790: Binding settings
into session tickets
https://github.com/quicwg/base-drafts/issues/2945: When to send the
SETTINGS frame
https://github.com/quicwg/base-drafts/issues/2783: Consider making
SETTINGS part of the control stream header
https://github.com/quicwg/base-drafts/issues/436: Move SETTINGS into
TLS Handshake

v2.23.0 | Report a Bug | By Email