IETF Logo Mail Archive

Re: Expected Client Response to SERVER_BUSY

Roberto Peon <fenix@fb.com> Wed, 20 February 2019 20:49 UTC

Return-Path: <prvs=79544d0ce0=fenix@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9091A130E91 for <quic@ietfa.amsl.com>; Wed, 20 Feb 2019 12:49:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.703
X-Spam-Level:
X-Spam-Status: No, score=-2.703 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=OkIz2rWj; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=A0eeNkV4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fMAhrvEc01DI for <quic@ietfa.amsl.com>; Wed, 20 Feb 2019 12:49:16 -0800 (PST)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CFC1130E7E for <quic@ietf.org>; Wed, 20 Feb 2019 12:49:16 -0800 (PST)
Received: from pps.filterd (m0044010.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x1KKlB2A029410; Wed, 20 Feb 2019 12:49:07 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=T1p+//s4ug4TxM/Ifn2X455d30Jb9n/CoDsilpo8hjs=; b=OkIz2rWjmMglifG7zUAhVLv+PdeLQ+1Xa/qxmapqPULLh0I2h2Op8rthgykimsAFeHn2 mMEM6QbpiX2fVhKqH9v+yd3JNJac8qxqJz+xA8eDm2J8nKp6CwfmSBV57P4eUWMeJvkk AmJsnSearaZSCPBBpqZieAKx/Dz5+Iiy5Qo=
Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2qse1u81hy-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 20 Feb 2019 12:49:07 -0800
Received: from prn-mbx03.TheFacebook.com (2620:10d:c081:6::17) by prn-hub01.TheFacebook.com (2620:10d:c081:35::125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Wed, 20 Feb 2019 12:47:58 -0800
Received: from prn-hub01.TheFacebook.com (2620:10d:c081:35::125) by prn-mbx03.TheFacebook.com (2620:10d:c081:6::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Wed, 20 Feb 2019 12:47:58 -0800
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Wed, 20 Feb 2019 12:47:58 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=T1p+//s4ug4TxM/Ifn2X455d30Jb9n/CoDsilpo8hjs=; b=A0eeNkV4QcoqYPk9PNxmhS+m1rJv/ilJDs4+fKB4oVTN8Pm7dq/uccSEZGdF/KoBm1vaYNKb/XZPn8HrZsGIEwA8Lmpm93XzKrbe8aGTV9iqY9P9n9tSpb5hGqNFALA67+iZ3vPdMEK6PxVfZOw6vw4S5APAiNhbzAwvzVp0Z0c=
Received: from BYAPR15MB2312.namprd15.prod.outlook.com (52.135.197.146) by BYAPR15MB3478.namprd15.prod.outlook.com (20.179.60.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1622.20; Wed, 20 Feb 2019 20:47:57 +0000
Received: from BYAPR15MB2312.namprd15.prod.outlook.com ([fe80::2403:324c:ac17:7084]) by BYAPR15MB2312.namprd15.prod.outlook.com ([fe80::2403:324c:ac17:7084%5]) with mapi id 15.20.1622.018; Wed, 20 Feb 2019 20:47:57 +0000
From: Roberto Peon <fenix@fb.com>
To: Töma Gavrichenkov <ximaera@gmail.com>, Christian Huitema <huitema@huitema.net>
CC: Nick Banks <nibanks@microsoft.com>, "Brian Trammell (IETF)" <ietf@trammell.ch>, Ian Swett <ianswett@google.com>, IETF QUIC WG <quic@ietf.org>, Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>
Subject: Re: Expected Client Response to SERVER_BUSY
Thread-Topic: Expected Client Response to SERVER_BUSY
Thread-Index: AdTInrfRZAbJSsLZSlWCCrlUkiWX7AAgkIeAAACdzgAAAbynAAAAN6coAACOYoAAAIKXwAAAszQAAAatwwAAAd27AP//i/wA
Date: Wed, 20 Feb 2019 20:47:57 +0000
Message-ID: <CC1D0429-A09E-4844-90B9-2C053FE583E8@fb.com>
References: <CY4PR21MB0854341128C64E450E7C2DA2B37C0@CY4PR21MB0854.namprd21.prod.outlook.com> <CAKcm_gPmQiMhzfXnkEB4u+X+84bCbL8FE3Lj3ZdPPQBBu+4uPg@mail.gmail.com> <1AF7E952-4542-4C40-8652-BFFBFA61784A@trammell.ch> <CAKcm_gN11=DcV2v-JrX+Ym88D7P1Ey3rDvYomTf1seemsWDSwA@mail.gmail.com> <CY4PR21MB0854D8F7383CDF72EEDAE9FBB37D0@CY4PR21MB0854.namprd21.prod.outlook.com> <CALZ3u+Zmau+167msd9+OGcU+V00+__yLK83ByNEqvWhm7yFORg@mail.gmail.com> <CY4PR21MB0854E1E9AAF564CD8B12305CB37D0@CY4PR21MB0854.namprd21.prod.outlook.com> <CALZ3u+b_NqyrSAkqiuXnnVVL+T0XiExPDUP5JyuzvZVaXqHtCA@mail.gmail.com> <a861dc7b-c1a4-fa72-649a-4f98050aa6f5@huitema.net> <CALZ3u+YxHeVuF-27pjO6gGZ__RT7Y9cAx0vE+x-n8vJbWM+L6g@mail.gmail.com>
In-Reply-To: <CALZ3u+YxHeVuF-27pjO6gGZ__RT7Y9cAx0vE+x-n8vJbWM+L6g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.15.0.190117
x-originating-ip: [2620:10d:c090:200::6:a040]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c2a0e146-2649-4c16-ed66-08d69774b1a0
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BYAPR15MB3478;
x-ms-traffictypediagnostic: BYAPR15MB3478:
x-microsoft-exchange-diagnostics: 1; BYAPR15MB3478; 20:/IoGvTMfBItzXPFipv6hyNqDUvgkCf0o/NalTDT9uRUscGpjIJMcZDQsyP+MibDpMZiLbxEHbBAI8Jw4npTNyIYKPprvynAwmYiiwmRwBBj7HMJg9FPWNc2YQNRpRwwtN28128k7PBtJ6DW9ZxDfnRKgS0IpRQ7rREKlk2OTSAQ=
x-microsoft-antispam-prvs: <BYAPR15MB3478CF916F259F9AAA01BFF5CD7D0@BYAPR15MB3478.namprd15.prod.outlook.com>
x-forefront-prvs: 0954EE4910
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(346002)(366004)(136003)(396003)(39860400002)(199004)(189003)(53824002)(93886005)(83716004)(58126008)(71200400001)(54906003)(256004)(76176011)(5660300002)(14444005)(71190400001)(105586002)(4326008)(25786009)(476003)(106356001)(8676002)(305945005)(6246003)(53936002)(7736002)(66574012)(2616005)(110136005)(316002)(486006)(446003)(11346002)(86362001)(6116002)(81156014)(6436002)(46003)(68736007)(229853002)(6512007)(102836004)(2906002)(6486002)(97736004)(36756003)(82746002)(81166006)(53546011)(6506007)(186003)(478600001)(99286004)(14454004)(33656002)(8936002); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR15MB3478; H:BYAPR15MB2312.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7ETkW4B7Bz4pjiblBmI7wxQsGd0NEoGjl2mJSdAXDOVvNei1Onzhf6DVjks1NAs6Q6Bl2CDL92YhwwOIF6XQuPiFWuvIoxBDJDV1vNb2wqVSpUJeARJXs+l/3Z6SK8Nv5Ve7e8FjcqDxLgICnGtOYKRSErD/uwUymNXj35w0neCnveAUrWvr3BpSzfE22aR5kEqanHfwOFSVNUMNlJBVEgBLTQm3/ly8XmkHyvqckXZfp71m7af2LS2R56R4zYJUs1KQRx2OZjR5st0RpTFF8R785Uv510lzH7ZJVpY0uUJwmm7ZP3SQblMcjaL3XMbt+/kBEN390sd9OYvMWr3c4gPhJ0mg698D7djQN302UVYJypBAxbjaKDxfAAE/AMP7omYJhtY3hOIneHV+QhlJ8kTO4fSnUcHZ0CQBIbdpxQE=
Content-Type: text/plain; charset="utf-8"
Content-ID: <9A6DA136ED05244285BBABB99A07576F@namprd15.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c2a0e146-2649-4c16-ed66-08d69774b1a0
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Feb 2019 20:47:57.0577 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR15MB3478
X-OriginatorOrg: fb.com
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-02-20_16:, , signatures=0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/2Fu2FQIpEKLeffN6YNjL-b6V4tE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2019 20:49:19 -0000

I believe that the solution to this problem (what a client does when the server is being DoS'd) is inherently out-of-band, and thus not part of the QUIC protocol.

Clients should do whatever they want to do as a response to SERVER_BUSY. We can't make the malicious ones stop, and anything we do to allow non-malicious ones to respond appropriately requires pre-sharing of something, or for the connection to succeed (which is essentially establishing a context for such sharing).

Designing policy around that is probably fodder for another discussion (that I hope we get together and have in the context of the HTTP wg).

-=R

On 2/20/19, 11:44 AM, "QUIC on behalf of Töma Gavrichenkov" <quic-bounces@ietf.org on behalf of ximaera@gmail.com> wrote:

    On Wed, Feb 20, 2019 at 10:49 AM Christian Huitema <huitema@huitema.net> wrote:
    > the proposition here allows a middle-box or a man-on-the-side to send an
    > unencrypted signal and have the client immediately immediately drop the
    > connection. That does not feel right.
    
    A man-on-the-side (don't even mentioning a box-in-the-middle) could
    *always* make a client drop a connection, e.g., by sending a large
    amount of junk packets towards the client that the client would be
    unable to correctly handle. It's just a matter of how much harm does
    that box need to do to the network.
    
    Any opposite approach I can think of requires to put the private key
    of the server on a DDoS handling machine or to deploy it onto a DDoS
    mitigation cloud, which not only increases exposure of the users' data
    but is also explicitly forbidden in certain countries for companies
    from certain industries. It's already only narrowly possible to avoid
    doing so with QUIC (and that already requires either a collaboration
    between the QUIC library supplier and the DDoS mitigation vendor —
    which in turn leads to vendor lock — or a reverse engineering-based
    design), so until we have a v2 which is (hopefully) more LB and
    DDoS-aware, this is the lesser of two evils.
    
    --
    Töma

v2.23.0 | Report a Bug | By Email