RE: Structuring the BKK spin bit discussion

Marcus Ihlar <marcus.ihlar@ericsson.com> Tue, 30 October 2018 11:56 UTC

Return-Path: <marcus.ihlar@ericsson.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF812129385 for <quic@ietfa.amsl.com>; Tue, 30 Oct 2018 04:56:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=cMkWYp5w; dkim=pass (1024-bit key) header.d=ericsson.com header.b=aViS7LVa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bT9paD1CkVkn for <quic@ietfa.amsl.com>; Tue, 30 Oct 2018 04:56:33 -0700 (PDT)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD1C612D4EF for <quic@ietf.org>; Tue, 30 Oct 2018 04:56:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1540900588; x=1543492588; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=Bd6mYphAI/MDjdmIKBlo7Dnat9G1PQwRx5EyoesMxg8=; b=cMkWYp5wDD4VtpYxGxXU7JRTEe/q4Um/cP0I8bRqFjoOMs6fCUEVJ7PJfLXeykUE S8Wma31ALa46DH1hOd5aP4WfgZxQd/4ioaFSDqj/6F5QA9/derMPPjkI+7hN5BL4 FV2YqyHooI46lCt6Ak2Be/4aLVES08OIkeRp7UH1e0Q=;
X-AuditID: c1b4fb25-f3b359e00000414e-51-5bd846ec5170
Received: from ESESSMB504.ericsson.se (Unknown_Domain [153.88.183.122]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 2D.00.16718.CE648DB5; Tue, 30 Oct 2018 12:56:28 +0100 (CET)
Received: from ESESBMR503.ericsson.se (153.88.183.135) by ESESSMB504.ericsson.se (153.88.183.192) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Tue, 30 Oct 2018 12:55:59 +0100
Received: from ESESSMB504.ericsson.se (153.88.183.165) by ESESBMR503.ericsson.se (153.88.183.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3; Tue, 30 Oct 2018 12:55:58 +0100
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESSMB504.ericsson.se (153.88.183.165) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1466.3 via Frontend Transport; Tue, 30 Oct 2018 12:55:58 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=odYsnlxwi9T7fDEYVqXRaw4Pwm2bVmmr3rqz4zPj8S8=; b=aViS7LVaoHHO3kTrUn2NsAx1QuzkC5NOqfwVDO6ELbSVP1sCztIUl2ybtqf/J3+ekQjuJUOpVSbgIpLmD3FoCMIq29EEEYYM5d63gQ2fk/uZ6tjlQboEmPae9UAoD4nzISxK97ASJ/iEn4Akqcd0yjWiJYJqpOT4UwVHawe2jZk=
Received: from HE1PR0701MB2393.eurprd07.prod.outlook.com (10.168.128.12) by HE1PR0701MB2092.eurprd07.prod.outlook.com (10.168.35.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1294.14; Tue, 30 Oct 2018 11:55:57 +0000
Received: from HE1PR0701MB2393.eurprd07.prod.outlook.com ([fe80::1b9:990b:7c9f:1cf5]) by HE1PR0701MB2393.eurprd07.prod.outlook.com ([fe80::1b9:990b:7c9f:1cf5%5]) with mapi id 15.20.1294.018; Tue, 30 Oct 2018 11:55:57 +0000
From: Marcus Ihlar <marcus.ihlar@ericsson.com>
To: "mikkelfj@gmail.com" <mikkelfj@gmail.com>, "huitema@huitema.net" <huitema@huitema.net>, "quic@ietf.org" <quic@ietf.org>
Subject: RE: Structuring the BKK spin bit discussion
Thread-Topic: Structuring the BKK spin bit discussion
Thread-Index: AQHUb5vbxC4W7eXZzE+qDxda0MBukqU2Y+yAgAAMqQCAAF4GgIAAB/iAgABcB4CAACrLgIAATjcg
Date: Tue, 30 Oct 2018 11:55:57 +0000
Message-ID: <HE1PR0701MB23939472CAA7CC7C1CD42BB1E2CC0@HE1PR0701MB2393.eurprd07.prod.outlook.com>
References: <18A2F994-0E82-48E4-875D-93C674483D49@eggert.org> <20181029160802.GD7258@ubuntu-dmitri> <8268B90E-F109-424C-91A8-DB7BFE208F53@huitema.net> <CABkgnnU7W-_o_EGZWpJvTGRSm0KiL-hS7q_oQ6kT3LBoNKHGhw@mail.gmail.com> <5E1AB9AC-D24F-4E0D-9925-57816C5314A4@trammell.ch>, <a088c411-1acc-8b0f-fc1b-8c79ce6f1cd7@huitema.net> <DB6PR10MB1766E6B29792BB4401FF38F0ACCC0@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <DB6PR10MB1766E6B29792BB4401FF38F0ACCC0@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.176.1.83]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR0701MB2092; 6:CbTYtLWGKu+VlDkPfhc0j2Fuhx3MmePCNDUp9Rb+/oM5+tgwTtPa+y6wJly8E6G4izLtQRv2MA3qrJh5p4p31lL6UV8KYp0lxW63evM6eoWzUkJQV+Kb1Rp0Udlkp5+VQp4pTc1eVWntJKRQUlbNHHh6AQNgTWo1MYSfXVaWm9+KMs3EugqpYxGO9Ol5JIJKItooIl7EI5dbJC0FBPaWFXG/7Zo0sns7PTTvOZ9X7EyRt1PGjLLAgZKHRp4mXQ1+hx9e8geYaRIhGIwjTKAZYDF50s5Vax1Sy/26JRneTCovPtmDw36Us8LkHo2Vrbxn7lhzl7oL9wufZLPddLCpz2yRiTRixY095tmSja2lrbAVa5DJepDegYDw+hHJ1YwWtiWYijDOquaFxoM7P29zMDiDnJuZj12c4yV0OgJ9FXHGaWbkAKn6HGQGIgRdWb/Q4SxuvR7bOCJQ9fCiA1hBiA==; 5:8uKiwXP87vU/ckWWh/tMY39dwq74Fp7lh9LlhLZc9oflEvaP6CPFssjJMAmmuBQEWAOCQyCGLA52RhvG4liRCdnmbLfiCrHAGFZNlPRLgprPSR8iD5lkDVaR5QIzFjktR/Ja1ampG1GneXxalQnQElY/XGy9KVAvndJE6M0LYAo=; 7:T01ldd3kQewU/ALgUo2d2Ho/1gFkDde6d1l81osML0DjQOOImxIf/tCO0tzP44amVtxeNKiSBY4MZBVfItDv61v3BOECLmZ3VGtRH6hozQHRzTFAc3xbtFTpwpScvbx8Kz3HYUi04t0SFIOeaQK2QQ==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: dfba905a-5a61-47d6-8b54-08d63e5ea766
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:HE1PR0701MB2092;
x-ms-traffictypediagnostic: HE1PR0701MB2092:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=marcus.ihlar@ericsson.com;
x-microsoft-antispam-prvs: <HE1PR0701MB20922193E88A68E088D30CC0E2CC0@HE1PR0701MB2092.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(85827821059158)(166708455590820)(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(3231382)(944501410)(52105095)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123564045)(20161123560045)(20161123558120)(201708071742011)(7699051)(76991095); SRVR:HE1PR0701MB2092; BCL:0; PCL:0; RULEID:; SRVR:HE1PR0701MB2092;
x-forefront-prvs: 08417837C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(136003)(39860400002)(346002)(366004)(376002)(189003)(199004)(86362001)(6436002)(7696005)(44832011)(6506007)(8936002)(8676002)(26005)(81166006)(81156014)(102836004)(76176011)(186003)(446003)(68736007)(256004)(14444005)(790700001)(6116002)(486006)(476003)(66574009)(11346002)(478600001)(606006)(71190400001)(316002)(93886005)(71200400001)(14454004)(2201001)(105586002)(106356001)(966005)(2501003)(5250100002)(53546011)(97736004)(3846002)(229853002)(25786009)(66066001)(561944003)(2900100001)(33656002)(99286004)(74316002)(2906002)(9686003)(5660300001)(54896002)(39060400002)(236005)(110136005)(6306002)(55016002)(7736002)(53936002)(6246003); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB2092; H:HE1PR0701MB2393.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: t1YntEGlckaf2e8+q9ajRDocSNpvUOQtI6osxGXaorSzhAQdudabCMqcBuRN8e8Mm96uzz845v3gdXlEovp+sb/n1i4GLR3l7arwYeoqJ5km9505Qatsia+pzue+s1txjeULhwSCBoit3IE7O+P+OeTEutrAZmWxoBcaXRcVwzoLTz/pkNGbykMEGTCM6Q41J8WM0kVpjAlcGSxj6QeN1J1sucHBipCkrAHXo8R3z4oPfcf3przand/8NARcWqxBttIhh5m7Un85W1ShEg9JaUXlr3CeOoN0l64qGY5hT4j971y+PTFzmm6qJgNuMiKvhMTJoY23ZVGXqToekJjJr87LrgD+tOL9Dfl8l195xEs=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB23939472CAA7CC7C1CD42BB1E2CC0HE1PR0701MB2393_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: dfba905a-5a61-47d6-8b54-08d63e5ea766
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Oct 2018 11:55:57.4365 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2092
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA03SfyyUcRwH8H3vee7ucbnt20U+Uyy3WSJ3VJYta2UNWzT9USsiJ8+wONyD RWuotfnZiCs/VkeO0CpUfkW4qBEl+uOSH5lry7BVW52jWff4avPf6/t5f77f5/PZHoaSNQsd mXh1KqtRqxLkIgldca4903MpwBju1dez17c0p0rsW2t+RfkWVm87RgV1Vk6LgybLh+kgvd4i CKXCJH4xbEJ8OqtRHo2SxFU90AqTF4KvtNT/Fmaje/75yIYBfAjyarupfCRhZHgAwerTXpoP ZPgPgjHdWRJY3f6xC5GDXgC3ll8K+AONiykwViwKSXJXAN+GGyhy34Sgt5PjLcIKGJkuEPG2 w9dgyNIj5L3D+vGpXMNm3QdKWkc3HQZ3Sh4h3jR2hdUvTdZ+hpHiKJh470Ke11Gw8CmQtw2O gI6x+xtPIuwEs+aZjRUo7ACTJp2A7IlB3/2BIraHhfl1IfEemNI+FhM7wbiuYGNLwEYRdNS1 IBJ4wg+tdvNyCEyau0SkaQjBzED9xnCA98Ovh5E8Eb5gnTmZtCfBqH5QRFyEYPBNALEzNBXN 0cXIq3LLqMRJkLM8T/OW4u0wVGGiSV0BRm2ZiNgD6msWKWJPKF830Fvr1UjchOw5lotOjD1w UMFq4i9xXJJaoWZTW5H1P+p/vubagSaWjhsQZpDcVjrkaQyXCVXpXEaiAQFDye2k6f7WkjRG lZHJapIuatISWM6AdjG03EE6d/hZmAzHqlLZyyybzGr+pwLGxjEblSksknhLX0WkneKnW8/A CZ8bs7fPuF+3eAeaDVkn097lLL1Qmv3PO5vZMDovZvp7VsDMerM8xfS6cMm+zdYlRLm97q85 wuPm/ELj6dC00uD1ms/RBZHKFUVjYFu/2ivGbcxv7YhHz6mRr7pc8dsnu9VXW+Up+6jOlbyJ gZ0N40o5zcWpvN0pDaf6B/RP1GVDAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/4wGIAh1L3esU1MHVQxBamSkG6Ok>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Oct 2018 11:56:36 -0000

Making it more difficult to differentiate explicit opt-out from random opt-out is likely useful even if it doesn't help in the particular Netflix case.

Furthermore, just like Brian points out it is necessary to grease the bit if we want to change the bit semantics later on.

I think the proposal has low enough complexity and potential benefits to be worthwhile.



From: QUIC <quic-bounces@ietf.org>; On Behalf Of Mikkel Fahnøe Jørgensen
Sent: den 30 oktober 2018 08:01
To: Christian Huitema <huitema@huitema.net>;; quic@ietf.org
Subject: Re: Structuring the BKK spin bit discussion



In the Netflix case it just takes 16 connections by the same user, or less when multiple users originate from the sane IP range. Is it really practical (and thus worthwhile) to hide probabilistically as in Huitemas PR?



  _____

From: QUIC <quic-bounces@ietf.org<mailto:quic-bounces@ietf.org>> on behalf of Christian Huitema <huitema@huitema.net<mailto:huitema@huitema.net>>
Sent: Tuesday, October 30, 2018 5:27:47 AM
To: quic@ietf.org<mailto:quic@ietf.org>
Subject: Re: Structuring the BKK spin bit discussion



On 10/29/2018 3:58 PM, Brian Trammell (IETF) wrote:

   hi Martin, Christian, all,


      On 29 Oct 2018, at 23:29, Martin Thomson <martin.thomson@gmail.com><mailto:martin.thomson@gmail.com> wrote:

      On Tue, Oct 30, 2018 at 3:54 AM Christian Huitema <huitema@huitema.net><mailto:huitema@huitema.net> wrote:

         I think the strongest objection to the spin bit was put up by Marten during the last interim: measuring the RTT with the spin bit discloses the use of hidden path segments like VPN. This issue was not discussed during the privacy analysis.

      I had assumed that was part of the analysis and it was covered by the
      assumption that spinning could be disabled

   +1. Probabilistically disabling spinning, which seems necessary if we want some grease to help us reserve the right to change the semantics of the bit at the spin bit's location in the wire image, should ensure that endpoints that want to disable spinning for their own reasons will have a large anonymity set to hide in, even in a future with perfect implementation and deployment of the spin bit.


   I opened PR https://github.com/quicwg/base-drafts/pull/1931 to discuss this.

   -- Christian Huitema