IETF Logo Mail Archive

RE: Robert Wilton's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)

"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 08 January 2021 13:13 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D4B053A0D8A; Fri, 8 Jan 2021 05:13:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.62
X-Spam-Level:
X-Spam-Status: No, score=-9.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=lBjraLwm; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=d8z8GmmA
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ac3yMOq8lbaj; Fri, 8 Jan 2021 05:13:56 -0800 (PST)
Received: from alln-iport-7.cisco.com (alln-iport-7.cisco.com [173.37.142.94]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D6603A0D2B; Fri, 8 Jan 2021 05:13:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=7178; q=dns/txt; s=iport; t=1610111635; x=1611321235; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=7IqnmyDZvwotl5ws7kAzU+JUAb95ebn4QQCr+ZkVy50=; b=lBjraLwmt8iDQLOYBEIKCQGo99TH49RR+H3cVjAI8zC2f6h6iKpsvTnK YrW/VfSFs4EnVAfxamOWblzoKfmSO9pjCtQeILTwWC5z7rAeuvOxwGMyo AvcJb+PAcdbyATf7U6Xrvz2phTgGh/M5lkmLUdBURn3DLXsusDEBJnj0h k=;
X-IPAS-Result: A0A6AAB4V/hfmIoNJK1iGgEBAQEBAQEBAQEDAQEBARIBAQEBAgIBAQEBQIFPgVNRgVgvLgqHfQONbwOZEIJTA1QLAQEBDQEBLQIEAQGESgKBcAIlOBMCAwEBAQMCAwEBAQEFAQEBAgEGBBQBAQEBAQEBAYY2DIVzAQEBAwE6BgEBLAsBCwQCAQgOAwQBAQEeEDIdCAIEAQ0FCAyDEoJWAw4gAQOjDAKKJXSBNIMEAQEGhRMYghAJgTiCdYZEg3ImG4FBP4ERQ4FYfj6EJhqDSoIsgVgDZwYwJwkBAw0iAxEwAj4BBTEpHAYfKAYwjy5WqBkKgnaLe5AGgymKLoVfjyiUEZlAh38CBAIEBQIOAQEGgW0hgVlwFTuCaVAXAg2OIQcFDgkUgzqKWHQ3AgYKAQEDCXyKQAGBEAEB
IronPort-PHdr: 9a23:RW4r5xZudBTgXT12R4v3e/X/LSx94ef9IxIV55w7irlHbqWk+dH4MVfC4el21QWVD4Hc9P9Cl/DRq7GmX2Ecst6Ns3EHJZpLURJNycAbhBcpD8PND0rnZOXrYCo3EIUnNhdl8ni3PFITFJP4YFvf8Xm18jMUBg/4LRszIOnpScbeis2t3LW0/JveKwxDmDu6Z+Z0KxO75QXcv8Ubm81sMKE0nxDIuXBPPe9RwDBl
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.79,331,1602547200"; d="scan'208";a="624744846"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by alln-iport-7.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Jan 2021 13:13:54 +0000
Received: from XCH-RCD-002.cisco.com (xch-rcd-002.cisco.com [173.37.102.12]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id 108DDsS5010372 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 8 Jan 2021 13:13:54 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-RCD-002.cisco.com (173.37.102.12) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 8 Jan 2021 07:13:54 -0600
Received: from xhs-aln-001.cisco.com (173.37.135.118) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 8 Jan 2021 07:13:53 -0600
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Fri, 8 Jan 2021 07:13:52 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ORZq9NMEocwYIGXAZohH30MDDM2eD1b582eZsJia8NCy+c5nFA4zApaBiFBWfka2SWEOXHOYMUZFE2nUUmSKa6BvoL8BYQ6IwNonHhwK9Ow7yqqDd4GXgXBPWWUyKtHxyG23rTbLixNOL8/9faEXTY7iHqiUwJsgdXDp8DfYE4rIbNkO+6Gf1p9qKyHtqOuzAV8Ne7WZKxzLuFil1EugCpPitcSKvZfrbJFM7+RFP/tj4vT/3saOfN1C/pfwqZ8I+DwmKD0wpbpsAYFd4Prz4d//ED5SdPeaZpwyShwdp+RfhFf7nSEV2r9gekbaUEQoldnE4RgewQWEfKPzOgAxDw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D3+ydMeF9gk7/NQYOKGMWTlxGLBoexE3xyDh+wegt1I=; b=Gx0cGrSLHFK8R1jPkjIAK0lqGFD1F34aK+wV25aHQpb2xrxKa4oNdKOv0T2PjMarGv/PJZtt9XEMUoztCY7wgNV0f9KF7ySx+7ieUj04G7N96Mcy/ydaRrw4i8jjFsca5iVqV5mLti/I6C0YFHnAkWdzqMBM2vRNUDo40mnSkpN87sA5B9WAbjfa6LPA9lYO6Ve3rnysrdX/FgKNRqlDvinrGyLNVP/InQ9Fj6ZKtmpOJlKoqcVDw/HBXmkwdE0ark3ZSfo61cCY/hlEqV7Gn3W3qfOwDlmU/S2NCX7UzUForAtHcEZEndrCe3stSKvq7YtvZ5HtoSJaazT2pNBg+g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=D3+ydMeF9gk7/NQYOKGMWTlxGLBoexE3xyDh+wegt1I=; b=d8z8GmmALr8g2rioKGqLL4SO3CMJkITMHJ5IAywqvP7tFesq4jdROYHmuWTP6YyoZhDbvb0BYcUgKIsbT9hvMlzKXf3d5NFw85W3LZpODG+8ypihSU54UR9k6OV3RplX90Cym6k4ZPZaW+Qi9CyfeQNwWdDnvwFw7uPRQePRelk=
Received: from CH2PR11MB4357.namprd11.prod.outlook.com (2603:10b6:610:3d::11) by CH2PR11MB4231.namprd11.prod.outlook.com (2603:10b6:610:3e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3721.21; Fri, 8 Jan 2021 13:13:52 +0000
Received: from CH2PR11MB4357.namprd11.prod.outlook.com ([fe80::f111:17f9:1a:5368]) by CH2PR11MB4357.namprd11.prod.outlook.com ([fe80::f111:17f9:1a:5368%7]) with mapi id 15.20.3742.006; Fri, 8 Jan 2021 13:13:52 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Martin Thomson <mt@lowentropy.net>, The IESG <iesg@ietf.org>
CC: "draft-ietf-quic-transport@ietf.org" <draft-ietf-quic-transport@ietf.org>, WG Chairs <quic-chairs@ietf.org>, "quic@ietf.org" <quic@ietf.org>, Lars Eggert <lars@eggert.org>
Subject: RE: Robert Wilton's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)
Thread-Topic: Robert Wilton's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)
Thread-Index: AQHW5FN8Pt9A6LFtpkSDcVWBoOXYIqobnEsAgACvBVA=
Date: Fri, 08 Jan 2021 13:13:51 +0000
Message-ID: <CH2PR11MB4357A6ACDE251124E674E200B5AE0@CH2PR11MB4357.namprd11.prod.outlook.com>
References: <160995499362.18437.16175887825588198380@ietfa.amsl.com> <75936877-0a6f-47ee-ab8e-6735e74c4882@www.fastmail.com>
In-Reply-To: <75936877-0a6f-47ee-ab8e-6735e74c4882@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: lowentropy.net; dkim=none (message not signed) header.d=none;lowentropy.net; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [82.12.233.180]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8a830539-74ac-405d-1962-08d8b3d73e7a
x-ms-traffictypediagnostic: CH2PR11MB4231:
x-microsoft-antispam-prvs: <CH2PR11MB4231399B61DBD31A71880781B5AE0@CH2PR11MB4231.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: dooA0cofv5hrTU1avZmQObVhxqqYJcWCjsLu6jdNfYF1mGIKXnBP3wId35pakSdtWsWq1WsNPHCMzCJwpkLSGuAsBilep+aY4L0ZCABr05JfqWuF6ONG30iJHttL8MXsPwPI8Fdo0QsBzSRk14yIvDmywMpp7kHJxIZGjXcTqLkhyxgkdajUrv0wC//qrhTj8cIQenEd6HXAcRY6nPtZIcCEfXa90VHANYNuIBcCVxPaGo1m2nAQpRipfn8h9A37WrVmdTInruF73t9DWi9mTNI2Gp8H7SVo5uOoFrR5XPj5zceeGIwz7hCEMEm9otCpRmhN0C7gT7NC3J8I6ES/AKihK+JkhrGWWKSs7GLCTu18Eu3ZveL5U+OUZo5s9owATJoFQ3QWPHjJa3FwujEwtg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR11MB4357.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(136003)(366004)(376002)(346002)(396003)(39860400002)(5660300002)(76116006)(33656002)(2906002)(66556008)(64756008)(54906003)(6506007)(71200400001)(478600001)(66446008)(26005)(86362001)(53546011)(66946007)(316002)(52536014)(7696005)(55016002)(4326008)(8936002)(186003)(8676002)(110136005)(83380400001)(66476007)(9686003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: OS/OBR6xyic5En0Ijs3W0bz8mTeBxGAuIk5833xpDXmOPmAdfQVlEN+13txIjIQQYmk3i97byTV26ZSsaY+Hl33Skkk+/c7eXf2Hh66+Tks2DKQzqVZAeMV4Hh1OAJ9tApu+37jbeC7nrhnSDSPElxMd4yw6cnDXehFdn/o/26FvHOamEwUmx8fEBaOKssP9ULZWri3ENbaFaaDsE+ROTvWJ3SV/m51zfdjjN7TsPasic4rGdLlybNqJUf0qtobnZn6oPDdOF3wSLXqqrPRRwFJLA1RwAVhTRFSFHYn6wKSG/x40hi5GSM3KUldZYZ/8KztpTV/GAMPIHaarA/rerQTxdnZd97vN+xW5+n71GMhAsJH7sAZM1xGXOY1eT8NWaMtijqQYZCVJNtxGL/uy5n4+/dqzHzlykjfakSwSEhDYz2hgGOU0ZQ6aMwCn9FUur3oGkcfMVA/0Mwd/bkf+cXZzUjLs0QxKvgoYvFam47XOnmkC+2vOGE5MxGend4Ny3B2TaLRAnFyndpXQdoly6pHNiCWgdvlJx1j4DetYcOh63mXeGASUb49Yglxy8KEXzyHX803iTyFXr/DlMmbELlr/aYKPKu4HprfTgJWJWo5CK0NVheLochwRCgr1XS/yh6P3WNDk8+LRGZrpW25tFHFNkscHhivapq8Wb/BvqfPmOPGeuhz+4Y3VynWoBNYmwkhuP2ZYoznExN9RUbDoJ+69GNtJu8TBnA5bgz063SmqYIb7+ibJQANUnK/Aji1cU7vBj7dL4KmJhjG6yZqYAc0hehZHAIHn6ZuVqhVJ0+JdraGAJqc03C78rVDw9B9Pk8RZsKLb1gBJJicUnjmog8MJSVYZ902vifjy0Wn/gP9tnhIFxhT5q8427DTMAYHlEi5PTmivmqyqg/j0nnlQVjf98lH2l1cWdPlrmRxifirsnPTvF9uVqYCY0fd0RhJ3uDaHOclFLQfRIVXkcF98PuZ4f6yIPndVZLRPTHSd0v0=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR11MB4357.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8a830539-74ac-405d-1962-08d8b3d73e7a
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Jan 2021 13:13:51.9755 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 5U18PQzmCeqEKJ3xbuaV9th4qtxBxbD4AY44t63RPsdCUlfkL+3jo4LD+KU3Wt0YQoAMW1NER7LToNEJreZilA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR11MB4231
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.12, xch-rcd-002.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/6AuT7CKUBeNTaxjiOhLbi7Ag_AA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Jan 2021 13:13:58 -0000

Hi Martin,

Thanks for your comments.  Please see inline ...

> -----Original Message-----
> From: Martin Thomson <mt@lowentropy.net>
> Sent: 07 January 2021 05:04
> To: Rob Wilton (rwilton) <rwilton@cisco.com>; The IESG <iesg@ietf.org>
> Cc: draft-ietf-quic-transport@ietf.org; WG Chairs <quic-chairs@ietf.org>;
> quic@ietf.org; Lars Eggert <lars@eggert.org>
> Subject: Re: Robert Wilton's Discuss on draft-ietf-quic-transport-33:
> (with DISCUSS and COMMENT)
> 
> Responding to the DISCUSS only.
> 
> On Thu, Jan 7, 2021, at 04:43, Robert Wilton via Datatracker wrote:
> > 1) It would be helpful to clarify what the expected behaviour is for an
> > implementation that chooses not to support the spin-bit.  Does it just
> leave
> > the bit set as 0, or is it meant to follow the same behaviour as if
> spin-bit is
> > supported but disabled?
> 
> The working group did not reach consensus on what an implementation should
> do, therefore the document does not say anything specific.  Indeed, I will
> go further and say that we have pretty firm consensus on what is
> documented.
[RW] 

Okay.  I think that the document would be better if this was explicitly expressed.  I dislike deliberate ambiguities in documents because they potentially lead to issues like the IPv6 extension header processing ambiguity.

In the IESG telechat today, it was suggested that one of the reasons for the specified behaviours when spin is supported, but disabled, was to ensure that the spin-bit is suitably greased.  However, if implementations don't support the spin-bit then they may just set this to 0, and this bit wouldn't be greased.  It was suggested in the IESG discussion that this might want to be considered further.

Completely as an aside, I tried to look back at the consensus decisions on this issue in github and on the mailing list. Although it is possible to see where it had been marked that consensus had been declared, I found it very hard to see what the input/discussion was for those consensus decisions.  Note, I'm no way doubting the integrity/result of those consensus decisions, I trust the authors/chairs/ads, just pointing out that it seems to be hard to verify/confirm.  Possibly having separate labels for "rough consensus" vs "full consensus" might also be helpful.


> 
> We did get good information, based on implementation and experimental
> experience, that filtering out bad values was easy, even trivial.
[RW] 

Thank you.  That is good to know and partially alleviates one of my concerns, although I still don't see the benefit of injecting random values, and still seems to add additional complexity for questionable benefit.


> 
> > 2) This may not be discuss worthy, but some of the spin bit behaviour is
> > inconsistently defined between the quic transport and quic manageability
> > drafts.
> 
> As you correctly observe, the transport draft is authoritative in this
> regard.  As the manageability draft is not yet finished, I would expect
> any inconsistencies to be addressed there.
[RW] 

Okay.  You can regard this point as being resolved.


> 
> > But my two main discuss questions/comments relate to whether the spin-
> bit, as
> > specified in quic transport, achieves its goal.  I appreciate that there
> are
> > individuals who don't think that it is required at all, conversely some
> network
> > operators believe that they will lose vital information needed to help
> manage
> > their networks, and presumably we are trying to find a pragmatic
> compromise
> > between these two positions.
> 
> I would not say compromise, but rather that this is a mechanism that we
> know is acceptable to (some) endpoint implementations and know to be
> valuable to (some) network operators.  It is also optional (for both),
> relatively low cost to specify, implement, and deploy.
> 
> > 1) I find it hard to understand why a server is allowed to independently
> decide
> > whether or not to support the spin bit on a connection?  Shouldn't the
> client
> > (or administrator of the client system) that opened the connection be
> able to
> > choose whether they want the RTT to be monitorable via the spin bit?
> What is
> > the reasoning for allowing the server (or server administrator) to be
> able to
> > independently be able to decide what is best for the client?
> 
> The consensus of the working group is that active spinning must be made
> independently by either endpoint and that having an endpoint dictate the
> actions of its peer for this feature was not desirable.  Hence the design
> as documented.
> 
> > 2) In the case that the spin-bit is disabled, I don't understand the
> benefit of
> > injecting a random spin bit value in each packet rather than always
> setting it
> > to a per connection random value.  It seems that whether or not the
> randomness
> > is injected, it is expected to be feasible to extract the RTT for those
> > connections that are genuinely spinning the bit (or otherwise the spin
> bit is
> > entirely pointless), but it just seems to make it computationally harder
> to
> > extract the signal from the noise.  Perhaps the goal here is reduce the
> ability
> > for pervasive monitoring to occur, but that feels a bit like security
> through
> > obscurity.
> 
> Randomness is an option, not a requirement.  Some implementations just
> send 0 or 1 always.
> 
> As previously noted, extracting signal from noise was proven to be
> relatively easy.  This was, I believe, what convinced those who wanted to
> read the spin bit to accept the consensus position (though I can't speak
> for those people).
[RW] 

I couldn't figure out what the benefit of injecting the random value is.  In the IESG meeting it was suggested that this is done to prevent ossification and is used as a form of greasing.  I'm not convinced that a per connection value isn't sufficient for greasing purposes but that is just my instinct.  Clearly it is impossible to prove either way.

It was also suggested that another benefit of using a random per packet value is to avoid extra per connection state, but I think that you could probably avoid that extra state even if the value was per connection (e.g., just copy one of the bits from the connection id - assuming that is available).


> 
> > Some enlightenment for these questions would be appreciated.
> 
> I hope that what enlightenment I was able to share suffices.

I don't really support how the spin-bit is specified in the quic transport draft.  My concern is that if many implementations decide not to support it then over time it will make managing networks harder.  However, I cannot see any benefit in reopening a long contentious debate now, which will probably not get anywhere useful and just delay the QUIC documents.  Instead, I will change my ballot to abstain.  However, I do appreciate the effort that you, the WG, and wider community have put into this protocol.

Regards,
Rob

v2.31.3 | Report a Bug | By Email | System Status