Re: Is "Version Greasing" a new benfit or a new obstacle?
Martin Duke <martin.h.duke@gmail.com> Fri, 19 April 2019 22:49 UTC
Return-Path: <martin.h.duke@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 001BF1200D5 for <quic@ietfa.amsl.com>; Fri, 19 Apr 2019 15:49:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tFxZ58FKZI5P for <quic@ietfa.amsl.com>; Fri, 19 Apr 2019 15:49:05 -0700 (PDT)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D5411200D8 for <quic@ietf.org>; Fri, 19 Apr 2019 15:49:05 -0700 (PDT)
Received: by mail-wr1-x42e.google.com with SMTP id g3so8391013wrx.9 for <quic@ietf.org>; Fri, 19 Apr 2019 15:49:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=irF7qbQyQM2JSY0BTVl+Oh1H+BsatNTEPw2lb99K5sc=; b=VFBbC5/GfhQAFWEnm02YVVngQvV9VerMLHqwwOB5D8I2lSHu4jf27HoIOEiylfmqnU kmXV/wAJlKuE5GueH9k2HAKQifFQdv6/GLAC1SqkymDXWNr7gwx1NSB1YtpMC9FsbHrB kMSay2uaNfvZfACP6noVJM1SiNQfkrWtROqOPhrMC9pznLM+A2nVwbPdSGDTLzQVUxV6 0y6/77vYHkXZYB1iTbkflPCy8GR45TUpj4QyjOahQnMswyZlXkfx/UUR5DqjDtazXv+C cl95MZkom0vCtOsgJDjX8/74csIi++XP1O8SZ/wiU3E4RY0b+7JyBuJYzarn2MIQKp19 Hakg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=irF7qbQyQM2JSY0BTVl+Oh1H+BsatNTEPw2lb99K5sc=; b=kmjgHOlx/kRVPFc+Qbia9bTCtqYxxIpoSYU4R1lIaL01iXCFPBw+1YPJwfiwXgSo/M BiQwRJlJ7ClTpMBs7KRT09unDSbRvOUqTd0YELzMi2MpE/O4JedGQJ39GpZpOKg5W4Ug eGhxlCG5bryTDifKhsgHr2i+bZoXyVudf8fHzBKOG2+J+rLk5pwUFTSoWMI13iAPtkox bACpt50QhxzR83CfrrLRg/tZ9Edvon9tnJG3YGZCVW+irUrViSysjyDjI8GP3aYV2Q4w qXesFyz8TwEz3MyYYmzLN1qP/ozBG3+AdoFSwncStkol1mBLzS6r8aU9NJGq1unRz0yb +klw==
X-Gm-Message-State: APjAAAVkxG/nQG16Vmi9qOPbxjKSimizCUbviIisFYkBWrO60Fceeb+b fFoc1YXkglKOw/A0Ed6BEv/1EAZf0DGQvIXO4+4=
X-Google-Smtp-Source: APXvYqw6wN77A+HT9FvUk4s3pXXv5YOELWjEeMq1t/ZwIzPUIt/QBipcYchcap6MFYByTu+Pv1+Y1eiDU661H/L2iIg=
X-Received: by 2002:adf:dbce:: with SMTP id e14mr4438124wrj.249.1555714143644; Fri, 19 Apr 2019 15:49:03 -0700 (PDT)
MIME-Version: 1.0
References: <5CADADDD.7010005@erg.abdn.ac.uk> <EBF1BF30-62A5-4659-8AEC-0D5B3F2D65C6@fb.com> <BL0PR11MB3394294313F8F54A3D0CF4A3902E0@BL0PR11MB3394.namprd11.prod.outlook.com> <CAN1APdcm0hnT_Mu7D7x5QM6pApOQw1RdWCBkgY16bd5YWNtFkA@mail.gmail.com> <9084B09D-5E13-49FA-BA93-0D7276CDE420@erg.abdn.ac.uk> <CAN1APdeSF0-_N=mb1xkoe_qLwoVqP+X9_Wawi=Zu__6wdHtbOQ@mail.gmail.com> <699E2135-A3CE-4D33-91F6-D3C96E66674F@ericsson.com> <CAN1APde2SO6fkNzyznbv2-xNuXkkuC=bN3p8xRgwmRAmsZxrgA@mail.gmail.com> <EC83F879-6A46-405E-B0A1-777B7A5AF55B@trammell.ch> <CAN1APdcCAK9aaGVA2aRUaOytmpzof3LB_XVVsasKmJaK5=d2hQ@mail.gmail.com> <C09D5A73-E83A-4096-864D-456A684EE1E2@trammell.ch> <CAM4esxTt5vWnp-oAca-9AcykBoJQ5UqYiXatFobKm-nmAZ0Mdw@mail.gmail.com> <2B820FED-517F-401F-B7A4-88733892DA52@akamai.com>
In-Reply-To: <2B820FED-517F-401F-B7A4-88733892DA52@akamai.com>
From: Martin Duke <martin.h.duke@gmail.com>
Date: Fri, 19 Apr 2019 15:48:52 -0700
Message-ID: <CAM4esxQMQxPSeWGf-Uh1UHSmbC7x7DrA=+x7ThXQVev4419b_g@mail.gmail.com>
Subject: Re: Is "Version Greasing" a new benfit or a new obstacle?
To: "Salz, Rich" <rsalz@akamai.com>
Cc: "Brian Trammell (IETF)" <ietf@trammell.ch>, Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Roberto Peon <fenix@fb.com>, Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, "quic@ietf.org" <quic@ietf.org>, "Border, John" <john.border@hughes.com>
Content-Type: multipart/alternative; boundary="000000000000e76e6e0586e9ecb9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/BDnMmcuZ6fu91wJPvVRbOL3V0lY>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Apr 2019 22:49:09 -0000
Right. This is the exact use case that version greasing is supposed to avoid; i.e. a nontrivial amount of QUIC traffic greases, so middleboxes that do this kind of thing impose unacceptable performance penalties on users and don't make their way into the network. On Fri, Apr 19, 2019 at 12:59 PM Salz, Rich <rsalz@akamai.com> wrote: > *>*Can Brian (or anyone else) comment on what the threat model was that > caused middleboxes to drop TLS 1.3 when it used the actual version field? > > > > “safety” > > > > Less flippantly, they didn’t understand the new version so they could not > be sure it was okay to pass through, they didn’t know how to do content > inspection, TLS offload, etc. > > >
- Is "Version Greasing" a new benfit or a new obsta… G Fairhurst
- Re: Is "Version Greasing" a new benfit or a new o… Roberto Peon
- RE: Is "Version Greasing" a new benfit or a new o… Border, John
- RE: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- RE: Is "Version Greasing" a new benfit or a new o… Border, John
- Re: Is "Version Greasing" a new benfit or a new o… Gorry (erg)
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Martin Thomson
- Re: Is "Version Greasing" a new benfit or a new o… Mirja Kuehlewind
- Re: Is "Version Greasing" a new benfit or a new o… Mirja Kuehlewind
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- RE: Is "Version Greasing" a new benfit or a new o… Praveen Balasubramanian
- RE: Is "Version Greasing" a new benfit or a new o… Praveen Balasubramanian
- Re: Is "Version Greasing" a new benfit or a new o… Ian Swett
- RE: Is "Version Greasing" a new benfit or a new o… Praveen Balasubramanian
- Re: Is "Version Greasing" a new benfit or a new o… Christian Huitema
- Re: Is "Version Greasing" a new benfit or a new o… Roberto Peon
- RE: Is "Version Greasing" a new benfit or a new o… Praveen Balasubramanian
- RE: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Roberto Peon
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Dmitri Tikhonov
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… G Fairhurst
- Re: Is "Version Greasing" a new benfit or a new o… Brian Trammell (IETF)
- Re: Is "Version Greasing" a new benfit or a new o… Brian Trammell (IETF)
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Brian Trammell (IETF)
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Ted Hardie
- RE: Is "Version Greasing" a new benfit or a new o… Praveen Balasubramanian
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- Re: Is "Version Greasing" a new benfit or a new o… Mikkel Fahnøe Jørgensen
- RE: Is "Version Greasing" a new benfit or a new o… Deval, Manasi
- Re: Is "Version Greasing" a new benfit or a new o… Martin Duke
- Re: Is "Version Greasing" a new benfit or a new o… Salz, Rich
- Re: Is "Version Greasing" a new benfit or a new o… Martin Duke
- Re: Is "Version Greasing" a new benfit or a new o… Gorry Fairhurst
- Re: Is "Version Greasing" a new benfit or a new o… Watson Ladd