IETF Logo Mail Archive

Re: Packet number encryption

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Wed, 31 January 2018 09:57 UTC

Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A409131738 for <quic@ietfa.amsl.com>; Wed, 31 Jan 2018 01:57:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CzFYL6X-a-oi for <quic@ietfa.amsl.com>; Wed, 31 Jan 2018 01:57:18 -0800 (PST)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [139.133.204.173]) by ietfa.amsl.com (Postfix) with ESMTP id 9FA7D131AE3 for <quic@ietf.org>; Wed, 31 Jan 2018 01:53:09 -0800 (PST)
Received: from Gs-MacBook-Pro.local (at-zeroshell-1.erg.abdn.ac.uk [139.133.217.68]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPA id EEA2A1B0016A; Wed, 31 Jan 2018 09:52:30 +0000 (GMT)
Message-ID: <5A7191E0.6010003@erg.abdn.ac.uk>
Date: Wed, 31 Jan 2018 09:52:32 +0000
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Reply-To: gorry@erg.abdn.ac.uk
Organization: University of Aberdeen
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>
CC: Martin Thomson <martin.thomson@gmail.com>, Brian Trammell <ietf@trammell.ch>, Eric Rescorla <ekr@rtfm.com>, QUIC WG <quic@ietf.org>, Christian Huitema <huitema@huitema.net>
Subject: Re: Packet number encryption
References: <CABkgnnVyo3MmWtVULiV=FJTnR528qfY8-OmKGWAs0bCvri-a_g@mail.gmail.com> <1F7FB3B8-A94C-4354-9944-FB09FB8DB68B@trammell.ch> <CABcZeBMbwdwyC9TxxHBLYaZKfNB-FG2wCGjqUZ_mNR-A1R47FA@mail.gmail.com> <9096e5ec-581e-875a-b1dd-bff0b05206fd@huitema.net> <CABkgnnWRQSAufwPss+qf=xAzCwRYeNNH8XLPm3yFaHxOb+ba4g@mail.gmail.com> <BF80500A-6277-45DC-8525-9C3FE138B76D@tik.ee.ethz.ch>
In-Reply-To: <BF80500A-6277-45DC-8525-9C3FE138B76D@tik.ee.ethz.ch>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/DENkba6b7jdbm8Trsc9z8P6_OyE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jan 2018 09:57:25 -0000

+1 - Simply: This *is* complicated and seems to add little.

Gorry

On 31/01/2018, 07:44, Mirja Kühlewind wrote:
>
>> Am 31.01.2018 um 04:08 schrieb Martin Thomson<martin.thomson@gmail.com>:
>>
>> On Wed, Jan 31, 2018 at 8:00 AM, Christian Huitema<huitema@huitema.net>  wrote:
>>>> (1) An unprivileged on-path device that sees a packet from a flow that is
>>>> migrated on purpose by an endpoint (i.e., due to connection migration or
>>>> multipath) should not be able to associate that packet to the prior flow.
>>> Yes.
>> Agreed.  This remains the primary target.  I don't think that there
>> are any negatives with this design with respect to this use case (or
>> at least I found nothing in Brian's email on this point).
> If that is the goal, I think the complexity of the proposed solution is not justified. Just select a new random offset when you migrate but increase the packet number monotonously otherwise to support manageability.
>
> I’m really concerned about complexity here. Even though this scheme is not very complex, any complexity is a potential source for future implementation errors which can also led to restrictions in what changes can be deploy with future versions. Making a protocol as simple as possible and thereby the spec as easy understandable as possible is also key for deployment. If we add complexity here without making it clear what the goal or additional benefit is of the complexity, I think that is just wrong.
>
> My 2c.
> Mirja

v2.23.0 | Report a Bug | By Email