IETF Logo Mail Archive

RE: Simplify ACK frame retransmission

Mike Bishop <mbishop@evequefou.be> Wed, 06 December 2017 19:08 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E44C1126DFE for <quic@ietfa.amsl.com>; Wed, 6 Dec 2017 11:08:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.92
X-Spam-Level:
X-Spam-Status: No, score=-1.92 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id az_GGXmRGkiq for <quic@ietfa.amsl.com>; Wed, 6 Dec 2017 11:08:05 -0800 (PST)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0095.outbound.protection.outlook.com [104.47.41.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E61B8126CC4 for <quic@ietf.org>; Wed, 6 Dec 2017 11:08:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=gKgQxXaEbaPKbkG/2T4pWMX1yh7VMHrW6LNHmOMp1QY=; b=b677cJldsovrM3RvurRE3j7wA6L2N0U/JbTx+7j8hGT/rx0Ouie9JSWOGYtcFuUXkpf/+L3FkyrzKGfnGGD9wMQaMc9jPzIr4zyt2IBgcls0K0f7JiPR78NUOZqNtZGoiKqNQGuC6YMxPBMVKAlRi8W3I4RWiQHO7zH+g94siJQ=
Received: from MWHPR08MB2432.namprd08.prod.outlook.com (10.169.203.136) by MWHPR08MB2430.namprd08.prod.outlook.com (10.169.203.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.302.9; Wed, 6 Dec 2017 19:08:00 +0000
Received: from MWHPR08MB2432.namprd08.prod.outlook.com ([10.169.203.136]) by MWHPR08MB2432.namprd08.prod.outlook.com ([10.169.203.136]) with mapi id 15.20.0302.007; Wed, 6 Dec 2017 19:08:00 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, Eric Rescorla <ekr@rtfm.com>
CC: Jana Iyengar <jri@google.com>, IETF QUIC WG <quic@ietf.org>, Martin Thomson <martin.thomson@gmail.com>
Subject: RE: Simplify ACK frame retransmission
Thread-Topic: Simplify ACK frame retransmission
Thread-Index: AQHTbexvRtKA6XZomkKqMgctE68wtqM1EDmAgAAOIYCAAFHrgIAAzMcAgAAhtACAABIzAIAAPWeg
Date: Wed, 06 Dec 2017 19:08:00 +0000
Message-ID: <MWHPR08MB243251DEE1FA201CDEA0ED9EDA320@MWHPR08MB2432.namprd08.prod.outlook.com>
References: <CAN1APdfn42kQvYjzrbApgdsv2qHdUnxk0NyP2RJKaUTz3nAyQA@mail.gmail.com> <CAGD1bZbgjpZ0kxToR8PxxPtC1O1R02G-mV8PC6rCaHeU6h3N1Q@mail.gmail.com> <CAN1APdfmdi1nbuyp69SVj8yOurvmb=OOaqn5XCpK6Cb1g5XJSA@mail.gmail.com> <CABkgnnXvTO_KOKk_bmMZwy3RLjhxrCL3o7sOQOJ8=BvjE58-Jg@mail.gmail.com> <CAN1APddx1_JUWmbUaiCSuJpwBQHbr9=YHzCUUw+dY_uWXSyHww@mail.gmail.com> <CABcZeBMy3f7JUFz5n6FOhzgi6zJGeS3s84iivAKgLddAHitdSg@mail.gmail.com> <CAN1APdfty+2Qdm+W87F1yRfrTzoVvH+fmvh9g7=1MY8bA9wvGg@mail.gmail.com>
In-Reply-To: <CAN1APdfty+2Qdm+W87F1yRfrTzoVvH+fmvh9g7=1MY8bA9wvGg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [38.134.241.6]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR08MB2430; 6:4DjrJBytqXqTZnSN29zzgu24ztQE92/loeZSgnnkRRBsL4UImvemRoE5y3Wu0j3JaUCA8C1+dFk/9J1WaDaAgFB5QE5mlgSrbKRReuEli8JQBfX62J8Pr51Y9WsPs9nVpfvYesoYWfjcIKfSpoWe0zJ6fEgCsl5KMfeWPEYJ/aDtG2pW7lgQAaNWG+XoelvrcMKyiY3m5ww8X4VYMqgVNvE1dVii97oUpGkbehXAHyaWRk6HWryhOo8eObcW3N0MkIqfWX+5osjlW270WAultNj08TfV5ZLNpMKTxmZtS6EA3pm/3ggnJu0kyOQcVRGNc46L3JkXQVsdyjpiD71OHdRTuZYVqQnwuOlFCUTtiqM=; 5:5YcgYGwYf9vhGdBfcxTFdjd1o45gfaWMqU31pY7bSOA2rDpumVV5E8gZjqTeGykvz0ZgmPDJ6aI9YcxCpfM+GyTfSLSYTwyTIJAFZZifYSWSbwcyPEAK2fzKbnZDiCl71LL1wJg8q0CS2SnAy1dQRaBelcpUYEDpU/K2NEPhp9U=; 24:r5ZeiLRvF2ORR9NBCtAcmrM+4wUB6jQW8c6sTUnZF92MH4nc87VulJnXZXPP2N6YcECI5YYV4aVFBEkKLExlOb7uouc+Bj6foRHd4N4pAmU=; 7:YePEvPNCpVvxcrBb3xiqHyaHJMREXdlcb+8z0MJ1LN0oTmPGr3TdHfqD/wnOs+2tMAbcdBUB7Q2d7Aju1+oQUUwd3aLID1kbwKKJJTrqCmwFpISVil9HZNAs5ye/tyzfLc5IfBwhkWlE6LbbAhqBn3wJSvNEuAvhi1mE0Hj17ivAq6YJe2rVcLq0QZDMA3HFDn/5sZtja5/jC7KpjNc8bZonPzH5phLZxUkAmqAtEY7eAR+3WMsBtQB4HuBkZoUu
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 7dc9895b-0ca1-4a61-9831-08d53cdcab62
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(4603075)(4627115)(201702281549075)(2017052603286); SRVR:MWHPR08MB2430;
x-ms-traffictypediagnostic: MWHPR08MB2430:
x-microsoft-antispam-prvs: <MWHPR08MB24305FB0BE42E90438A73B09DA320@MWHPR08MB2430.namprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(211936372134217)(153496737603132)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(8121501046)(5005006)(3002001)(3231022)(920507027)(93006095)(93001095)(10201501046)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(2016111802025)(20161123555025)(20161123564025)(20161123560025)(20161123558100)(20161123562025)(6072148)(6043046)(201708071742011); SRVR:MWHPR08MB2430; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:MWHPR08MB2430;
x-forefront-prvs: 05134F8B4F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(39830400002)(376002)(346002)(199004)(189003)(3846002)(55016002)(14454004)(6506006)(7696005)(102836003)(34040400001)(93886005)(106356001)(6116002)(77096006)(99286004)(8936002)(97736004)(74316002)(7736002)(6436002)(81156014)(8676002)(81166006)(76176011)(478600001)(790700001)(74482002)(105586002)(2950100002)(5660300001)(229853002)(110136005)(2906002)(25786009)(66066001)(2900100001)(68736007)(54906003)(54896002)(316002)(86362001)(9686003)(53546010)(6306002)(4326008)(53936002)(6246003)(3660700001)(39060400002)(3480700004)(3280700002)(101416001)(33656002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR08MB2430; H:MWHPR08MB2432.namprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR08MB243251DEE1FA201CDEA0ED9EDA320MWHPR08MB2432namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 7dc9895b-0ca1-4a61-9831-08d53cdcab62
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Dec 2017 19:08:00.5817 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR08MB2430
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/Dn80mYsAgyWuAcvaG1BVrA8vlGo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Dec 2017 19:08:08 -0000

Here’s the thing:  The IETF writes specifications, but doesn’t do certifications of conformance.  If you want to deploy something that doesn’t conform to the specification, what you lose is interoperability.  If you want interop, write up a doc and publish it (independent submission, AD-sponsored, non-IETF venue, etc.), and register an appropriate IANA codepoint for your variant.  If you don’t care about interop, then you’re not going to be sued for using the names TLS 1.3 or QUIC.

From: QUIC [mailto:quic-bounces@ietf.org] On Behalf Of Mikkel Fahnøe Jørgensen
Sent: Wednesday, December 6, 2017 7:25 AM
To: Eric Rescorla <ekr@rtfm.com>
Cc: Jana Iyengar <jri@google.com>; IETF QUIC WG <quic@ietf.org>; Martin Thomson <martin.thomson@gmail.com>
Subject: Re: Simplify ACK frame retransmission

Answers inline below


That is good to hear, but I believe the TLS1.3-22 draft requires RSA PKCS1 signatures which is the heavy part (RFC8017) and the draft does not appear to make this negotiable from what I can tell.
This is just an interop requirement. I.e., if you don't do this then you will not be able to talk to the large number of servers who have RSA only keys embedded in PKCS#1 certs. It's quite possible to just support Ed25519, and you say so using the signature_algorithms extension. Obviously, if you say that, then you will have a handshake failure with anyone without a suitable key, but in a closed world that's fine. IMO it would be better to advertise the usual TLS/QUIC versions and be officially non-compliant than have a new version that differed only along this axis. I imagine we could put in some weasel words if necessary about closed environments.

That would be fine with me, it is just that MUST in TLS sec. 9.1 is a strong word, so you couldn’t really say you use TLS1.3 and hence not QUIC, unless some permission was granted towards this use case.

As to Raw vs OpenSSH I will have to study the details further. Getting rid of DER would be very nice, but it can be overcome, but there is more to it. One part is the file/blob format, another is the metadata such as domain and expiration date, and the third is the tooling around it. OpenSSH has simple tooling and it can also be re-implemented standalone with just an Ed/X25519 library and simple blob parser/printer (I can open source one if anyone is interested). The alternative is to deal with OpenSSL tools and rather convoluted CA mechanisms and possibly trust chains. But I do acknowledge that the public internet evolves around these types of certificates and that this is unlikely to change
I'm having trouble visualizing your environment here. Are you doing TOFU, in which case this is just an issue of transporting the keys, or are you actually operating some kind of CA system? In any case, it's also possible to add OpenSSH certificates to TLS (it's just a code point), but I would generally not be in favor of that unless it was really needed.

The environment is not fully fleshed out but in summary it is about server to server peer networking with multiple levels of trust and satellite access. Satellites might be non-standard low resource systems.

I do have CA in mind, but for simpler use cases TOFU (trust on first sight) pointing to an authorized_keys file is also a consideration.

I want some very trusted central piece of software to create and sign certs that other parties trust in order to establish a peer to peer server network. Shamirs Shared Secret could be part of the setup. In this case the minimum complexity needed to implement a CA is desirable and OpenSSH/Ed25519 is close to that as a model even if not using OpenSSH software directly.

In addition, external parties might want to join a sub-net or create their own compatible key management infrastructure. In this case OpenSSH tooling is much simpler to use than OpenSSL and something operators do regularly for SSH login. It is beneficial that some server software can be configured to accept such a user provided key. Notably users might feel better knowing a key is generated by a piece of software they know and trust.

The above does not require that QUIC uses OpenSSH directly, just that there is a low-cost translation.

The use of DNS based auth is not very useful when network addresses might be routed on overlay networks and/or having address that are not advertised by DNS, or when not having any meaningful address at all (e.g. content based routing). Even without SSH tooling, it is reasonably easy to implement custom tools based on the same concept when the underlying primitives are largely the same.

Some of this is not directly applicable to QUIC because it operates trust at a higher level, but such a system must still manage the keys used by QUIC connections and it is preferable that all components can agree on the basic primitives.

v2.23.0 | Report a Bug | By Email