Re: Fast Address Validation - about
Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Fri, 01 November 2019 13:37 UTC
Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 129F31200CE; Fri, 1 Nov 2019 06:37:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iWRDw7eqo4rY; Fri, 1 Nov 2019 06:37:41 -0700 (PDT)
Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E751D12013A; Fri, 1 Nov 2019 06:37:40 -0700 (PDT)
Received: by mail-ed1-x52d.google.com with SMTP id c4so7595716edl.0; Fri, 01 Nov 2019 06:37:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=4EaX3E55xRknAeOQ3rPvfS3DYTCimLwxFUiqhoKYzPc=; b=U3YMpYQKbxIPHtLUr9+x9YHdKaiJ5vLQLonUQuI8x2HKs8MDzn0yP3jL+uCj5k3Y20 kBo1GXB5tgphX6SmyGBbYR2rZJmk01TO3joTN4z2fj+unhuDfFMRBXqXfvxa0WnqY4MV 9c1sW4AsP0VfJvRxsKVYDiUtBsLvYW++t9AkKKR0MwZ+RnN804H2N23WUH6oPaHaZ+O9 3AkAf/ju1mjsmmhH6edig6bZ2eCnAWHDYyT+Y2K+YSDTq3kUAyah8/CNhf9SF8KzT9sg nRiiSUiTm9L2ExVFU6vECZfVDOOWb06ASsptoWSafrFwJAmgqJ+aP5yIwX3WQtN8cuF9 V+dQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=4EaX3E55xRknAeOQ3rPvfS3DYTCimLwxFUiqhoKYzPc=; b=fg8smRYKwCZNa8lDqxhcybLoQh9OXsYyuE6oSQPij7X4bAqesHNnvqg4s4igMZJug8 +VtFVmfZpJF5HDQsap2tRmAEijnWgy7o/IrnKEYXi6aD9UbQx/nrXffp6amQGsQCVch9 4IuMfcAwVqPpnWxQpJ3EdA1JjBJ9H11jEFt26qzboZZ7ANIEw60qqeIAEmtcqHn7V9/9 BEOT3fTYLxPPyGFACaiTtJ/zMRKV2ncSTxQO3T4QVIDJHc3yfrH8HijyTuYGUy+3W8gR 7sWBIcUuMHDqRN+LHSNiKIA9dAHB1P/jKa2QLzCuqAWzl3XLlLPpWTlRSjOUYYjk8Hr9 lwHg==
X-Gm-Message-State: APjAAAVPgjbvAUl88d9cFvfi3aSl0AON7T1Iqyoaxh4SJTiD7EP6hTIp 5ve8QgrqH7lHPX/ITpI3y1G33DbdW2ot2GKBvpA=
X-Google-Smtp-Source: APXvYqyAHx56PYWK05D7+7wFmBSU/sVqVfAIRWs1bUoAG3n0ik6cKL8U1QCk5AAy3crwxQH07tb5AEgmjF9gAP7CTLk=
X-Received: by 2002:a05:6402:512:: with SMTP id m18mr10945438edv.250.1572615459476; Fri, 01 Nov 2019 06:37:39 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 1 Nov 2019 06:37:38 -0700
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <7ac8ad51-c1a2-461b-bc47-021b3875eab8.anqing.aq@alibaba-inc.com>
References: <4974ed86-0fa9-435d-880f-80af637ef180.anqing.aq@alibaba-inc.com> <BN6PR2201MB1700F72F3DC8F6C3CF79902CDA600@BN6PR2201MB1700.namprd22.prod.outlook.com> <bd15f357-8e7a-42af-bf28-79f7177da385@www.fastmail.com> <f55efb80-1a95-4190-84e5-b81948a7f081.anqing.aq@alibaba-inc.com> <BN6PR2201MB17005571E88F1C68769091A3DA630@BN6PR2201MB1700.namprd22.prod.outlook.com> <69d1a917-b1f9-4142-afb0-f5c67abe7334.anqing.aq@alibaba-inc.com> <CAOYVs2r0zJzbfw5L2Mck8VEJhtyfQtHwF-db5VG45HDTF0WoOQ@mail.gmail.com> <7ac8ad51-c1a2-461b-bc47-021b3875eab8.anqing.aq@alibaba-inc.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Fri, 01 Nov 2019 06:37:38 -0700
Message-ID: <CAN1APddvVeqXeWCZbe9WrLrOyVOWM5-1Dg8x5B4UpNwP6YOGrA@mail.gmail.com>
Subject: Re: Fast Address Validation - about
To: Qing An <anqing.aq@alibaba-inc.com>, Marten Seemann <martenseemann@gmail.com>
Cc: "jri.ietf" <jri.ietf@gmail.com>, QUIC <quic-bounces@ietf.org>, quic <quic@ietf.org>, mt <mt@lowentropy.net>, "刘大鹏(鹏成)" <max.ldp@alibaba-inc.com>
Content-Type: multipart/alternative; boundary="000000000000d4995a05964911d4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/DqZLmKZS_vZor54ykrzIjRFonmA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 13:37:44 -0000
You only save a roundtrip because you do not send a Retry. If you choose not to send a Retry, the client eventually gets validated anyway because otherwise the handshake could not complete. Therefore a Retry token is not needed if you go down that path. In this case the RTT overhead with fast address validation is the same as ordinary QUIC 1-RTT handshake. On the other hand, in the case where Retry is needed, the fast address validation approach does not solve the problem which is one of 1) defer handshake processing and server state until after the address is verified, or 2) redirect the client to another server through a change in ConnectionID. On 1 November 2019 at 14.26.24, Qing An (anqing.aq@alibaba-inc.com) wrote: I believe this can save 1-RTT. As for the privacy risk, new_token frame can be delivered via handshake ------------------------------------------------------------------ From:Marten Seemann <martenseemann@gmail.com> Send Time:2019年11月1日(星期五) 20:54 To:安勍(莳逸) <anqing.aq@alibaba-inc.com> Cc:QUIC <quic-bounces@ietf.org>; quic <quic@ietf.org>; jri.ietf < jri.ietf@gmail.com>; mt <mt@lowentropy.net>; mikkelfj <mikkelfj@gmail.com>; 刘大鹏(鹏成) <max.ldp@alibaba-inc.com> Subject:Re: Fast Address Validation - about I don't see any enhanced client experience, since the handshake takes exactly the same number of round trips with your proposal as with the current version of the QUIC draft. Sending NEW_TOKEN in Initial packets provides no benefit over sending it in 1-RTT packets, but comes with worse privacy properties, since Initial packets are not encrypted and can therefore be read by on-path observers. On Fri, Nov 1, 2019 at 7:37 PM Qing An <anqing.aq@alibaba-inc.com> wrote: If so, for the first connection between client and server, server can choose to eliminate the use of Retry packet for token delivery, and rely on handshake encryption layer to prove return routability. In addition, New_Token frame is used by server, via i.e. the Initial packet, to provide the client with an address validation token that can be used to validate future connections. It can enhance the experience in client side for the first connection establishment. I submitted the draft, https://datatracker.ietf.org/doc/draft-an-fast-address-validation/ Qing ------------------------------------------------------------------ From:Mike Bishop <mbishop@evequefou.be> Send Time:2019年11月1日(星期五) 00:06 To:安勍(莳逸) <anqing.aq@alibaba-inc.com>; quic <quic@ietf.org>; jri.ietf < jri.ietf@gmail.com>; mt <mt@lowentropy.net>; mikkelfj <mikkelfj@gmail.com> Subject:RE: Fast Address Validation - about As Martin pointed out in the e-mail you replied to, if the server is willing to maintain state, any packet at the Handshake encryption layer proves return routability. There seems to be no need for a separate address validation mechanism if the server is willing to proceed with the handshake. *From:* QUIC <quic-bounces@ietf.org> *On Behalf Of* Qing An *Sent:* Thursday, October 31, 2019 8:56 AM *To:* quic <quic@ietf.org>; jri.ietf <jri.ietf@gmail.com>; mt < mt@lowentropy.net>; mikkelfj <mikkelfj@gmail.com> *Subject:* Re: Fast Address Validation - about To clarify, the proposal is not to replace the existing Retry-based validation, but to provide another option for server to do the client validation. I understand that in server side, exchanging the token at the Handshake encryption level will make the server start to maintain handshake states. But in client side, it can accelerate the connection establishment from client to server. And it is the server's decision whether to exchange token in Retry or in Handshake. If server chooses to accept the cost brought by token exchanging in Handshake, it will bring more enhanced experience in client side. BR, Qing ------------------------------------------------------------------ From:Martin Thomson <mt@lowentropy.net> Send Time:2019年10月31日(星期四) 06:07 To:quic <quic@ietf.org> Subject:Re: Fast Address Validation - about Also note that exchange of Handshake packets provides proof of return routeability via the use of the encryption keys, so there is no need to exchange tokens at that level. On Thu, Oct 31, 2019, at 03:29, Mike Bishop wrote: > > The advantage of using Retry, however, is that the server is able to > keep minimal (if any) state about the client. Exchanging the token at > the Handshake encryption level means the server is already doing work > and maintaining state in order to process the handshake, which is > exactly what the server is trying to avoid. > > > *From:* QUIC <quic-bounces@ietf.org> *On Behalf Of * Qing An > *Sent:* Wednesday, October 30, 2019 9:41 AM > *To:* quic <quic@ietf.org>; jri.ietf <jri.ietf@gmail.com>; mt > <mt@lowentropy.net> > *Cc:* 刘大鹏(鹏成) <max.ldp@alibaba-inc.com> > *Subject:* Fast Address Validation - about > > > > > Hi Martin, Jana, > > I read through https://www.ietf.org/id/draft-ietf-quic-transport-23.txt > and have a few comments and ideas to discuss. > > > [QUIC-Trans] defines a token based scheme to facilitate address > validation of a client. The token MUST be covered by integrity > protection against modification or falsification by clients. The server > remembers the value it sends to clients and validates the token sent > back from a client. In its design, Retry packet is used to deliver the > token to a client which address has not yet been validated. It voids > the first transmission of the Initial packet sent by the client, and > triggers a second Initial packet to be sent with the token. The > exchange of token will cause longer connection establishment delay for > a client. > > > To improve the efficiency of address validation during handshake, one > idea is that the same token can be exchanged via a different container > i.e. the Handshake packet, that eliminates the use of Retry packet for > token delivery. > > > I am working on the complete draft and will submit it by Friday. Before > that, hope this can be discussed in email first. > > > BR, > > Qing An >
- Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- RE: Fast Address Validation - about Mike Bishop
- Re: Fast Address Validation - about Martin Thomson
- Re: Fast Address Validation - about Qing An
- RE: Fast Address Validation - about Mike Bishop
- Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Marten Seemann
- Re: Fast Address Validation - about Töma Gavrichenkov
- Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- Re: Fast Address Validation - about Töma Gavrichenkov
- Re:Re: Fast Address Validation - about Qing An
- Re:Re: Fast Address Validation - about Qing An
- Re:Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- Re: Re: Fast Address Validation - about Töma Gavrichenkov
- Re: Fast Address Validation - about Töma Gavrichenkov
- Re: Fast Address Validation - about Jana Iyengar
- Re:Re: Fast Address Validation - about Qing An
- Re:Re:Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Christian Huitema
- Re:Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Christian Huitema
- Re:Re:Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- Re: Fast Address Validation - about Christian Huitema