IETF Logo Mail Archive

Re: Higher layer comments on stream 0 proposal, WG schedule, and gQUIC

Roberto Peon <fenix@fb.com> Wed, 23 May 2018 20:25 UTC

Return-Path: <prvs=8681a6c8ca=fenix@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9536512D7E6 for <quic@ietfa.amsl.com>; Wed, 23 May 2018 13:25:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.72
X-Spam-Level:
X-Spam-Status: No, score=-2.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=BcyE9W5P; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=HPHpf3UG
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1xawbMCqBdyt for <quic@ietfa.amsl.com>; Wed, 23 May 2018 13:25:49 -0700 (PDT)
Received: from mx0a-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D8CD12D77B for <quic@ietf.org>; Wed, 23 May 2018 13:25:49 -0700 (PDT)
Received: from pps.filterd (m0089730.ppops.net [127.0.0.1]) by m0089730.ppops.net (8.16.0.22/8.16.0.22) with SMTP id w4NKJJQ5029030; Wed, 23 May 2018 13:25:47 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=facebook; bh=9L6JCcCwww7jnxyTrLia2vc1m0plkTHGYrTrZbNvDyY=; b=BcyE9W5PUfBd70UsyHq58//8V3KVAOyVrs5qi6S9+5vZZIkarYi0MFtxAG4/TdGOGDAw 6bVJEZ+s//gXrrChLL2GN9DoDljnWa1DoUGz05RNH0pI1bXX/jWNz6HlRpWR9MNyorSw AypRzeEkiLJ5ZWSur/JfjO2VO6GWvg5gQ1Y=
Received: from maileast.thefacebook.com ([199.201.65.23]) by m0089730.ppops.net with ESMTP id 2j5e11885s-1 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 23 May 2018 13:25:47 -0700
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (192.168.183.28) by o365-in.thefacebook.com (192.168.177.21) with Microsoft SMTP Server (TLS) id 14.3.361.1; Wed, 23 May 2018 16:25:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9L6JCcCwww7jnxyTrLia2vc1m0plkTHGYrTrZbNvDyY=; b=HPHpf3UGu7d1Xlgd+zAhGmHzQNf5/RZ758kAo9zVye0g7hZI9lOVM+gGDkrn8SvGZ7J+fbAeB+TiaZXMSs3VEqWitgz05DCtnAE8eXZE19tZD4h4A6wkoRTS0vCuguX95+DTuSm9lmDOLREp5agjHHFVUUK1D07YDGRajjKoPrA=
Received: from BYAPR15MB2312.namprd15.prod.outlook.com (52.135.197.146) by BYAPR15MB2296.namprd15.prod.outlook.com (52.135.197.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.776.11; Wed, 23 May 2018 20:25:44 +0000
Received: from BYAPR15MB2312.namprd15.prod.outlook.com ([fe80::b434:da9b:6102:49eb]) by BYAPR15MB2312.namprd15.prod.outlook.com ([fe80::b434:da9b:6102:49eb%13]) with mapi id 15.20.0776.015; Wed, 23 May 2018 20:25:44 +0000
From: Roberto Peon <fenix@fb.com>
To: Ted Hardie <ted.ietf@gmail.com>, IETF QUIC WG <quic@ietf.org>
Subject: Re: Higher layer comments on stream 0 proposal, WG schedule, and gQUIC
Thread-Topic: Higher layer comments on stream 0 proposal, WG schedule, and gQUIC
Thread-Index: AQHT8tMjhc9MF6V1v0+36QOR0rfQvqQ9TXOA
Date: Wed, 23 May 2018 20:25:44 +0000
Message-ID: <319424C3-524D-4F0B-853A-F824DC3D9F9D@fb.com>
References: <CA+9kkMA0QnSmvbGOktngU+B-eC7CJFXLicEZfxQga6m6Z+gJLQ@mail.gmail.com>
In-Reply-To: <CA+9kkMA0QnSmvbGOktngU+B-eC7CJFXLicEZfxQga6m6Z+gJLQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.d.0.180513
x-originating-ip: [2620:10d:c090:200::5:de4e]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BYAPR15MB2296; 7:LXlPrwtt4fuRmJ7BgF8r/ddadaqr8SwKsoBhSpLl2W6QUZVCyJ6EcJS8QYyOcvpt3AypST2Q4eiED/V9Knu4ENHNeCX9Gl/j4h/SuYxc1KApgD3tKr2dRtgYpptXWlEmcajoUxJ8z9zMaQxvdxHgIq3KdiolDptgCUQdmiRsbkZhpxM7+/qFeQD2OOsnnwI+JY1VHUFUFCpuTZFkuzcwaTKjtWLI3qqlRxH93925KgBeMMQspGhGgQJPgo3WADTa; 20:K1+1/K7ZWBWvIthPJLFUXeqZ9+mTK5H7ZHO1rtWWoxvJ+OndvQaC6AxWMfAj5iuw8wZlw3/ZUiDOZgSKBJJsedT+C2He74rtwYD/c1l0r61u8gIdXxU6i8ypuuojTScQb3yHftuCC8MJGVtGsw1dB/b2GprPvl/hMXjUMMM6EQI=
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BYAPR15MB2296;
x-ms-traffictypediagnostic: BYAPR15MB2296:
x-microsoft-antispam-prvs: <BYAPR15MB22963A003139F3F06108B590CD6B0@BYAPR15MB2296.namprd15.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(192374486261705)(85827821059158)(100405760836317)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3002001)(10201501046)(3231254)(11241501184)(944501410)(52105095)(93006095)(93001095)(149027)(150027)(6041310)(20161123558120)(20161123560045)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(6072148)(201708071742011)(7699016); SRVR:BYAPR15MB2296; BCL:0; PCL:0; RULEID:; SRVR:BYAPR15MB2296;
x-forefront-prvs: 06818431B9
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(39860400002)(366004)(39380400002)(396003)(346002)(51444003)(199004)(189003)(81166006)(97736004)(76176011)(3280700002)(99286004)(5250100002)(6512007)(6306002)(54896002)(53936002)(229853002)(2906002)(68736007)(6436002)(3660700001)(8676002)(81156014)(83716003)(2616005)(8936002)(6116002)(476003)(46003)(11346002)(446003)(59450400001)(6486002)(5660300001)(6506007)(36756003)(53546011)(186003)(102836004)(106356001)(7736002)(58126008)(316002)(486006)(14454004)(33656002)(82746002)(6246003)(39060400002)(110136005)(25786009)(86362001)(478600001)(2900100001)(105586002)(561944003)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR15MB2296; H:BYAPR15MB2312.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: pvLJCU0qsiiHisNBuXRUuZWjocumLomiUoQssNcWwk4JmNN2rSc3IYAwD4ge/AKFB1VO2LOIamqwaa1WsTzCf3F79k+ni8m3m0m1sdxLNtgMJgue3/VegTfI1XQPuFGtLlRQUFe6FWX8KhYNla0qPRskCQQ/yks4OFGkmM4oyxxxb2SJYZ6sDKX/Pa+LYq4N
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_319424C3524D4F0B853AF824DC3D9F9Dfbcom_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 4205c48c-216d-41ea-be46-08d5c0eb5c4e
X-MS-Exchange-CrossTenant-Network-Message-Id: 4205c48c-216d-41ea-be46-08d5c0eb5c4e
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 May 2018 20:25:44.0211 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR15MB2296
X-OriginatorOrg: fb.com
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-05-23_07:, , signatures=0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/GGFmeSSETwo5zDKXuc8pD5wgs-k>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2018 20:25:52 -0000

I’ll say again that we should start work on IETF QUICv2 now.
How/when do we charter that work? Not only do I think this is the right thing, I suspect it will speed up the work on IETF QUICv1

-=R

From: QUIC <quic-bounces@ietf.org> on behalf of Ted Hardie <ted.ietf@gmail.com>
Date: Wednesday, May 23, 2018 at 1:17 PM
To: IETF QUIC WG <quic@ietf.org>
Subject: Higher layer comments on stream 0 proposal, WG schedule, and gQUIC

The charter for the working group currently says:

This work will describe how the protocol uses TLS 1.3 for key negotiation and will also describe how those keys are used to provide confidentiality and integrity protection of both application data and QUIC headers.

It's easy to read that as saying the work should be constrained to use TLS 1..3 as provided.  If we read it that way, the design team proposal is strictly speaking out of charter, because it requires the creation of not just new APIs for TLS 1.3 but essentially a new formal analysis that the security guarantees work when there is no record layer and where the replacement has somewhat different facilities.

But the charter also says

Note that consensus is required both for changes to the current
protocol mechanisms and retention of current mechanisms. In particular,
because something is in the initial document set does not imply that
there is consensus around the feature or around how it is specified.

That argues that the community was willing to see serious change in adopting this work and that this work falls within the kind of change that was contemplated, even if happens to be across working groups.  Personally, I think that means the design should be considered.

But I have grave concerns about the implications.  My back of the envelope calculation is that this means at least one more cycle of specification and interop will be required before we get back to where we are with draft -11, and that estimate is because I'm in a hopeful mood that Sean and Eric can move the required work in TLS along.  A more practical Ted would see this as adding at minimum 6 months to the schedule.  The changes in TLS are also large enough that I expect that the deployment time to see significant penetration of the new libraries to be longer than it would be for the previous design.   Call it 9 months, with 3 months of error bar.

During that time, the penetration of gQUIC outside Google does not seem likely to slow.  If you want what QUIC has to offer now, you will take the already available code and go.  For Web usages, there are some down sides to that, and it may slow the eventual deployment of IETF QUIC.

But there are also down sides to all of the other protocols that would like to use QUIC but have been told to wait for the completion of this effort.  We're likely to see DNS over HTTPS over QUIC instead of DNS over QUIC, simply because the DOH transport docs will be done.  There are some advantages there, but also disadvantages in enmeshing the HTTP and DNS caching semantics.    There are also a number of groups who want to use QUIC as a replacement for the WebRTC data channel (and some as the substrate for media).  This additional delay will certainly cause some code to be written that will either need extensive change or will bit rot (or fork).  None of that is without costs, especially opportunity costs.

If the working group does decide to adopt this design, I believe part of the milestone adjustment must be a serious consideration of delaying the qpack and HTTP-specific work while the core transport is finished.  The good news, I think this design could end up making the document separation that requires much cleaner, as well as making how to use QUIC with other application protocols much more obvious.

My thanks again for doing the work of bringing the design forward,

Ted

v2.14.0 | Report a Bug | By Email