IETF Logo Mail Archive

Re: QUIC on streams compared to Minion (was Re: Proposal Towards Universal HTTP/3, with a polyfill of QUIC for TCP (Fwd: New Version Notification for draft-kazuho-httpbis-http3-on-streams-00.txt))

Lucas Pardue <lucaspardue.24.7@gmail.com> Sun, 18 February 2024 10:40 UTC

Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C163DC14F5FB for <quic@ietfa.amsl.com>; Sun, 18 Feb 2024 02:40:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.854
X-Spam-Level:
X-Spam-Status: No, score=-6.854 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XLtdKVQ2rVHn for <quic@ietfa.amsl.com>; Sun, 18 Feb 2024 02:40:18 -0800 (PST)
Received: from mail-ot1-x331.google.com (mail-ot1-x331.google.com [IPv6:2607:f8b0:4864:20::331]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 185EAC14F5F8 for <quic@ietf.org>; Sun, 18 Feb 2024 02:40:18 -0800 (PST)
Received: by mail-ot1-x331.google.com with SMTP id 46e09a7af769-6dc8b280155so2005718a34.0 for <quic@ietf.org>; Sun, 18 Feb 2024 02:40:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708252817; x=1708857617; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=M1cZJ5ZoBbfc57x409YbGGAEtAdAehFNOYVtVNOc2Ec=; b=JI6MtOEj5cH4hKTGiORYybvsVcLG3+wQgeZzXf3kjqDujCWmDMp2+rsS2W3hYScINP 9M2OPR4OgbzoV4zzrKBfLWt6btY817sE1pBHaoOKi87hKDt1INBFAxF3sHa/wT9Cabwu 5EYrG3GVrtX43FSNtYqJpLBJ3MkxZtVNsbU2fDB4TAIh+cn2SY2ZGsm36+bAuYD+KViF PltMmfp3T/fhKe595F3hQZ0yT59YO5ty6qEkhYCsl90mKdrAf0ygWsMI/h/A4AwLeAF0 rD27MENf6K91Ft+eDD91fWbfX5YNVBUCCf1hTl6bzpm6RHD/QJ8eI2sccBAA/V5uXWYB 5lbw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708252817; x=1708857617; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=M1cZJ5ZoBbfc57x409YbGGAEtAdAehFNOYVtVNOc2Ec=; b=mqK1hqY8ehnMK57dBllmWjqQ++6HqFCxsVHfn7YDH/CPj6R2y2R6O2q9bxO/o0tbBT TrKqhG90275XCMMtOtku4aIl9ysDOeMLVxGq9C9rZKzmJ+PCyiaYu2ZC42dgtxN9aG+G 8JipcA/E87x8KNUTNWFehSly/AUr8EZhEpmnA82ej6LzJOeme7fdXt+Hy5rfda/h/0Hl dCkjjB7UwY/+sspZigl5x4lLTj9cnc8JZW5bpKs8MLFhcXVQ49t3M5/Y1s7hjendIAsB k8fCAUcrphl36Qf+Aj8MgJRtReTejycmISu77yyK5e9qVh6n0EaO2HkPAp9Qa8N8D6he SJHQ==
X-Forwarded-Encrypted: i=1; AJvYcCVo0F0bnBqdvidt2jNc8+Zxmome1gWsjHNaD4Aneh/tFk/kG8PxP9COn9eLql0gxv9e3yItpsRlK3yLmnj9
X-Gm-Message-State: AOJu0Yx+MbOoi357F8CW/qtjc38Uwz7KZhZmN3B+vSofoK7SZAQasYlx kfKyM6w8//K54C5Or2d3gvm++IUg4f9QYUGULA0kN6M6iG9i2NSjcIPJVVFWk/Eb7oLIFRVMMdc Ad6ajRBQ1cWycBNEdxY6VblCKzCw=
X-Google-Smtp-Source: AGHT+IFoaDtf8ENmTSAeQisrTpgWAwLZFcqxmdxT+H0pboOK0BQw8suQf2oQ4AOEXfZFvLNw18qYDcdAm6m08SJCB2I=
X-Received: by 2002:a05:6870:7248:b0:21e:c176:9642 with SMTP id y8-20020a056870724800b0021ec1769642mr399339oaf.29.1708252817152; Sun, 18 Feb 2024 02:40:17 -0800 (PST)
MIME-Version: 1.0
References: <170807134367.25372.9131938145722079298@ietfa.amsl.com> <CANatvzyLJnZH9UHaSoMWbv20VhEtAzY7HqRHCSWt-O65f24uwQ@mail.gmail.com> <078A16AD-9824-41B8-935D-0E4760FF1E22@ifi.uio.no> <939e22d5-1707-4964-9f59-0dea39feebdc@app.fastmail.com> <EE697E49-3C24-4EA4-8BAD-0020EF8EAFAE@ifi.uio.no>
In-Reply-To: <EE697E49-3C24-4EA4-8BAD-0020EF8EAFAE@ifi.uio.no>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Sun, 18 Feb 2024 10:40:03 +0000
Message-ID: <CALGR9oa-bD3vxgohPzVze_wd_oDe0aeCmKDyYdPGVKYZkHO2Nw@mail.gmail.com>
Subject: Re: QUIC on streams compared to Minion (was Re: Proposal Towards Universal HTTP/3, with a polyfill of QUIC for TCP (Fwd: New Version Notification for draft-kazuho-httpbis-http3-on-streams-00.txt))
To: Michael Welzl <michawe@ifi.uio.no>
Cc: Kazuho Oku <kazuhooku@gmail.com>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000005a606f0611a59a58"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/GILCBhVGOmhuAOsNMUKp_xEt1z0>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Feb 2024 10:40:21 -0000

Hi,

On Sun, 18 Feb 2024, 10:23 Michael Welzl, <michawe@ifi.uio.no> wrote:

> Hi,
>
> Below:
>
> On Feb 17, 2024, at 5:40 PM, Lucas Pardue <lucaspardue.24.7@gmail.com>
> wrote:
>
> Hi Michael,
>
> On Sat, Feb 17, 2024, at 11:30, Michael Welzl wrote:
>
> Hi,
>
> QUIC over TCP… I hope that the people doing this are aware of the old work
> on Minion?   If not, see:
> https://datatracker.ietf.org/doc/html/draft-iyengar-minion-protocol-02
> https://datatracker.ietf.org/doc/html/draft-iyengar-minion-concept-02
>
> https://www.usenix.org/conference/nsdi12/technical-sessions/presentation/nowlan
>
> IIRC, the original Minion idea was to introduce a marker in the
> bytestream, but the later development (perhaps captured in the drafts
> above?) worked off the principle that protocols above TCP already have
> these kinds of markers anyway - i.e., it doesn’t even need a change to the
> wire protocol, it’s just a “vertical” change about how to talk to the TCP
> buffer below.
>
> Considering this, it seems almost silly to me to ignore this and map QUIC
> over TCP when streams can so nicely be implemented via TCP too, just by
> “breaking” the TCP API “contract".
>
> My apologies if this is already a part of the plan - I just wanted to
> point out this work because at this point, it’s old and might have been
> forgotten - yet it seems to fit the idea of mapping QUIC over TCP like a
> glove.
>
>
> I'm aware of minion but haven't looked at it in a long while, thanks for
> the reminder. I read over it very briefly and I intend to spend more time
> digesting.
>
> However, my intial understanding is that minion has a hard requirement on
> DTLS, is that correct?
>
>
> I don’t know, it’s long since I last read the drafts.  But, in principle,
> the whole idea is based on being able to identify boundaries within the
> byte stream - and these boundaries must somehow be communicated
> (vertically) down to the TCP engine.  So, my suspicion is that they may
> have tied this to DTLS just for the convenience because DTLS does give you
> these boundaries.
>
> So, in principle, it’s not about DTLS, it’s about handing over boundaries.
> FWIW, in TAPS, this was solved with a “framer” concept, where a sort of
> callback for defining and parsing boundaries is handed over to the system.
> How to best do this in a more general and static system with TLS in
> between, I really don’t know.
>
>
> Part of the motivation of QUIC on streams, as pointed at in the draft, is
> to address a concrete problem in HTTP/2 stream limits. There are proposals
> for how to fix HTTP/2 itself but some of that effort could be invested in
> swapping over to HTTP/3 using QUIC on streams. Whether that would be
> successful depends on the change complexity matrix.
>
> It's the authors view that many clients and servers already support HTTP/2
> over TLS and HTTP/3 (native QUIC) simultaneously, meaning the complexity of
> adding HTTP/3 over QUIC over TLS is minimized. Mostly because QUIC
> implementations would need minor tweaks only. As an implementer (not author
> hat), the requirement to use DTLS would already start to be a put off for
> me in the above scenario.
>
> Can a minion-style (RE)COBS approach could be used with TLS? If so, what
> benefits would that bring over the current proposal?
>
>
> For the first question, see above: probably not easily, but technically,
> *somehow*, yes. For the second question: it would remove HOL blocking.
>
>
> HTTP/2 is already subject to TCP Head of Line Blocking. Maybe it could be
> nice to design a replacement that can fix that using TLS too.
>
>
> True!
>
>
> However, if I understand the minion protocol design (a big if, I'm happy
> to be corrected), it only supports 4 reorderings. Furthermore, since the
> "bookends" are in the plaintext stream, it seems trivial for an on-path
> attacker to interfere with them, opening up a new suite of security issues.
>
>
> Hm… I forgot these details.
>
> Well I don’t know if it *really* fits - it was just something that seemed
> suitable to me, as it might be able to remove HOL blocking when using
> streams, but … as always, the devil is in the details.
>

Yes, these are some interesting ideas, especially in the early phase of
discussion. Thanks for bring our attention (back) to minion!

Cheers
Lucas

v2.23.0 | Report a Bug | By Email