IETF Logo Mail Archive

Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS

Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Fri, 27 September 2019 05:55 UTC

Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C40C1200E0 for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 22:55:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.996
X-Spam-Level:
X-Spam-Status: No, score=-1.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lOcD6p2CDmx7 for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 22:55:07 -0700 (PDT)
Received: from mail-ed1-x52e.google.com (mail-ed1-x52e.google.com [IPv6:2a00:1450:4864:20::52e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE9021200CC for <quic@ietf.org>; Thu, 26 Sep 2019 22:55:06 -0700 (PDT)
Received: by mail-ed1-x52e.google.com with SMTP id h33so1219650edh.12 for <quic@ietf.org>; Thu, 26 Sep 2019 22:55:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=fcvRO6J5JO6bmCiteir9WBC0p5Dd2Yr8PaRZk4hDyhE=; b=buAIhydLDFDwHueqU6oLq9gZpGRpUUHj7L7IBg0Vf94tFYItZnH7ixRXsqqV/ztJS/ U4/Vb1RROT6YLws9ZTXCJSTZ/j/0O8qTPKGuyV66NEWd6RiCwMtNcwvbYArAHLHTHhFj 4A5NnAS759241/BNbNJbLkOK5VKuO5GYS+Rhjg1CAEj9pOJ0xEKgcmWwsbXzNlZUQ5nx wpoApqvxHJXdVvPjld7Mlf504xLU0RNjuZOAZwstJJAsGk1h5VCfr/SukGoX+W6u0mfs 0INL7WSGGFXtklPBOumKCG4sMlidLXuGyGAAb13NnPcbLqPLqe0cabGEuU8n2CRYwZEz CV8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=fcvRO6J5JO6bmCiteir9WBC0p5Dd2Yr8PaRZk4hDyhE=; b=a4Y2E4KQy6RM/oW3BNtFsyhHBqOGyyn0KIi0EEEdd5iBJd8cOlScq+3ixD4LoXBYxl ySjc7bUCTePYOy3JOrSmGOQHHjcK6ZbVwA+NrU/FGJwn9K2q0hWeHrVtme8ETMIjX2Wf uYAfrIfHFFcVl+HZCJigqpDsDEeq6UU+HrdoBB0OOB72MCUYycwM69Y7kobkbA9Ags/Q yVpYpYRLeUDlCPMBn7tGd60W+fW3ppa8DjdEBz8phwkLmDtIvQEGYzlBeDx8kN7QLzXT Qxn5/IBVECViX7NaiOIrpWu4gfxex3o6imRlasuX06lbuP87QN78IhZEz3L0LJMYbxcr UsBQ==
X-Gm-Message-State: APjAAAUfin5MOvVm8eCyko18J89O/zB3S2k/U8i1wWNHpy8cmWJ2E+Fb M7fTEmCKGQaBQssgqUFrlRCtzzABxf9pQsLV+D0=
X-Google-Smtp-Source: APXvYqzR/8uHrmposERdoJELvBitvaID05zqf14oFQcXtM/F2BZO5z+U2EDz8OyxTNv6At4doRmgHRATwWqmfANOL0Y=
X-Received: by 2002:a50:99da:: with SMTP id n26mr2553158edb.293.1569563705474; Thu, 26 Sep 2019 22:55:05 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 26 Sep 2019 22:55:04 -0700
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <CACdeXiJhC+gOKKj49CTh7JfOPFsy0=6fG69Fy=GH=280+aGdOw@mail.gmail.com>
References: <CACdeXiLEnvmqmxSgXbvAwEo0rgm-F59RL2sk0Ugu6PNuiDkfsw@mail.gmail.com> <c22f8e1d-887e-1bef-799f-47e4f3151966@huitema.net> <CACdeXiJhC+gOKKj49CTh7JfOPFsy0=6fG69Fy=GH=280+aGdOw@mail.gmail.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Thu, 26 Sep 2019 22:55:04 -0700
Message-ID: <CAN1APdc-qTH-E+GMhvGbamYMJhfg7UYpoBWqAVEvrSy2hfzAkg@mail.gmail.com>
Subject: Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS
To: Christian Huitema <huitema@huitema.net>, Nick Harper <nharper=40google.com@dmarc.ietf.org>
Cc: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001e047205938287ab"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/Gf2u5vT_NPd7UmkF68z4xl2l23g>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 05:55:09 -0000

Not arguing against the usefulness of such a feature, and aside from
already mentioned privacy issues:

It seems to be possible to facilitate a man-in-the-middle attack on
application parameters unless the application takes counter-measures which
would complicate matters and likely introduce delays anyway.

I also wonder how this would work with 0-RTT since it cannot be assumed
that application parameters would be remembered across connenctions.


On 27 September 2019 at 06.55.02, Nick Harper (
nharper=40google.com@dmarc.ietf.org) wrote:

On Thu, Sep 26, 2019 at 7:48 PM Christian Huitema <huitema@huitema.net>
wrote:
>
> On 9/26/2019 2:51 PM, Nick Harper wrote:
>
> > I propose introducing application parameters to the QUIC handshake and
> > using this new mechanism for H3 SETTINGS instead of sending them as
> > the first thing in the control stream. Application parameters would
> > allow applications using QUIC to advertise or negotiate
> > application-specific parameters during the cryptographic and transport
> > handshake. It would guarantee that the client and server have
> > exchanged their application parameters once the handshake is complete.
> >
> > Specifically, I’m proposing a new “application_layer_parameters”
> > transport parameter, which when sent by the client is a series of ALPN
> > identifiers with an opaque blob of application parameters per
> > identifier, and when sent by the server is a single opaque blob of
> > application parameters for the application identified in the ALPN
> > extension.
>
>
> I am a tad concerned with the privacy aspects of this proposal, at least
> on the client side. Currently, the settings frame is sent encrypted in
> 0-RTT or 1-RTT packets. With your proposal, it would be sent in
> clear-text, allowing very easy fingerprinting of clients.
>
> -- Christian Huitema
>

Yes, this does provide a fingerprinting vector. Transport Parameters
also provide a fingerprinting vector with about 10 parameters that
could reasonably be used for fingerprinting, compared to the 3 we have
in H3. The nature of both of those sets of parameters is that they'd
likely fingerprint implementations but not individual clients.

In terms of the application parameters design, individual applications
can choose whether or not they want to use them in the client flight
or just the server flight. We could keep client SETTINGS in the
control stream and only put server SETTINGS in application parameters.

v2.23.0 | Report a Bug | By Email