IETF Logo Mail Archive

Re: Request for Authenticated but not Encrypted Traffic

Lucas Pardue <lucaspardue.24.7@gmail.com> Mon, 03 October 2022 18:38 UTC

Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57BDCC152567 for <quic@ietfa.amsl.com>; Mon, 3 Oct 2022 11:38:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.857
X-Spam-Level:
X-Spam-Status: No, score=-1.857 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sCnuLWiitY_N for <quic@ietfa.amsl.com>; Mon, 3 Oct 2022 11:37:56 -0700 (PDT)
Received: from mail-oa1-x2e.google.com (mail-oa1-x2e.google.com [IPv6:2001:4860:4864:20::2e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C40EC152566 for <quic@ietf.org>; Mon, 3 Oct 2022 11:37:56 -0700 (PDT)
Received: by mail-oa1-x2e.google.com with SMTP id 586e51a60fabf-1327ba38599so3278834fac.11 for <quic@ietf.org>; Mon, 03 Oct 2022 11:37:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=ScGuBGcvJ1q5M5pVes/iQMa0S0BRr3joGC2MKLwlcZ4=; b=Jy/zb1FAiFXrTyGGFPWda7ni7by7IApbjIe3L0316h7S0IpR0Um2dqs2Tv/1108WIA 7SW7OhKmUjx70viNAltXWtUzsmN0h3GS0rbMFi3Bh27PIJ+xdgo8PZvB/EkgqoxZTVzW dPZx74n9qcgLpte7kr46UGs7wunGIx77mVdbavBKMwZXCFKGDpV3kw2qdekRMA4AmJ1Q FrXqKInWYmG7E/F+GhjipZa+6sRJsg9yQU98UMXw1a41u3Vj32pLghsTb8Txk8oaiVBj LVu6Rl5FvsLhcx4eQkSRR6f85xjHEPcWWWpwSgKOcWYP2JcXgMC308anoKhtwe9BBOiI B37A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=ScGuBGcvJ1q5M5pVes/iQMa0S0BRr3joGC2MKLwlcZ4=; b=DwP5Grx7zpgBYok+WEVc0OgTCxprViWs8ehVxykrXf9vHwBvmvLTj4KMaywdQnGfhq ByPNp5E21CYitc8QDfbaPWUiTx2brYKBHivu3XM+WjAIvQvKJbswe9Fe1261D2RHXVUs Nu5NxNQT04N2Fv9LAcjrBlVt81H2LXs3x2wpqmAmB7VwvSfHzDQiOUhP2IBvooQtVp0Z 3dUAZYSRZpaqDdlZaTuz2UT+widAxtJJBb7KAbTxnMqOz30rAihgL2Mqs0AsScnD9FJK NhImeRF3nuFuV0MPp41YaU8Ms1dx7tQqAqSIfx3O/doa5eTnKXEwUAMwHREZ0l6AEOsK Oggw==
X-Gm-Message-State: ACrzQf0CpKQm6vk6JakaNnZwf7ekJj/Rj5eD+4GW1ZhYWT3IYx4dgn1B PrKZujGBExSiXoS0F0357wDEaEtjgkYp0jbCbLVX0mfe
X-Google-Smtp-Source: AMsMyM7+zV3/dfjFPqdGq3qm2975XqbFuR5wHMK6u8yGpyU8nYrClOGCMdpW6F2B5ScdXzyEmwQkzOYWZxSJQ57nYLs=
X-Received: by 2002:a05:6871:60a:b0:132:4e9f:d5fc with SMTP id w10-20020a056871060a00b001324e9fd5fcmr4350025oan.150.1664822275808; Mon, 03 Oct 2022 11:37:55 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+Lwgo5i=FD9sMcp+o_N-e5MprDDCDobzjh-FpwGKhiH99iQ@mail.gmail.com> <3C9CC208-E4E1-4F9F-B10A-6ACF485A0CEF@huitema.net> <CAMm+LwhVM+7Db6ZPLuE5A5VLYqocvZWr=hfKcN=HgYhrdLrgTQ@mail.gmail.com> <dbf9c81b-38f5-2767-1a1b-3309077764aa@huitema.net> <CAC8QAcdfiHvir=jbzegVAi1vqYHiucX4w4J=+vOaiDm14sjDOA@mail.gmail.com> <CALGR9oa_gGx=kdgFcoG+7MXW4km8vs60_sUW=6on82AfPsnAqw@mail.gmail.com> <CAMm+LwhbLZ44+9ZwDRuOFfkR=i5e1QG01FQe-TZdo_KQKdwkdA@mail.gmail.com>
In-Reply-To: <CAMm+LwhbLZ44+9ZwDRuOFfkR=i5e1QG01FQe-TZdo_KQKdwkdA@mail.gmail.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Mon, 03 Oct 2022 19:37:42 +0100
Message-ID: <CALGR9oZxmfZJSi16ima7a=bufV_HC2kEsf=YDBOuBFTRA+YPWA@mail.gmail.com>
Subject: Re: Request for Authenticated but not Encrypted Traffic
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005d237c05ea25a4bd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/IYP3q8yC-swYyTsQVIhgnhrZMBY>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2022 18:38:00 -0000

Hi Phillip,

On Mon, 3 Oct 2022, 19:13 Phillip Hallam-Baker, <phill@hallambaker.com>
wrote:

> I think we have to actually build a prototype of a transactional-first
> transport, then build some applications over it and only then look to see
> whether/how we might re-use QUIC.
>
> That is how I originally worked on HTTP, I build applications using HTTP
> as a transport, one of which was the first Webmail service, those allowed
> me to discover the need for content length and start working on connection
> keepalive and framing.
>
> And we need to build any such system around the capabilities of modern
> programming languages which support threads and asynchronous methods.
> Otherwise we just end up trapped in subordination type interactions and
> don't progress beyond RPC.
>
> What I am saying is, let me build something, then take a look at it and
> tell me if/how to build it using QUIC.
>

In case I was unclear, I think building something and revisitng later
sounds like a good approach. Look forward to seeing your progress

In the meantime, and tangentially, I think its important to we provide a
consistent reminder that QUIC is very unopinionted about the applications
on top. This has been the case for years. I suspect many application
protocols that already exist would straightforwardly map to QUIC. We have
RFCs that do this, many I-Ds either individual or adopted by WGs, and I'm
aware of many protocol mappings that are defined outside the IETF - either
openly documented or private.

Should future evolution of QUIC provide opportunity for alternative
(re)mappings that people think would be useful, that is entirely possible
and supported. Extension like that should probably also add a section that
extends the applicability document to aid designers and implementers.

Cheers
Lucas



>
> On Mon, Oct 3, 2022 at 1:19 PM Lucas Pardue <lucaspardue.24.7@gmail.com>
> wrote:
>
>> Hi Behcet,
>>
>>
>> On Mon, Oct 3, 2022 at 5:56 PM Behcet Sarikaya <sarikaya2012@gmail.com>
>> wrote:
>>
>>> Hi Christian,
>>>
>>> I quickly glanced through RFC 9250 which defines DoQ and references ALPN
>>> in RFC 7301.
>>> Agree with Philip that DoQ does not define something that is independent
>>> of HTTP.
>>>
>>> Will it come one day, we don't know?
>>> Behcet
>>>
>>
>> DoQ is an application mapping over QUIC. ALPN is an extension to TLS. DoQ
>> might use a transactional model that maps to bidirectional streams but that
>> is the full extent of similarities to HTTP; there is no normative
>> dependency.
>>
>> RFC 9000 was written carefully to describe the interface that
>> application-data-bearing streams can provide to applications. This is not
>> related to HTTP, QUIC is independent of HTTP. Indeed, QUIC on its own means
>> pretty much nothing. It needs an application mapping protocol. The
>> recently-published applicability draft, RFC 9308 [1], is specifically
>> written to aid designers or implementers of such mappings. Randy might find
>> RFC 9308 informative if wishing to pursue QUIC as a transport substrate for
>> the OT application layer traffic.
>>
>> Cheers
>> Lucas
>>
>> [1] - https://www.rfc-editor.org/rfc/rfc9308.html
>>
>>
>>
>

v2.23.0 | Report a Bug | By Email