IETF Logo Mail Archive

Need your help: different connection IDs in the same datagram

Martin Thomson <mt@lowentropy.net> Wed, 15 July 2020 07:24 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 459BF3A082C for <quic@ietfa.amsl.com>; Wed, 15 Jul 2020 00:24:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=Hcjmsq+H; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=g3+DX9/x
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pfnMWZVTG-r2 for <quic@ietfa.amsl.com>; Wed, 15 Jul 2020 00:24:17 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B92C23A0829 for <quic@ietf.org>; Wed, 15 Jul 2020 00:24:17 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 05AD35C0160 for <quic@ietf.org>; Wed, 15 Jul 2020 03:24:17 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Wed, 15 Jul 2020 03:24:17 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm2; bh=7n2Shap/eCn9Cxq+r7YR3eEqBaW1i2yKpreSANRdiq0=; b=Hcjmsq+H ck04wIaBiBz7RxD2/IioHQb7EADGlJqZGn/AGq+LuXc/TFYoaqBHN6cUFedqO7a5 WYzz00Aa8u3bV77WAq5Or30DTWCzZAxz+R0JB+Sqx3yVxx1nGOZylDOJ5idBsDVL 5FghPfy6IRkGPURdl8l3HXgZBhDV83c9X4JqSicxX52Lsl0BI5GBx3K/9FqKG+3h jk0E3Tr+yp3qDXMokuVqDt4NLJAEEob4JxpcFdbIMVApt68z8mWGaT5uwOMk+wsh fBiyLrUTmujLFyce3EB01xQ+bN24OjU8sPpdDqoLbjr0EPBxOlEMaPU95fr+Kqg8 F6Zht13m0SviJw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=7n2Shap/eCn9Cxq+r7YR3eEqBaW1i 2yKpreSANRdiq0=; b=g3+DX9/xAkUUFb/Rhaa+8vj4j0dDSUmb2ImTcezCO4p/o lXiT2hD8FT9O7OjvJ0zSCWVXfRGCmh4A4r6P5ADT8tY7QdhK4JnusyyjLPeDj7TF +zpSm5sqpNU9kKd80t3oPlcKlM6LF0JXcbQ3YNfIpQqGU2VmQBqJmWoPQ1Qf5dDm r7XfWLn72fgGYIoyXe6VIMqq5YIKJD0eDOd5Uo36OWiQo5bNyNLwK2wlJrc+FLEa H2hjiRAiLmYjYrvmYVjUqWiVMpkqivEVImxU96qrIVl9apL82GT/FAtU01dlrRo2 1VNrRSQxU0zx5vf5zZPiGZcJwsjOo/HdmM0z+VFyg==
X-ME-Sender: <xms:IK8OX09kBI_8sdXdI1zcZrjPWMjf57bdefKIpUdUI65EBoKfHG_feA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrfedugdduudelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfffhffvufgtsehttdertd erredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigv nhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeegueehueejvdeiveffhedvke egffekgffgtdetleefkeeffedtjefhtdduvddutdenucffohhmrghinhepghhithhhuhgs rdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:IK8OX8vLxxkae3Uq9DtEDQPULX95_l5NAAhFQ2ffHKGYv-7iK0rRKg> <xmx:IK8OX6B_rltgTXhYt0ioAMAdHbv1UsR6IR_uzrwxTbM1aLwtFL4F-Q> <xmx:IK8OX0eDWXw44nGWShiTe1m01LB9z79E2l-T6GnZEIqXIq2a51EVDw> <xmx:Ia8OX3u7CRaJ6zOghoB2Ob495MG-GpO7HJX1Ted9IhgFFNTx5LjGLg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 985A1E00C1; Wed, 15 Jul 2020 03:24:16 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-613-g8a73ad6-fm-20200709.001-g8a73ad6e
Mime-Version: 1.0
Message-Id: <ae21cc02-3357-40c8-a1e9-3966fdf575a5@www.fastmail.com>
Date: Wed, 15 Jul 2020 17:23:57 +1000
From: Martin Thomson <mt@lowentropy.net>
To: quic@ietf.org
Subject: Need your help: different connection IDs in the same datagram
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/JL0UthjhdFQ7h_ysW0LDrdmowlo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2020 07:24:19 -0000

https://github.com/quicwg/base-drafts/issues/3800 discovered a minor "discrepancy" in our requirements for coalescing packets.  We required that:

* senders not coalesce packets for different connections in the same datagram.

* receivers reject packets with different connection **IDs** in the same datagram.

https://github.com/quicwg/base-drafts/pull/3870/files was the result of a discussion where I was convinced that looser constraints here weren't harmful.  The requirements would identify connections, not connection IDs.

Originally, my inclination was to fix the requirement on the sender to use connection IDs, which would remove some linkability.  But then I was reminded that linkability is already defeated for several reasons.  You can't coalesce outside of the handshake and we require a stable path for the handshake AND long headers include a source connection ID that can be used for linkability.  So the linkability concern is basically lost.

We also learned that some implementations were generating packets while processing incoming packets.  Later they would coalesce these into a datagram that might then have different connection IDs on the packets it contains.

There has been some opposition to the proposed resolution in PR 3870.  

Apparently, for some, having multiple connection IDs in the same datagram complicates processing.  I don't understand this objection.  It seems to me more difficult to retain state across packets than it is to process each atomically.  I was hoping that Christian or Nick can explain more about how this affects them.

Marten also indicated that there was a reason not to allow this, but if I understand that, this is based on some potential for future optimization, which could be conditional on having consistent connection IDs.  If we moved to a scheme that required consistent connection IDs, anyone using that scheme could be required to avoid coalescing different connection IDs.  So this seems more of a theoretical concern.

And - in anticipation of maybe choosing to make senders use a consistent connection ID - if you might be generating coalesced datagrams with different connection IDs in packets, how hard would it be to ensure that these are consistent?  Lars and Ian, I think both of you indicated that you might do this.

v2.23.0 | Report a Bug | By Email