IETF Logo Mail Archive

RE: Spin bit decision

Mike Bishop <mbishop@evequefou.be> Tue, 02 October 2018 17:50 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD7EB131029 for <quic@ietfa.amsl.com>; Tue, 2 Oct 2018 10:50:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ECkxVAg2pl7E for <quic@ietfa.amsl.com>; Tue, 2 Oct 2018 10:50:49 -0700 (PDT)
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (mail-dm3nam05on0716.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe51::716]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BC4C130EAA for <quic@ietf.org>; Tue, 2 Oct 2018 10:50:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bfw0FYKEiLXTTwKxRDhbJSO2dTQcuyO5ktWkeUwyucY=; b=f+YDYJzikDZVByxpTKWesQOjiClLBbGRHd7OkZ7WFB9Rq3cqlpepJgQxCv7MF64abhGM848Q23pmOxIm5c2NO3UMD0e8Q9yzjyWAczi3O6/ni0aRhf6bOQc5AFEcoF2i7l+s0JMZgV5N7f3gID9jolZ2IiNiPxE46GEhVdQK5NI=
Received: from MWHPR22MB0991.namprd22.prod.outlook.com (10.171.145.21) by MWHPR22MB0573.namprd22.prod.outlook.com (10.172.171.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1185.25; Tue, 2 Oct 2018 17:50:44 +0000
Received: from MWHPR22MB0991.namprd22.prod.outlook.com ([fe80::582e:a300:785c:8592]) by MWHPR22MB0991.namprd22.prod.outlook.com ([fe80::582e:a300:785c:8592%9]) with mapi id 15.20.1185.024; Tue, 2 Oct 2018 17:50:44 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Ted Hardie <ted.ietf@gmail.com>
CC: "alexandre.ferrieux@orange.com" <alexandre.ferrieux@orange.com>, Lars Eggert <lars@eggert.org>, IETF QUIC WG <quic@ietf.org>
Subject: RE: Spin bit decision
Thread-Topic: Spin bit decision
Thread-Index: AQHUWhYukd5OdbmHyk+wNZHVyKYYO6ULhImAgAAbI4CAACozgIAAHI6AgAAD4wCAAAMhAIAADuGAgAASIwCAABt7EIAABmOAgAAMAWA=
Date: Tue, 02 Oct 2018 17:50:44 +0000
Message-ID: <MWHPR22MB09917883912D880756E7DD2FDAE80@MWHPR22MB0991.namprd22.prod.outlook.com>
References: <14531_1538460420_5BB30B04_14531_237_4_c0f3a391-9897-80b0-575b-aa73edad0d52@orange.com> <9A63F295-5DC5-4992-9A9C-A98F72C8430D@eggert.org> <22440_1538469028_5BB32CA4_22440_292_2_8e00a462-2bbf-acf0-1195-74269a0c2fbd@orange.com> <3E3DBC15-FE42-47CF-AF7A-1F2597ED2390@eggert.org> <24019_1538484216_5BB367F8_24019_26_1_8e6b0d8e-78f0-56c7-e731-da2ff22cb194@orange.com> <08A9C80F-59E6-46EE-A4D4-1F78F5085CF7@eggert.org> <9737_1538485723_5BB36DDB_9737_147_1_82e0e028-b0e8-5e09-7bd5-e66db97c556a@orange.com> <E7479831-9594-444E-9545-A162E8D9B154@eggert.org> <32072_1538492813_5BB3898D_32072_266_1_8380ff40-29fe-269b-8ed7-4331c9e53f4d@orange.com> <MWHPR22MB0991D93D706031603B077BFCDAE80@MWHPR22MB0991.namprd22.prod.outlook.com> <CA+9kkMCRmgS_6ZgDnv3-+V8aUhh3-As2SG2ZR0MWTC48JWQ78A@mail.gmail.com>
In-Reply-To: <CA+9kkMCRmgS_6ZgDnv3-+V8aUhh3-As2SG2ZR0MWTC48JWQ78A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [38.134.241.6]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR22MB0573; 6:TiZrqbma1fu+IfC1ZU0CCnJzar1i9ncw5nXME/Q9KFDQd91/Zsr0UyZ5bqwE2T3psl4GAp1FB3zoTLT8oGK6bMDUexHBLhV6ICWdD14+Q9C3qV4VG/vjvhxhrvrc0M0J8tlWhJ4EmLshHTHOI/n4ZknJL5cvvHJoaDuicD9/peJXExYD8Dm0PEwcR5+16M14WN83X4ddEZ1dnHDlkaeXutEY0ulUyeQKrrL1UDRF4uJ5luTAaQEELI71RSTJsJVaEeCqPLg36//Q7gCO22BEdT81djOdC57Bma1+D3SaERTt0eGt10NoogeJA7sfEoRzfM0Ds9l8Gh6pRxt7XgWvCGb5H666sIIlUV+HQEo2ZJs006HfqA8WWzScM2UqblsCJuEIyk14KGaAlZSvnWpMyef0DLG+jX+z7fkcxskMHnYAOyxFFxn3VzRWqEc8lMS3ZUvtj1A52376xrByMLnvjg==; 5:nu56aP0rXk2vupSanXG0+dxOCLk/iwpHnfQDx+Q18LLASCEakNSmmgomD4qky5qoqPQFiDbXlu1sqCHw6V/TkV3E/DTt1ql8reiLRxQvfPCBTQTNj9oVbg8/MCmF0eF3pi8n0efrfOQFCrIXJ1KOHrrII1Qi7wOQ9o81m4I27yo=; 7:6wN20+DEE0oJ+zjN+D694+rI2iPoQvb0A/YSrgf6qq3uO3Ugy7bm3/GgstYirBs20EeJtNyA+ACalWvCDzdGLhzybnhBq23SyonpLkuOvBCIEuCreR6GxuOaZh1r/6QHxcvLiFvCjRDXtAgO6bUtVXl0oH0viqK11Tb2EKG4OkVc9OeBHDsEOuO9uot1vD86l4/MjYibLw9q7dLxEPr7jF0+YaO6wzvj0tRpOxWBM7SnxETElRBOTA/+wZHbyLsS
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 5e37e1c8-8c2a-4de7-cc01-08d6288f93c3
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:MWHPR22MB0573;
x-ms-traffictypediagnostic: MWHPR22MB0573:
x-microsoft-antispam-prvs: <MWHPR22MB057335623FC0D926BCEA0AE2DAE80@MWHPR22MB0573.namprd22.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705)(85827821059158)(161740460382875)(18271650672692)(158342451672863)(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(3002001)(3231355)(944501410)(52105095)(10201501046)(93006095)(93001095)(149066)(150057)(6041310)(20161123560045)(2016111802025)(20161123562045)(20161123558120)(20161123564045)(6043046)(201708071742011)(7699051); SRVR:MWHPR22MB0573; BCL:0; PCL:0; RULEID:; SRVR:MWHPR22MB0573;
x-forefront-prvs: 0813C68E65
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39830400003)(366004)(396003)(376002)(136003)(346002)(199004)(189003)(26005)(66066001)(5250100002)(14454004)(186003)(6246003)(102836004)(2906002)(6506007)(229853002)(5660300001)(446003)(11346002)(7116003)(19609705001)(6436002)(7696005)(53546011)(7736002)(54906003)(6916009)(74316002)(256004)(14444005)(99286004)(476003)(97736004)(76176011)(6306002)(81156014)(93886005)(81166006)(8936002)(86362001)(236005)(33656002)(316002)(74482002)(54896002)(8676002)(9686003)(3846002)(6116002)(790700001)(4326008)(71200400001)(71190400001)(68736007)(53936002)(508600001)(105586002)(25786009)(3480700004)(55016002)(486006)(39060400002)(106356001)(2900100001); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR22MB0573; H:MWHPR22MB0991.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:0; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-microsoft-antispam-message-info: dfBnQteZoWJ10MJnNdmgVCYiXmmlmbjceGjDNbZR3hjkIzjfQubDAUpmLT2EwN77vrTjpkRaQGuyUNQPWMl7mairyXF11JrD6DpHv/tG3O9O1ERcH16qO6m9O6zWcfwhTHhO03XCWMBEZGGFR6WUino0JWABbJjh+gQFxM+P9hhFsciHSZEzDMUwqoOSMu2EkNfSsVwQ7xMAv8zzoA9OZG+6Z7+B9Ey9y0+JL9HGKu0LLLbWFiUCZuQPQ9IwcCj4ezDlIb11887MX3LRNZ2sj1ZIi/Vxm66vr+/YJ3wg6YqEk//pu/AhnTgYpbM+tuGv3xRZGn+bBqL5bu6XOJuQdTFJvYs5FrWrFZCTcONozAo=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR22MB09917883912D880756E7DD2FDAE80MWHPR22MB0991namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 5e37e1c8-8c2a-4de7-cc01-08d6288f93c3
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Oct 2018 17:50:44.1969 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR22MB0573
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/5McJlxqyLcGTTwfFd5aNcg3NYqs>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 17:50:53 -0000

I’d consider that to be “potential for causing harm.”  We’ve decided that correlation is a potential security risk, and failure to do that exposes you to the risk.

From: Ted Hardie <ted.ietf@gmail.com>
Sent: Tuesday, October 2, 2018 10:06 AM
To: Mike Bishop <mbishop@evequefou.be>
Cc: alexandre.ferrieux@orange.com; Lars Eggert <lars@eggert.org>; IETF QUIC WG <quic@ietf.org>
Subject: Re: Spin bit decision

On Tue, Oct 2, 2018 at 9:51 AM Mike Bishop <mbishop@evequefou.be<mailto:mbishop@evequefou.be>> wrote:

I don’t think it’s a grim view, I think it’s a pragmatic view.  Our role is to specify the things which are fundamental to the protocol and have to happen for peers to interoperate.  Mis-using normative language for other things is an abuse of the process -- that's kind of the point of RFC 6919.



RFC 2119 says:
In particular, [normative language] MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions)  For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability.



Given that the spin bit is not “actually required for interoperation,” but is the very definition of “try to impose a particular method on implementors,” I’d say that RFC 2119 imperatives are unwarranted.

That's not quite what we generally mean by "interoperation" here.  It's quite common to have something say, in effect, "If you use X, you MUST do Y.".  So, we could have a MUST in Section 2.3 of the draft, instead of the current language:


   Each client and server MUST reset its spin value to zero when sending the

   first packet of a given connection with a new connection ID.  This

   reduces the risk that transient spin bit state can be used to link

   flows across connection migration or ID change.
That MUST doesn't say anything about when you use the spin bit, it simply says that *if*  you use it, other implementations will expect this behavior; if they get a new connection ID with a non-zero spin value, it will be a protocol error.  That pattern of use is very common.

Ted

v2.23.0 | Report a Bug | By Email