RE: Benjamin Kaduk's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)
Mike Bishop <mbishop@evequefou.be> Thu, 07 January 2021 15:16 UTC
Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 409053A11A4; Thu, 7 Jan 2021 07:16:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qd8g6yz8frNN; Thu, 7 Jan 2021 07:16:26 -0800 (PST)
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2105.outbound.protection.outlook.com [40.107.220.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 530863A0EEA; Thu, 7 Jan 2021 07:16:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jutZUS/+uYNeKH5gnLJrigRvqJGdwoitSQJ1eQLoQOLxQwWntdxFQooYutTjJ4VQ2phgzyAp/qDuTfao+LLglVWjKW02K4VJWpB+pPb6FjqfVmvd5o8sfMZM9q039B/InpaQJoIoFDA7zz+xpCAH497r9cSF2itQRpzbfDV8YnYQLa9k6t0Y9g2ZUkQ3uBB2aMiorku3MsgEcPRf7x++QBaqoGZNJNV4RfYUVpb1Wt8Cd9s2mQwCwGWWGeHFVv6UcfRCvyldw0hEjKaUdZerggTAPXBPH8WY8hyo5gBVPRfZyh2HS7uy/y5FqL4MBBzPW15PKDDqHhvW0B6PQ63elQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zL11F5VbDxpB7Iq5t8/c2Rk8Ih7Zf0OM9Biyr5uI9ls=; b=Z7BjdNXbE2A6tlOFGhpnwWzAnJUgogP4AlKLXORGg3eHM9UCZX/pzaLhIwcqAZzhwuFEcdm24XNKkAZ49/SuEVm7HRd1Q89R3pEOTR6yJpDVx3zHzaBAslPhGnJuvipuyY/KEW9cCcTfzvgvpMhbPHFP7vPVvO241z7pDsHF6/2oHRHO7/6JG3YdTRqVKFi98WWs3Emicu5pSb/o2Rw55SM8T3BdLuZS9FPyPhJKjOXh8FATPMtYVzsTtsqRQqyWAsjdlWLv6JKafwpPf+mhRqwrtKbkq63Ayysz1r7u88qVwyGowp+Zte7uv63+K6wD9Xmqsg1WwOaWekSMKdG/rg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zL11F5VbDxpB7Iq5t8/c2Rk8Ih7Zf0OM9Biyr5uI9ls=; b=HirHrMkWI/sDsxXngTTVocJplG3pN4MPd05H+8Dnf5IAmbV0by0YuwVMjvDjzcGt8XW6XQQNMgjo6vInVPjZwehIq/Ank1yp/jKjFIYuSYjh4mf88qICFaz95Gwkd/kXMkbc+K2UWKy0C0yK1+dFJJtiKJM1ioZdEk3H9nJCnPA=
Received: from CH2PR22MB2086.namprd22.prod.outlook.com (2603:10b6:610:8c::8) by CH2PR22MB1960.namprd22.prod.outlook.com (2603:10b6:610:5e::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.6; Thu, 7 Jan 2021 15:16:21 +0000
Received: from CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::d93a:81e:d58f:b4e9]) by CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::d93a:81e:d58f:b4e9%6]) with mapi id 15.20.3742.008; Thu, 7 Jan 2021 15:16:21 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Jana Iyengar <jri.ietf@gmail.com>, Martin Thomson <mt@lowentropy.net>
CC: WG Chairs <quic-chairs@ietf.org>, "draft-ietf-quic-transport@ietf.org" <draft-ietf-quic-transport@ietf.org>, The IESG <iesg@ietf.org>, Lars Eggert <lars@eggert.org>, QUIC WG <quic@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Subject: RE: Benjamin Kaduk's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)
Thread-Topic: Benjamin Kaduk's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)
Thread-Index: AQHW5HVBhmrbY8JEDE+mp+nyMmqrN6obmMAAgAAiGwCAAAdmgIAABTEAgAB/JuA=
Date: Thu, 07 Jan 2021 15:16:21 +0000
Message-ID: <CH2PR22MB2086CCC9463F86BB73BD109DDAAF0@CH2PR22MB2086.namprd22.prod.outlook.com>
References: <160996950953.25754.14270013028683006869@ietfa.amsl.com> <39c24306-42dc-454a-8a60-cfbd86ab6c64@www.fastmail.com> <20210107065404.GH93151@kduck.mit.edu> <98093648-fed4-4da1-8e25-171c6770431e@www.fastmail.com> <CACpbDcdknN5T9a_TFAr2_0KAvnvQ6c1432wQJ3xwSbVQZwkc2g@mail.gmail.com>
In-Reply-To: <CACpbDcdknN5T9a_TFAr2_0KAvnvQ6c1432wQJ3xwSbVQZwkc2g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=evequefou.be;
x-originating-ip: [72.49.212.17]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2ab3da60-77de-45fa-4bae-08d8b31f30ad
x-ms-traffictypediagnostic: CH2PR22MB1960:
x-microsoft-antispam-prvs: <CH2PR22MB1960D0FB8261E695225B4984DAAF0@CH2PR22MB1960.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4125;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4/cYtCNbIWxT8pAQ7dgetrxrt/GugGTgsswfsFx2GvLnvhn3BPnt9pkL6VNj16/kLIV+RgsMpP/KxSpXkd2AnXdoFaiPnetEItew7AIzhHx0sqKIuBEtMpIM4DzsS938q7w9edz5Jxg6oDSuqJP0IaR++HrsbSxDUBwkhGlvu2yMmeuSJkf02acJRByu8iq+Ti0+alY/9/NDBeq2aomlkhGvhy+Jva1WepXY4bmO2bMLRjGAQmsvsx8LFh1er4iulj6Pv0BcSdYdeSoEgXOUlssvp6CHTVV0zL/c2g/z6/V5/htSTEZK4yt43i+LHNjBwXG0QXPVjJFGgk1dHUWgf7cbGOxyOhVq4xpzel7TJ8kMiafjDazzXIj662sYN+FBkHWXbwRG8CUd8TiuCGPNNQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR22MB2086.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(396003)(366004)(346002)(39830400003)(136003)(99936003)(6506007)(2906002)(52536014)(66946007)(66446008)(76116006)(71200400001)(8676002)(33656002)(478600001)(316002)(53546011)(110136005)(54906003)(8936002)(64756008)(26005)(55016002)(7696005)(86362001)(66616009)(4326008)(66476007)(66556008)(83380400001)(9686003)(5660300002)(186003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: i+1Qft/mIW1a2n5a2DzKxapJ0zJPr4ekSLK0+RUBPaZFrQGXfVtBrC9wKAWyBbAz9zYh9eXs0v++f14jZhKI3VB4lG5hbC88elh1cwpCPxTKj/QICFBOIe3QSv4Itb2AcI6rQabWVFl1hufMgx5y/dVyjW6wH0vQ45GNO8GCHRaNbbXQEk5q2C+a14O04ExSEnKgyE2L75GAZbOHNZbHVfoVskblbb22jyUtZ5nrnoxCnSmzF4gRRRcFhx+nKYYdmCDbr+XewZtiyhjw1SPWYqPTHND9xItVsjMtzC5oE1dmNcWteIdLwQUIJwokrLEBLWbC8aXkd2Wqv9w6zFzhXxai+e+NTGEmMH7tsW7wzu38kJT1tS5Y06/2IpkZt7qRN3V/uG4nM910wsodzk1mLjfcohAnBI1f/F9bexBke/dAmIDTUAUctfMyiTNTYS+/dHspZABIRZlGO98FSDW+c/OMIMevGIW2A0x4R93A/Z6iiqW+vTXUJI8XmwUGUUyNg8QNOLoU0Z89GFp4nY64OSUh/72+Zx0m2kGEBD9EY5buvH+E1nBopFU68hGysboKq5W0sQXHdw17o/T0T/zLzqblbovzwRW/8guZNOLLFQMstK3hftC/DATLdtgfqTokelQR+cW2FTNlZgQ/Ohc1Sz65ytu7xXrb/HlFnW0AaWF+3Wm7/JCbvt1HpanN5cY0Vy0S3Alnbu2KyKfUkZIWTfC5OSH50OsRdTfmwaPNOC0bSm6PnHuNLcoPDuoaROJ/ksIPyniha5Rf8zV/iphzDGFce34JPjukgokvxVfJ1JC4AdLFbMdP4jQ8kgJAXijiTvaCq0B8pNDIBDQOGOqQA1RtU04+MiaLyY8qvP2rqSSPMFH9fDoWEiBgmNNXNpEY3B2/i5NvqmSAfaTwmBy/WvrpNmb38uxJ3jrVqMr/waJhGGNVvzw9HrCz5UTF7ZoPqDTeAersQhSd6J13Y+PsHvtKwyMyn/NVYf9/D6rGBbs=
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_005D_01D6E4DE.248B9B50"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR22MB2086.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2ab3da60-77de-45fa-4bae-08d8b31f30ad
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jan 2021 15:16:21.2935 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PlSAybeyndu4CwmQp9uQRgaw4aIXoyfyg7Db2kntuLrrhdKr1q8dGwyA6k+AsaRVwxq+GTuHvwC045y+4diexQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR22MB1960
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/UCXiUsL7w_lYjdG5skMgJWV5h88>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jan 2021 15:16:28 -0000
To expand on the Alt-Svc case slightly; we removed the “version hint” ALPN extension from HTTP/3, but later made a decision that an ALPN token can imply a QUIC version, so offering a set of ALPNs implies the set of supported QUIC versions. From: QUIC <quic-bounces@ietf.org> On Behalf Of Jana Iyengar Sent: Thursday, January 7, 2021 2:39 AM To: Martin Thomson <mt@lowentropy.net> Cc: WG Chairs <quic-chairs@ietf.org>; draft-ietf-quic-transport@ietf.org; The IESG <iesg@ietf.org>; Lars Eggert <lars@eggert.org>; QUIC WG <quic@ietf.org>; Benjamin Kaduk <kaduk@mit.edu> Subject: Re: Benjamin Kaduk's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT) Ben, The working group chose actively to make this decision. We had a broken version negotiation in the spec, and after several long discussions, we decided to remove the VN process out of the v1. As it stands, in the worst case, if we find that we cannot do a safe version negotiation within QUIC, we are stuck with a wasted version field and a VN packet in the protocol. We can still build and deploy future versions of QUIC, we just won't be able to negotiate their use within QUIC. Given that we have a draft in progress, I don't believe that we'll end up in that state, but even if we do, it's not an unsafe state. The working group has consensus to move with v1 being incomplete in this regard, because it's not unsafe. To be clear, we aren't deferring safety of QUIC v1 (this document and this protocol) to a future mechanism. We're deferring safety of the version negotiation mechanism (which we don't have) to when we actually build that mechanism. If we don't succeed, all we lose are the wasted bits in v1 and we won't be able to negotiate a different version within QUIC. If anyone else deploys a vN, the only way we are providing to use it is through Alt-Svc. That is how major HTTP/3 deployments deploy multiple QUIC versions today. That allows us to deploy multiple QUIC versions without needing VN. Am I helping, or is there a different point that I'm missing? - jana On Wed, Jan 6, 2021 at 11:21 PM Martin Thomson <mt@lowentropy.net <mailto:mt@lowentropy.net> > wrote: Excision performed in the service of brevity. On Thu, Jan 7, 2021, at 17:54, Benjamin Kaduk wrote: > Yes. Do we have any reason to believe that non-standards-track versions > will or will not intend to coexist with v1? I, at least, do not have any > data on that question either way. I think this relates to my (3) above -- > are we assuming that the problem of downgrade protection only becomes > relevant when there is specifically an IETF v2? We have no information, but that indicates more that we have time to work on a solution. > I agree that it's not necessarily limited to QUIC, though even having > something that only works within the QUIC ecosystem would be better than > nothing. It would be surprising to define a protocol with verisons and a > Version Negotiation packet but end up with technical flaws that prevent > that packet from working properly, though. I am confident that we have enough of an escape valve that we will be able to define new versions securely. As is the working group (who I am certain will speak up if they disagree). > I think it would be fruitful to try to drill a little more into > what assumptions we are making when we say (okay, I'm synthesizing a bit, > but I believe this is the sentiment) that "it is safe to defer availability > of this mechanism until a future version of the protocol exists". If only we hadn't already discussed this at length. > (I recognize that answering that last one may end up being nearly as hard to > answer as actually solving the problem.) I think that we know the answer in the general sense, just not in the specific sense of being able to define the bits and manage operational concerns and other protocol design constraints. > My main goal here is to have some reasonable level of confidence that we > are not putting ourselves in a position that will be hard or impossible to > get out of in the future. Depending on what assumptions we are making, it > may be very easy or somewhat less easy to achieve such confidence, but > deferring entirely to future versions of the protocol without information > on how or when such version(s) will appear leaves me without much > confidence on that front. The working group reached that confidence. I don't know how much effort I'm able to devote now to helping you reach that state. Perhaps other participants would like to offer their help now.
- Benjamin Kaduk's Discuss on draft-ietf-quic-trans… Benjamin Kaduk via Datatracker
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Lucas Pardue
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Martin Thomson
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Benjamin Kaduk
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Martin Thomson
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Jana Iyengar
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Mikkel Fahnøe Jørgensen
- RE: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Mike Bishop
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Eric Rescorla
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Benjamin Kaduk
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Eric Rescorla
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Spencer Dawkins at IETF
- Re: Benjamin Kaduk's Discuss on draft-ietf-quic-t… Martin Duke