IETF Logo Mail Archive

Re: Exercising Version Negotiation

Subodh Iyengar <subodh@fb.com> Thu, 22 March 2018 16:53 UTC

Return-Path: <prvs=66190ed8da=subodh@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D72B3126D3F for <quic@ietfa.amsl.com>; Thu, 22 Mar 2018 09:53:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=ZG1uylx9; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=WvOeBYvC
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2I7gjsp0BHOC for <quic@ietfa.amsl.com>; Thu, 22 Mar 2018 09:53:23 -0700 (PDT)
Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C96F120726 for <quic@ietf.org>; Thu, 22 Mar 2018 09:53:23 -0700 (PDT)
Received: from pps.filterd (m0109331.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w2MGrMLH030746; Thu, 22 Mar 2018 09:53:22 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=facebook; bh=8AxmmKFIYUva98lbxpJBhacKcBAc218+p5AVHM81j3U=; b=ZG1uylx9TkdTe2ZEijgN4H/c9Cqx9mXohySmzJTqzg4GGknGrHOVKIMvhYOD58u/yaF8 DlHlL8QIENVEOCfvzvisGVxu2OQvGWPrWnwmt1ePXlH8ni2ulXbxmgnWCLhpuAMlGhvk WUwBh6pt3PHqxl8uMiNrjw+oBv9nWI5C04Q=
Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2gvf2t8969-1 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 22 Mar 2018 09:53:22 -0700
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.24) with Microsoft SMTP Server (TLS) id 14.3.361.1; Thu, 22 Mar 2018 09:53:17 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=8AxmmKFIYUva98lbxpJBhacKcBAc218+p5AVHM81j3U=; b=WvOeBYvCAgwK2Zgprebs0px0faNi0CLDvN/7DthftYsXWjJBI6R8J/5wPSFaZnP8+LkGc49wv65oTj0u+ESw4UtsBnGjal6rejYcLs7VyL1OZV9xHs80OOoIptU69ICN1qwi3gNLrQZr0nJh9WzLQOrSbHdFJUxZn4Js3tDn9Zs=
Received: from MWHPR15MB1821.namprd15.prod.outlook.com (10.174.255.137) by MWHPR15MB1168.namprd15.prod.outlook.com (10.175.2.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.588.14; Thu, 22 Mar 2018 16:53:16 +0000
Received: from MWHPR15MB1821.namprd15.prod.outlook.com ([fe80::b431:b2fb:1912:34d8]) by MWHPR15MB1821.namprd15.prod.outlook.com ([fe80::b431:b2fb:1912:34d8%17]) with mapi id 15.20.0588.017; Thu, 22 Mar 2018 16:53:15 +0000
From: Subodh Iyengar <subodh@fb.com>
To: Eric Rescorla <ekr@rtfm.com>
CC: IETF QUIC WG <quic@ietf.org>, Roberto Peon <fenix@fb.com>
Subject: Re: Exercising Version Negotiation
Thread-Topic: Exercising Version Negotiation
Thread-Index: AQHTwdX66S1uG5wKa0SeezpL/OgUTaPcb5CAgAAAlz6AAAZ5AIAAAJNZgAABiCc=
Date: Thu, 22 Mar 2018 16:53:15 +0000
Message-ID: <MWHPR15MB18212BAC58BEB251940C11FAB6A90@MWHPR15MB1821.namprd15.prod.outlook.com>
References: <CABcZeBMv5BqZOtgVA2wfqaaGCd94gcNPB9bTXkrvNXXRveU8wA@mail.gmail.com> <BY2PR15MB0775F2D1CDEA831B64491A67CDA90@BY2PR15MB0775.namprd15.prod.outlook.com> <MWHPR15MB18211F884674B6FC01BCD2E9B6A90@MWHPR15MB1821.namprd15.prod.outlook.com>, <CABcZeBN8hN7w0NsRBshkhu9vEwiq5_AbaTBBv7arKY5C=yv0oA@mail.gmail.com>, <MWHPR15MB1821A942282B917BB786913BB6A90@MWHPR15MB1821.namprd15.prod.outlook.com>
In-Reply-To: <MWHPR15MB1821A942282B917BB786913BB6A90@MWHPR15MB1821.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:67c:370:128:3cc1:8c99:1ed7:bcc4]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR15MB1168; 7:zrPlGuNBFx2uMne7+3U6QyuctKpcUmsaT6Kj/K1R0AS6PdzEY0bmMGwynuIBbmOyeQb1H+lrii7yobLPhraS/6Z0uLJrAhj9SHYSliyGZt5BrTUhn0DWol2ueIc8VXUWbhfaiXbIsKqm1bDfflZTy+vpUalKIO3DgfdIRrifbrXhQxT0BPcEDiGMKkNiDoZL+mY/COsBiNelZfQyaMslcpBx15ZdSJKzQ57KuwjVkgT0dWQ5XW98pf2x5wPe/Pag; 20:JSSkygCqKStr09Oh1mp1uQNpzFrH2bhAmAYUe9DEASJWjLdWV/mfWZduS9PAYN0Q0/bcNi2WpWLFqdBcMV5Zm9AabDLsQ5Be3pqigok4cmpFImmWIYpJla/xqq0vail5b48zDZDzWebp0cX3FE1hm2TkLlnfoccgx8Zd2Z6AF08=
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10019020)(396003)(39380400002)(376002)(39860400002)(346002)(366004)(189003)(199004)(7696005)(3280700002)(8936002)(6916009)(2906002)(14454004)(105586002)(68736007)(33656002)(81166006)(561944003)(25786009)(478600001)(316002)(81156014)(229853002)(4326008)(6606003)(97736004)(6116002)(2900100001)(93886005)(8676002)(106356001)(9686003)(46003)(54896002)(102836004)(86362001)(236005)(55016002)(6436002)(19627405001)(53936002)(7116003)(5660300001)(6246003)(5250100002)(53546011)(76176011)(54906003)(99286004)(74316002)(3480700004)(186003)(7736002)(2940100002)(6506007)(446003)(3660700001)(11346002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1168; H:MWHPR15MB1821.namprd15.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
x-ms-office365-filtering-correlation-id: 7359d420-3140-47f2-2d00-08d590156813
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1168;
x-ms-traffictypediagnostic: MWHPR15MB1168:
x-microsoft-antispam-prvs: <MWHPR15MB1168EC92715383D44041B2ACB6A90@MWHPR15MB1168.namprd15.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(190756311086443)(158342451672863)(67672495146484);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(3231221)(11241501184)(944501327)(52105095)(93006095)(93001095)(3002001)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123564045)(6072148)(201708071742011); SRVR:MWHPR15MB1168; BCL:0; PCL:0; RULEID:; SRVR:MWHPR15MB1168;
x-forefront-prvs: 0619D53754
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: D87O2D+Koqkt09sK5PG2hVhr0yhFOn5pTFifnT6pfWJnnS0NbvRJqjVHWxs5+tXkoiTqUO5Gg4lq5ivU3ReDbnyZ015OQVQ1tvQ+4PXq/eqBoArXwKPhBW4Tu8tlpaRjjecnRVk4oQEWf5vPLPBl/kvZ3zdCwdSzEqkL472ppoYLOFtNc5fTzYUdkF3wTy8/vg0MrR+vogcrFuL2SmuYXLnD3s0yXTPQWkOO22na+oR4J4XlpzlBbLZCKC/p5jqHV1AY9a3E+VYEBbGlZm56hjfbAtX8/rSce8IV9rrzH3g0y6dhV1hce3rdVUVpScA7KavVYrM3O8BBbbYTy2gknA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR15MB18212BAC58BEB251940C11FAB6A90MWHPR15MB1821namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 7359d420-3140-47f2-2d00-08d590156813
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Mar 2018 16:53:15.6030 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1168
X-OriginatorOrg: fb.com
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-22_08:, , signatures=0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/O0Eaix4UeIHQ51itfeT08R7EFsE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2018 16:53:26 -0000

Oh sorry i completely misunderstood what you're saying, ignore my previous email.


Subodh

________________________________
From: QUIC <quic-bounces@ietf.org> on behalf of Subodh Iyengar <subodh@fb.com>
Sent: Thursday, March 22, 2018 9:49:53 AM
To: Eric Rescorla
Cc: IETF QUIC WG; Roberto Peon
Subject: [Potential Spoof] Re: Exercising Version Negotiation


My understanding is that your proposal says that the interpretation of a particular bit in the public header is determined by the version, i.e. the server and client will negotiate a particular version if they need a spin bit. What I was saying is that if that is true, the middlebox needs to look at the negotiated version and hence creates the aforementioned concerns.


Subodh

________________________________
From: Eric Rescorla <ekr@rtfm.com>
Sent: Thursday, March 22, 2018 9:45:14 AM
To: Subodh Iyengar
Cc: Roberto Peon; IETF QUIC WG
Subject: Re: Exercising Version Negotiation

Hi Subodh,

I'm sorry, I'm not following you. I'm not talking about the spin bit here, just about exercising the regular negotiation function.

-Ekr


On Thu, Mar 22, 2018 at 4:26 PM, Subodh Iyengar <subodh@fb.com<mailto:subodh@fb.com>> wrote:

I don't think using version negotiation is as simple as it seems:


  1.  My understanding is that the current draft and the data that was shown doesn't even look at the handshake negotiation and only looks at short headers.
  2.  Short headers have no version. So to use version negotiation correctly as a signal of the spin bit, the middlebox MUST intercept the handshake negotiation.
  3.  Each 5 tuple could potentially have multiple connections and we are apparently designing for that use case, so the middlebox needs to use connection id
  4.  Some implementations are thinking of changing connection ids very frequently, maybe in each RTT.


Given these are we saying that when using the spin version you must not change the conn id per RTT so that the middlebox can observe the spin?


Subodh

________________________________
From: QUIC <quic-bounces@ietf.org<mailto:quic-bounces@ietf.org>> on behalf of Roberto Peon <fenix@fb.com<mailto:fenix@fb.com>>
Sent: Thursday, March 22, 2018 9:19:57 AM
To: Eric Rescorla; IETF QUIC WG
Subject: [Potential Spoof] Re: Exercising Version Negotiation

Love it. This is a great idea!

I'd suggest being more agressive with deployment,  e.g. recommend that servers negotiate speaking version +1 to more like 50% of the clients, and swap guid/ip mappings to have clients formerly using +1 switch  to -1 and vice versa weekly or so.

-=R



Sent via the Samsung Galaxy S7, an AT&T 4G LTE smartphone


-------- Original message --------
From: Eric Rescorla <ekr@rtfm.com<mailto:ekr@rtfm.com>>
Date: 3/22/18 5:05 AM (GMT-08:00)
To: IETF QUIC WG <quic@ietf.org<mailto:quic@ietf.org>>
Subject: Exercising Version Negotiation

Following up on the discussion at the mic, I do think it is useful to exercise the VN function, but I don't think it's useful to have those versions be different, because that creates perverse incentives.

Here's what I suggest instead: create two versions (we can call them QUIC v1+i  and QUIC v1-i), each with its own code point [0]. They should be essentially identical except for two trivial differences, intended to ensure that if you screw up version negotiation, you get failed interop.

- The constant in the handshake salt (5.2.2)
- The HKDF expansion constants

I suggest we handle each of these by just inverting the bits.

We would then suggest to people that they somewhat randomize their preferences (e.g., 99% of the time prefer v1+i, 1% of the time prefer v1-i). This will almost always result in matching versions, but will occasionally result in a mismatch, thus forcing us to test VN.

-Ekr

[0] Obviously we can do this for draft versions. We just say that the two versions are
ff0000XX and ffffffXX.

v2.23.0 | Report a Bug | By Email