IETF Logo Mail Archive

Re: QUIC ossification

Ted Hardie <ted.ietf@gmail.com> Thu, 14 February 2019 16:15 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A205C131088 for <quic@ietfa.amsl.com>; Thu, 14 Feb 2019 08:15:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xwjcX1TIUovn for <quic@ietfa.amsl.com>; Thu, 14 Feb 2019 08:15:12 -0800 (PST)
Received: from mail-it1-x131.google.com (mail-it1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F78512867A for <quic@ietf.org>; Thu, 14 Feb 2019 08:15:12 -0800 (PST)
Received: by mail-it1-x131.google.com with SMTP id i2so15621703ite.5 for <quic@ietf.org>; Thu, 14 Feb 2019 08:15:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yCNP++DdemNpjhBcy0NvGcfrbijpwCTSdaVd1noq6Sk=; b=mD32XrS5Cw97HJ8YPdTF5BKeMp3vTTgcc1Z2XJCtWbrOvwP9Wv3kqPK8cYe93ouzEI YdjgAiJJzXpyCtBNNNOMb5pOUAl1P2EoAUVNjPokQLQWsiQ7+MlkFqNcIlpSOxLcJ9vA MTJ6Ti1zS/T8QpDwFLhjJlmuXrjzXtDHhuI+NiRHxQcS991Ie9/Hhiq2wpYd43HgEBWg Ymw2UHjXGCql5zwFN7l1b9UW9sfODr9qGRu1D7v3G4wREkG7Z8G2Uzl4tcpH+JA9H+9e qHQjsipeNLsSYo4KCBP5CdWMuWdu98u3Nfesf5wrwzR3AIGgglStZNlW4hmmdSqpUtEE /JwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yCNP++DdemNpjhBcy0NvGcfrbijpwCTSdaVd1noq6Sk=; b=Lxdm911SylYvjcVofKeDKDxpT2ACK6hOrrrmx74uWQhjZdc1HcYNdnlFDNM30PNlNG J1ot9rpG2cQa2R6k6LkadcVCZHqAS1vtOWyKeSJcsX1+WZBoqInwUudIWXZ7yRCr46WF W0xI1f2odbZd6N4ThRNHiSb64qVxbu7lDbuicq9Oq4PNHvG9Ow80Ni1Ubhoxc/XnqzBh VKG9QBEHuOhxrxBeWMM4Y6MMO4pT9boUPyGwrNKZf3ScpQRCv3ZMQT47zZI18Pi22aR6 bTe8qs6a9wpUeQofVAdki0/iZfB9iey8M79sWvyXENQl752Ioo185HcFGesaZwa20A4n O1pA==
X-Gm-Message-State: AHQUAubQRC3Fka9tyl77DIqJyT/PIpy5ofvSEWicBOtekktB+MEm3/DB tAg9MiPYwoSSh98cFc6RzzhSVSeRXI76ALZ1NWtClA==
X-Google-Smtp-Source: AHgI3IYimVoHmukPoX2msBuRxoR1N8ua5H4kECSAwAJ6mfJFVHgD3cn2dcqQejSz7ZoDD7Rx14JwhwkjHg5x7g94t4I=
X-Received: by 2002:a24:30c:: with SMTP id e12mr271497ite.1.1550160911428; Thu, 14 Feb 2019 08:15:11 -0800 (PST)
MIME-Version: 1.0
References: <CAM4esxTm0GiXnow4Vyv0UX6kFW4U3zJgVrN_JzD31Sm6sxoYGg@mail.gmail.com> <1550007332.441557.1656692832.0E5412AE@webmail.messagingengine.com> <9425344B-D72F-474D-A549-AA2453E57F19@fb.com> <CAPDSy+5LikoojquLhaW58DbJ3VrGXUViaD0aHcTkxBJGzFjgQA@mail.gmail.com> <47E7A834-B6CD-4D73-BF49-8768A48CADF0@fb.com> <CAM4esxThzPJUxU7R5-CY-ZcgmqhYdPFMoM5Fg17vN-Hsk_pJ8A@mail.gmail.com> <CAKcm_gMmxeHHN3dtH9kby_En96oPwTqrfHE=wpqy5Z0YbX4png@mail.gmail.com> <CAN1APdegy8n3+8J-pkgB6f-SNxHtju9p1Hiyct2tHWQ0KyeiGg@mail.gmail.com> <CA+9kkMC95TnFatowKU6121g+1DPy1hMNbKPagveMfKCXtpFSUQ@mail.gmail.com> <1550101618.3002483.1657568864.062669F6@webmail.messagingengine.com>
In-Reply-To: <1550101618.3002483.1657568864.062669F6@webmail.messagingengine.com>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Thu, 14 Feb 2019 08:14:44 -0800
Message-ID: <CA+9kkMDm-4X=VWBkhtcN9WHq_=3-avmpft9gL3Aq_S55JV1rKQ@mail.gmail.com>
Subject: Re: QUIC ossification
To: Martin Thomson <mt@lowentropy.net>
Cc: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000787cdc0581dcf6c2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/PsPF1jjBjxrdydxRnlCO_aPqffk>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2019 16:15:17 -0000

On Wed, Feb 13, 2019 at 3:47 PM Martin Thomson <mt@lowentropy.net> wrote:

> On Thu, Feb 14, 2019, at 04:17, Ted Hardie wrote:
> > On Wed, Feb 13, 2019 at 9:14 AM Mikkel Fahnøe Jørgensen <
> mikkelfj@gmail.com>
> > wrote:
> >
> > > There is the risk that middle boxes learn that versions mean nothing,
> and
> > > that they are all the same, akin to crying wolf.
> >
> > I tend to agree with this. Version numbers should shift when the
> > interoperability among parties to the protocol shifts.  While you can
> > artificially create that shift in closed system, teaching the ecosystem
> > that the shifts are meaningless doesn't seem to advance the general goal.
>
> If I understand David's proposal, these versions would have meaningful
> changes, or at least changes that go beyond the version number.  In TLS he
> has suggested a similar technique, with changes that are not compatible,
> but relatively easy to implement.  For instance, changing the salt for the
> Initial keys would be trivial to implement and make the protocol
> indecipherable.


Changing the salt is the kind of thing I had in mind for "artificially
create that shift."  That's easy to do in a closed system; it's possible in
a standards-based one, but the overall impact on functionality is so low,
that the rate of uptake will be low.  So you will do version negotiation
down to the old version a lot of the time, I'm guessing.


>   Switching to ChaCha20-Poly1305 instead of AES-128-GCM would be another.
> He also suggested that we reorder key fields, switch endianness of various
> encodings, rot13 extension codepoints, ... plus whatever you can imagine.
> As long as it is easier to respond correctly to new versions than it is to
> build specific handling for every new permutation, the protocol designers
> win.
>
> Now, I'm not sure if that is as good as having a good reason to deploy a
> new version, but there you are.
>
>
As a personal opinion, I think we have enough semantic additions to do here
that we don't need an artificial version which will have no natural driver
of adoption.

Ted

v2.23.0 | Report a Bug | By Email