IETF Logo Mail Archive

Re: Request for Authenticated but not Encrypted Traffic

Phillip Hallam-Baker <phill@hallambaker.com> Sat, 01 October 2022 01:18 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 574C9C14CE46 for <quic@ietfa.amsl.com>; Fri, 30 Sep 2022 18:18:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.411
X-Spam-Level:
X-Spam-Status: No, score=-6.411 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fBiElISIwa-p for <quic@ietfa.amsl.com>; Fri, 30 Sep 2022 18:18:04 -0700 (PDT)
Received: from mail-oa1-f43.google.com (mail-oa1-f43.google.com [209.85.160.43]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3F87C14CF1D for <quic@ietf.org>; Fri, 30 Sep 2022 18:18:04 -0700 (PDT)
Received: by mail-oa1-f43.google.com with SMTP id 586e51a60fabf-12803ac8113so7300354fac.8 for <quic@ietf.org>; Fri, 30 Sep 2022 18:18:04 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=4rySmIFIioDDLDZzuSO2oFCYIl9ZE7giBW2QyMvtM8A=; b=vQYVHMjmmyychbRpXogrXr/eL5j3xVTuplctqfM2SWoalkZqnvpE11CBLFCzGgBpOp zKgwqhb6ibqG0Xj/vV91k81yJd4B6Lxrn79JAlsZlwtB3vpezokasFkvQJXDlxaE22Zc yqvL4Hk5Yfe2/69a/eRvuqt9iaIDmc/O+4szqmXa83tSOZXwTBg7tJ8hnbOh3eWbBkIS g8MBOQa9kDp0tkiEGJmWPYCo/h6RJj24058SUPkE/VDg1b7fcTjOCdpexwHEjLZclSEr 5rfwG+Tog7Vb/zEPmmknWYgwUiyxROWxxhqdo+xzokX96n3GLsO+WVoLmWDImn5S27N6 iSTQ==
X-Gm-Message-State: ACrzQf0hq51cY/1Isy8CnUo6ta1Dx2PAGjQNO0RCpGS5Tm2q22vD2QiV e+CUcFKhvd37cQ6SCPdp300Xu/FH7Os3MO4R0GQ=
X-Google-Smtp-Source: AMsMyM5O9d37Qt8lwJ1BxS2CPGWgTSy9wdh8mPG8MaTMty+pb3dDeeNJoaZ80O/QTxP775ODf6EpvYPq5smLI0sho6g=
X-Received: by 2002:a05:6870:c210:b0:131:e1ab:2cfb with SMTP id z16-20020a056870c21000b00131e1ab2cfbmr414776oae.244.1664587083155; Fri, 30 Sep 2022 18:18:03 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+Lwgo5i=FD9sMcp+o_N-e5MprDDCDobzjh-FpwGKhiH99iQ@mail.gmail.com> <3C9CC208-E4E1-4F9F-B10A-6ACF485A0CEF@huitema.net> <CAMm+LwhVM+7Db6ZPLuE5A5VLYqocvZWr=hfKcN=HgYhrdLrgTQ@mail.gmail.com> <SJ0PR08MB82888AF87EE732F97717AFF4FA569@SJ0PR08MB8288.namprd08.prod.outlook.com> <7a099cee-59db-5c6d-2026-3216c60b37ea@huitema.net>
In-Reply-To: <7a099cee-59db-5c6d-2026-3216c60b37ea@huitema.net>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Fri, 30 Sep 2022 21:17:51 -0400
Message-ID: <CAMm+Lwg7f226X+jR5_LmuMP2B172pA-W638hskJUpvRzNL++Qw@mail.gmail.com>
Subject: Re: Request for Authenticated but not Encrypted Traffic
To: Christian Huitema <huitema@huitema.net>
Cc: "Randy Armstrong (OPC)" <randy.armstrong@opcfoundation.org>, "quic@ietf.org" <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ca0dbe05e9eee10a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/QqvTmav_wZOEUCQHi_HoDUhD9XI>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Oct 2022 01:18:05 -0000

Both of you are assuming a request/response paradigm.

That is pretty much the only model we have been using but it isn't the only
model and it is a straightjacket.

On Fri, Sep 30, 2022 at 7:44 PM Christian Huitema <huitema@huitema.net>
wrote:

>
> On 9/30/2022 4:30 PM, Randy Armstrong (OPC) wrote:
> >    *   Sure, we could design a presentation layer on top of QUIC. I
> think it is better to design a transport/presentation layer for the problem
> space and then see how we might make use of QUIC.
> >
> > Not quite sure why you make a big deal about this. OPC UA supports the
> kinds of operations you described but the complex operations are broken
> into multiple request-response pairs for transport. All OPC UA needs is a
> full duplex channel that allows responses to be returned in any order. I
> would imagine that any other protocol built on QUIC would do the same.
> That's exactly the way DNS over QUIC is designed. Full duplex channel
> (QUIC connection) allowing for series of transactions. Each transaction
> request (from the client) is mapped to a new duplex stream stream;
> response come back on the reverse part of that stream; responses to
> transactions arrive in any order.
> > The important question is: does QUIC have any inherent limitations that
> would make it difficult to implement complex operations over top of QUIC?
>
> No.
>
> You have to pay attention to the management of connections, how to
> resume connections after they break, etc. But that's pretty standard
> when designing a distributed application.
>
> -- Christian Huitema
>
>
>

v2.23.0 | Report a Bug | By Email