IETF Logo Mail Archive

Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS

Christian Huitema <huitema@huitema.net> Fri, 27 September 2019 02:48 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67024120131 for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 19:48:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jjUWjj8BH3Ur for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 19:48:09 -0700 (PDT)
Received: from mx36-out10.antispamcloud.com (mx36-out10.antispamcloud.com [209.126.121.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81379120099 for <quic@ietf.org>; Thu, 26 Sep 2019 19:48:09 -0700 (PDT)
Received: from xse15.mail2web.com ([66.113.196.15] helo=xse.mail2web.com) by mx61.antispamcloud.com with esmtp (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1iDgIh-0003L5-Dr for quic@ietf.org; Fri, 27 Sep 2019 04:48:08 +0200
Received: from xsmtp21.mail2web.com (unknown [10.100.68.60]) by xse.mail2web.com (Postfix) with ESMTPS id 46fblH15kwz3CjM for <quic@ietf.org>; Thu, 26 Sep 2019 19:46:03 -0700 (PDT)
Received: from [10.5.2.12] (helo=xmail02.myhosting.com) by xsmtp21.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1iDgGh-0007nL-1H for quic@ietf.org; Thu, 26 Sep 2019 19:46:03 -0700
Received: (qmail 25072 invoked from network); 27 Sep 2019 02:46:02 -0000
Received: from unknown (HELO [192.168.200.66]) (Authenticated-user:_huitema@huitema.net@[72.235.197.82]) (envelope-sender <huitema@huitema.net>) by xmail02.myhosting.com (qmail-ldap-1.03) with ESMTPA for <quic@ietf.org>; 27 Sep 2019 02:46:02 -0000
Subject: Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS
To: Nick Harper <nharper=40google.com@dmarc.ietf.org>, IETF QUIC WG <quic@ietf.org>
References: <CACdeXiLEnvmqmxSgXbvAwEo0rgm-F59RL2sk0Ugu6PNuiDkfsw@mail.gmail.com>
From: Christian Huitema <huitema@huitema.net>
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mQENBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAG0J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PokBOQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1a5AQ0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAYkCPgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <c22f8e1d-887e-1bef-799f-47e4f3151966@huitema.net>
Date: Thu, 26 Sep 2019 16:45:59 -1000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.1.0
MIME-Version: 1.0
In-Reply-To: <CACdeXiLEnvmqmxSgXbvAwEo0rgm-F59RL2sk0Ugu6PNuiDkfsw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Originating-IP: 66.113.196.15
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.196.15/32
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.196.15/32@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.15)
X-Recommended-Action: accept
X-Filter-ID: Mvzo4OR0dZXEDF/gcnlw0dWQ8c9lblW44odAlK6ziUapSDasLI4SayDByyq9LIhVhvUFSP5ih9KC FIUQbOLKL0TNWdUk1Ol2OGx3IfrIJKywOmJyM1qr8uRnWBrbSAGDcnqpk5VeF3xR4kF6iVwRtbgN zB/4Jkrw1eDLcif59fvcXeGBv4LgcRMsfcmMdM5kU7Tmz6iKnkQL9gqsxD347235Nhqq+/HvroPq 8GSPg+5aB4itzNZ07CdqP+KMfGjQTAas0edmB2q/yBRqnQY9Wo6jSvfpO+1kZkomjtjB6X5Q5Q9f RUeIpTIC2ySfqvnqLwoxlgatmaBb0rBiK9xbkDrUqzcKIief90MVLZY9LbIZh9+IQ1oS9LBn3VIP 95Jz7ujRlJ9wSMlhvaudJXZ9EIBG/qaR+8r9SKFMmPJLf850OvZYsmoVQuOIhwKLK6IKBNB4LZ0v UHHKTzJX7b1JhMjx7v77N42Z/zX3DQBtZa/0j9rMdVQseW3F+doIupqmER9E+btGG8Xk1uugE/FU 4J9TrjYo22Tif+7yfJXbGyN6EipRzMVZ5LqwTx7Vvn9SP+LiFhV9TEgXGI3XmDfDnJdoieX2NtRg +o3kI8QyLIsFNipas5GqVFZmFIt1Sjg0H0JEYNTZK9mOLR8UjAsXigeYUOp7A73HI6oJg7w/Voez qmxkFrnvCA/JzEZAZ4hdmhlKb/lC+C9AijoWgc8vkIGThCScvU0cCIiHSQbmcVLGrFWml44jmc+j mndScJUXAztqzrCt4TZ/wLtujY/tpYUaKojeMuV3yTT8TaGuX80GG+xd1+rcSgbrggauo+wFPAlb DjazCbhs7qBpykynMvtDTtO+u9LH2FRC7Cqll7UkX+eRWoyU+uvc1wsEtJqBNWOfRy3it5pbjqbJ QF61U112fwop9BTafX0DKHjywhGbO+8nMRYL9kekVL4dhx06ifnL+9wgoTj4ygNPw1XfN0zsCG5v xMF5WG1gYscNCfISP4VPJRUjPgTf43t5z5OGMMhkxyAKDRV/o3FuwxpnRHnKFOL2qbwhklIekV0n lts=
X-Report-Abuse-To: spam@quarantine9.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/RbwrdL1dCEbDg6IYKRcV6dylRJE>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 02:48:11 -0000

On 9/26/2019 2:51 PM, Nick Harper wrote:

> I propose introducing application parameters to the QUIC handshake and
> using this new mechanism for H3 SETTINGS instead of sending them as
> the first thing in the control stream. Application parameters would
> allow applications using QUIC to advertise or negotiate
> application-specific parameters during the cryptographic and transport
> handshake. It would guarantee that the client and server have
> exchanged their application parameters once the handshake is complete.
>
> Specifically, I’m proposing a new “application_layer_parameters”
> transport parameter, which when sent by the client is a series of ALPN
> identifiers with an opaque blob of application parameters per
> identifier, and when sent by the server is a single opaque blob of
> application parameters for the application identified in the ALPN
> extension.


I am a tad concerned with the privacy aspects of this proposal, at least
on the client side. Currently, the settings frame is sent encrypted in
0-RTT or 1-RTT packets. With your proposal, it would be sent in
clear-text, allowing very easy fingerprinting of clients.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email