IETF Logo Mail Archive

Re: [QUIC] Alissa Cooper's Yes on charter-ietf-quic-00-01: (with COMMENT)

Eric Rescorla <ekr@rtfm.com> Tue, 13 September 2016 16:53 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1D1112B397 for <quic@ietfa.amsl.com>; Tue, 13 Sep 2016 09:53:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ovTFhWuFjNh2 for <quic@ietfa.amsl.com>; Tue, 13 Sep 2016 09:53:39 -0700 (PDT)
Received: from mail-yw0-x22b.google.com (mail-yw0-x22b.google.com [IPv6:2607:f8b0:4002:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBB6E12B3FF for <quic@ietf.org>; Tue, 13 Sep 2016 09:53:38 -0700 (PDT)
Received: by mail-yw0-x22b.google.com with SMTP id g192so109636301ywh.1 for <quic@ietf.org>; Tue, 13 Sep 2016 09:53:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=olY9HNL560Zpyu74OEjLiq8/nEGjN+qAG1mlRLW9VXM=; b=mCFqBXiznHoJjHgblhHPaEHDyjPKxs7T3Cm8zerYFwcy9O3dR0sr1JzlkBXQ6lCABb z31iqF1v2U8T5OS+vIYebLg0MTDHSceaAbmoKP7J5dh6Rb9RXW3P5Un8l3xAWcK9443H mKuy7Y9Srq1geYJgn6wAtfJfxfCiI3ep32y2oh1r+zqgNuCOh/+yy89c8Gx5iB2Z842B lge1wuYku95OWEq+IKUWvopZcP5HkKAmmbdPU8NIdT7Op++koHB3igdOcIFTFamxEqzw IdSVVfuRudv1YcQ3kiVJCbZjjPlFtqdZ+kfB198277U65E9OlFUTVsLgp8SJUuBelBAR jXCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=olY9HNL560Zpyu74OEjLiq8/nEGjN+qAG1mlRLW9VXM=; b=j0Nb/48vm024iTKrIIsE2iVRk/uk2ZQCd0B5dHCKOGsL0Yy3kEgbqkh7wf/29z9vE6 Cv2d/jOJAvEJVNQK091JO/xQUbhURU135RYvdj79HjVRrRAveGmYEZ1BB4bDRjo23UWY IOtC7xpn/bTDin+Y07/Hzx7E+MaACv07XcmI63gdHzOce6Dkyw5Bc8iKUYxImd+vngJg UxYlYmGUk7b8p3CZ1ZSZBeTLvDsGrUKnXxk2BlrpIvIaqy2iZbnqA+RZXyp86XgTuB4m rs+UAOzb+N60TsaKj3ck1PUFVVdj6fEiu5oEeIec0t7HNOlLrA1T61J2AyAKmS31qObM kbEg==
X-Gm-Message-State: AE9vXwPf1UKKBpJIBeGHzVPBVFmC5wa0/J74f34zW17Ze6IiXqC3M4I8d+1iAcTrX4emyBGtFzc0TuHdtnqWLA==
X-Received: by 10.129.153.215 with SMTP id q206mr1760902ywg.107.1473785618043; Tue, 13 Sep 2016 09:53:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.112.66 with HTTP; Tue, 13 Sep 2016 09:52:57 -0700 (PDT)
In-Reply-To: <CAJ_4DfRrLxOYKaFN_Bi7PpLRVx8_bNWAMChFNKaiPqfaKxaT6A@mail.gmail.com>
References: <147273767703.10217.5299850397860146217.idtracker@ietfa.amsl.com> <CAKKJt-dE_q2iNFLn_BFqPoy1V4kBnxGkbAiGzjyFkDdj6+gMBw@mail.gmail.com> <CABcZeBNDGQT141+9Q-YJRsuVrWGD=SDdeeFaKe0=iNwb+1ckLQ@mail.gmail.com> <CAJ_4DfRrLxOYKaFN_Bi7PpLRVx8_bNWAMChFNKaiPqfaKxaT6A@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 13 Sep 2016 09:52:57 -0700
Message-ID: <CABcZeBN1E8zQvuRr5XiQyBojgfqXQLv601JO0jtJOO7BFpa7Vg@mail.gmail.com>
To: Ryan Hamilton <rch@google.com>
Content-Type: multipart/alternative; boundary="94eb2c0b80843d5530053c667460"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/UCb7gACNGqWAP1YKlj_4AZZ30Ts>
Cc: quic-chairs@ietf.org, quic@ietf.org, Alissa Cooper <alissa@cooperw.in>, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, The IESG <iesg@ietf.org>
Subject: Re: [QUIC] Alissa Cooper's Yes on charter-ietf-quic-00-01: (with COMMENT)
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list to discuss QUIC standardization <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2016 16:53:43 -0000

On Mon, Sep 12, 2016 at 5:50 PM, Ryan Hamilton <rch@google.com> wrote:

> ​​
>
>
> On Mon, Sep 12, 2016 at 4:39 PM, Eric Rescorla <ekr@rtfm.com> wrote:
>
>> I had a few comments on the draft charter:
>>
>> > There is emerging implementation and deployment experience with QUIC, a
>> > UDP-based protocol that provides a stream-multiplexing encrypted
>> transport.
>> > Based on that implementation and deployment experience, the QUIC working
>> group
>> > will provide a standards track specification generalizing the design
>> described
>> > in the initial set of draft-tsvwg-quic-protocol, draft-tsvwg-quic
>> -loss-recovery,
>> > and related documents.
>>
>> "initial set" is ungrammatical here. Strike it.
>>
>>
>> > Key goals for QUIC are:
>> >
>> > - Minimizing connection establishment and overall transport latency for
>> > applications, starting with HTTP/2;
>> > - Providing multiplexing without head-of-line blocking;
>> > - Enabling deployment over unmodified Internet paths; and
>> > - Enabling multipath and forward error correction extensions.
>>
>> I would like to see a security objective here, as I think we all agree
>> that it's a first-class priority.
>>
>> - Providing secure transport by default using TLS 1.3.
>>
>
> ​QUIC is designed to have a plug-able handshake mechanism​. For sure, TLS
> 1.3 should be used in many cases, including HTTP over QUIC. But I would
> want to makes sure that we don't lose the ability to develop other
> applications on top of QUIC which want a different handshake.
>
> ​I'd be happy to see language requiring that we come up with a QUIC + TLS
> 1.3 mapping, just not language that says that TLS 1.3 is the only handshake
> for QUIC.​ Perhaps you were already saying this, I'm not sure.
>

Sorry for any unclarity. I wasn't trying to start an argument just
memorialize the consensus.
I'm mirroring the language here from draft-hamilton-quic-transport-
protocol-00:

"TLS is assumed to be the default crypto handshake protocol, as described
in [draft-mthomson-quic-tls
<https://tools.ietf.org/html/draft-mthomson-quic-tls>]."
and was trying to fit it into charter-ese by making "default" do
double-duty.

How about:
- Provide always-secure transport [using TLS 1.3 by default]

I could live with the [] text either way, as I think the milestones make
clear that we're doing a TLS 1.3 binding.

-Ekr

Cheers,
>
> Ryan
>
>
>
>>
>> > This work will ensure that
>> > QUIC using TLS1.3 has security and privacy properties that are at
>> least as good
>> > as a stack composed of TLS1.3 using TCP (or MPTCP when using multipath).
>>
>> This "QUIC using TLS 1.3" language is a little weird. I would just say
>> "QUIC". I believe MT provided a similar comment.
>>
>>
>>
>> > The third focus area will describe mappings between specific
>> applications???
>> > semantics and the transport facilities of QUIC. The first mapping will
>> be a
>> > description of HTTP/2 semantics using QUIC, specifically with the goal
>> of
>> > minimizing web latency using QUIC. This mapping will accommodate the
>> extension
>> > mechanisms defined in the HTTP/2 specification. Upon completion of that
>> mapping,
>> > additional protocols may be added by updating this charter to include
>> them.
>>
>> I'm not sure this should be in QUIC so much as HTTP. Minimally it somehow
>> needs to be in cooperation and I don't see anything here. I certainly
>> don't
>> want this to preclude a mapping of only HTTP/2's transport facilities.
>>
>> -Ekr
>>
>>
>> On Thu, Sep 1, 2016 at 7:02 AM, Spencer Dawkins at IETF <
>> spencerdawkins.ietf@gmail.com> wrote:
>>
>>> Hi, Alissa,
>>>
>>> On Thu, Sep 1, 2016 at 8:47 AM, Alissa Cooper <alissa@cooperw.in> wrote:
>>>
>>>> Alissa Cooper has entered the following ballot position for
>>>> charter-ietf-quic-00-01: Yes
>>>>
>>>> When responding, please keep the subject line intact and reply to all
>>>> email addresses included in the To and CC lines. (Feel free to cut this
>>>> introductory paragraph, however.)
>>>>
>>>>
>>>>
>>>> The document, along with other ballot positions, can be found here:
>>>> https://datatracker.ietf.org/doc/charter-ietf-quic/
>>>>
>>>>
>>>>
>>>> ----------------------------------------------------------------------
>>>> COMMENT:
>>>> ----------------------------------------------------------------------
>>>>
>>>> What is the status of these PRs?
>>>> https://github.com/IETF-QUIC/Charter/pulls
>>>
>>>
>>> I checked two of the PRs. One looks like it's reflected in the
>>> datatracker, but the other does not. I'll make sure the proponents think
>>> the datatracker text reflects what they want to go with, before this goes
>>> for external review.
>>>
>>> Spencer
>>>
>>> _______________________________________________
>>> QUIC mailing list
>>> QUIC@ietf.org
>>> https://www.ietf.org/mailman/listinfo/quic
>>>
>>>
>>
>> _______________________________________________
>> QUIC mailing list
>> QUIC@ietf.org
>> https://www.ietf.org/mailman/listinfo/quic
>>
>>
>

v2.23.0 | Report a Bug | By Email