IETF Logo Mail Archive

RE: ECN in QUIC

Mike Bishop <mbishop@evequefou.be> Sun, 28 January 2018 04:33 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C86CF127863 for <quic@ietfa.amsl.com>; Sat, 27 Jan 2018 20:33:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TCeitFG0qlTx for <quic@ietfa.amsl.com>; Sat, 27 Jan 2018 20:33:09 -0800 (PST)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0095.outbound.protection.outlook.com [104.47.42.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E1F31200FC for <quic@ietf.org>; Sat, 27 Jan 2018 20:33:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=fq9Dpf9AETr3hTRrTT39/s5bWyDIrkdNZQevxQJjF0Y=; b=lmcbYZ9whHnUUddlK0FB/oCdLXgR8/b4QCWrGrQD4D7P6B8k2mjFEGv+pnLjVWk9Np43DnpEt9ha9Sqd5htBi96DKRiWWBVfqsFO7GDRMIaCx3usC+sMiKVHifIybhtIVMA6XEE5GP3ZSlRLjf8anYrlUDdjNd10RUFWdS0ew8k=
Received: from MWHPR08MB2432.namprd08.prod.outlook.com (10.169.203.136) by MWHPR08MB2621.namprd08.prod.outlook.com (10.173.231.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.444.14; Sun, 28 Jan 2018 04:33:06 +0000
Received: from MWHPR08MB2432.namprd08.prod.outlook.com ([10.169.203.136]) by MWHPR08MB2432.namprd08.prod.outlook.com ([10.169.203.136]) with mapi id 15.20.0444.016; Sun, 28 Jan 2018 04:33:06 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Christian Huitema <huitema@huitema.net>, "De Schepper, Koen (Nokia - BE/Antwerp)" <koen.de_schepper@nokia-bell-labs.com>, "Lubashev, Igor" <ilubashe@akamai.com>, "Brian Trammell (IETF)" <ietf@trammell.ch>
CC: Ingemar Johansson S <ingemar.s.johansson@ericsson.com>, QUIC WG <quic@ietf.org>, "Bob Briscoe (research@bobbriscoe.net)" <research@bobbriscoe.net>
Subject: RE: ECN in QUIC
Thread-Topic: ECN in QUIC
Thread-Index: AdOU5RXtZ09Jc7GvQAiw71TPDqLU5QATWZUQAAeBn1AAAsI1AAACpr+AAA8DdQAAAO0UgAAGEbDQABrQR4AAcdVVYA==
Date: Sun, 28 Jan 2018 04:33:05 +0000
Message-ID: <MWHPR08MB24325738B9CCC187570F65C4DAE60@MWHPR08MB2432.namprd08.prod.outlook.com>
References: <HE1PR0702MB3625F6E2C399F7E6F187C883C2E20@HE1PR0702MB3625.eurprd07.prod.outlook.com> <660743ab697443f4ac5500e649a80285@usma1ex-dag1mb5.msg.corp.akamai.com> <HE1PR0702MB3625648A6943055201D46DCEC2E20@HE1PR0702MB3625.eurprd07.prod.outlook.com> <26dd29d9-ce96-e858-078b-cc867990e8c5@huitema.net> <26b97168c48047018d1dfe6400a36b16@usma1ex-dag1mb5.msg.corp.akamai.com> <A4AE8394-0568-4C56-A4C3-02866E12DA8C@trammell.ch> <a05e899c3b7b45d38e6e4440e5196304@usma1ex-dag1mb5.msg.corp.akamai.com> <VI1PR0701MB212651DA603F0A147895161DB9E10@VI1PR0701MB2126.eurprd07.prod.outlook.com> <3809b20a-a141-f6fc-64de-785593cd9bf1@huitema.net>
In-Reply-To: <3809b20a-a141-f6fc-64de-785593cd9bf1@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [2601:600:8080:5a28:2884:6ca0:cd5d:46b5]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR08MB2621; 6:v6BVqWM7azu99XcxgbayIV2AqHOL/xNxoaSiXvIylxmGsUg3mUcb6SeToIeRUAcIzcRtzDfzUekIp85x10nymBY/HqdJmdD7rlXsiw/54jnFDUBmVJutnlXog5gFRKFsabpOxVnaAd0RvLhpbdkzGw8c1qcO85I9N3MU9xnJVUfw6hI693dWou/c9UWQddS9uG3AmEs5y7rxOrv8z2B5kMY/K61Jp+/LQc29W5Zhqap86OGRWlmsa8j+61oiMNEB+WkvqtLm5R36tO8kQe+VTAedPGNFBemLbkux312U1ECza3ftrcTeciri3tOoCJqpTdpIIBjmULArsPkRpjzKpUg1xHkXDgdCKaCiYRyP8kgVai/b8wG7kRMlvnfomNM3; 5:oE/CXRxCGO7P4aDG11bMl6HtN712mFkIyyBvemKhVa+jbhHphU/Z9f3wWETERaKl8Igu2dbTUx0fYPB9DuxJk/N8qaTfIUdE876qflzwGObS1KqRnjWJF9R1wcrnq/UQJHMQisDiWp+OoPjZXhjpzcph4yQ4m51yLaQnqbzpAuU=; 24:WadkLr/nnOIoU+FC7geNTBixR857nyzr4PUYAUe6cRcWQwoluDcVb5wsThpcXybgTw4Qrj2ziE6WQt2BRZRthYob+kf5BORqIKmKx8iprAo=; 7:NvuisGS4G1rQLoR9mEEOqvxg4gBK3uKFIoQFIvRU7xffGskKqqH44rPVLzX1XyR7tRYklkLvRYxNyPt1oAfI+disb6vMRg6fNJvZz8p0gfgG4PBYjVgEUscB2PXqAF2eyncdlAeaJGm5eici4OfF8h7WZ8tBh8WIr792iB9HMY/k+lPnO58FFqdulsox+x2Ox/SIZ/22yO0xpY5H7Y3u5ZyNkeaKzwivaRxuQDpm7vmbEFoExDGUwUTrH9pGMAui
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: fcf2d4d9-ff64-4bad-c33c-08d566083a09
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(7021125)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:MWHPR08MB2621;
x-ms-traffictypediagnostic: MWHPR08MB2621:
x-microsoft-antispam-prvs: <MWHPR08MB2621A83A67150DA6373AF2BDDAE60@MWHPR08MB2621.namprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(37575265505322)(120809045254105);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231097)(2400081)(944501161)(6041288)(2016111802025)(20161123564045)(20161123558120)(20161123562045)(20161123560045)(6043046)(6072148)(201708071742011); SRVR:MWHPR08MB2621; BCL:0; PCL:0; RULEID:; SRVR:MWHPR08MB2621;
x-forefront-prvs: 05669A7924
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(376002)(366004)(39380400002)(39830400003)(396003)(189003)(199004)(13464003)(77096007)(97736004)(186003)(6436002)(81156014)(2906002)(55016002)(229853002)(9686003)(6306002)(81166006)(7736002)(8676002)(74316002)(6116002)(86362001)(305945005)(3480700004)(74482002)(53936002)(8936002)(102836004)(6506007)(106356001)(14454004)(3660700001)(3280700002)(53546011)(110136005)(6246003)(2900100001)(33656002)(54906003)(966005)(316002)(478600001)(25786009)(99286004)(68736007)(105586002)(93886005)(76176011)(7696005)(7116003)(5660300001)(2950100002)(4326008); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR08MB2621; H:MWHPR08MB2432.namprd08.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:0; LANG:en;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-microsoft-antispam-message-info: Ab04owY6Q1mL2P5vApfMUJ4X3hTV4JwxqvjAG6gNhUDGWhRW+OmBnHqmNXH94dYbJNHdHsybgnaGgK2tukeyfA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: fcf2d4d9-ff64-4bad-c33c-08d566083a09
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jan 2018 04:33:05.8220 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR08MB2621
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/UcGT8sTciEvvnUg2eBLDg4iQ_II>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jan 2018 04:33:13 -0000

I may have missed the final state where this landed, but with Martin's reworking of the key schedule that includes the Connection ID in the key generation, wouldn't you automatically have a different encryption context any time you intentionally changed Connection IDs (which is likely when changing paths) anyway?

And if you don't change Connection ID, you're already linkable because of the CID, so you don't care if you're continuing to use the same sequence numbers.  (But we agreed to encrypt them anyway.)

-----Original Message-----
From: QUIC [mailto:quic-bounces@ietf.org] On Behalf Of Christian Huitema
Sent: Thursday, January 25, 2018 2:11 PM
To: De Schepper, Koen (Nokia - BE/Antwerp) <koen.de_schepper@nokia-bell-labs.com>; Lubashev, Igor <ilubashe@akamai.com>; Brian Trammell (IETF) <ietf@trammell.ch>
Cc: Ingemar Johansson S <ingemar.s.johansson@ericsson.com>; QUIC WG <quic@ietf.org>; Bob Briscoe (research@bobbriscoe.net) <research@bobbriscoe.net>
Subject: Re: ECN in QUIC

On 1/25/2018 12:10 AM, De Schepper, Koen (Nokia - BE/Antwerp) wrote:

> Some questions related to the remark of Christian: "We are heading towards a single packet sequence number space shared by multiple paths"
> What is the rationale behind this?
> Is the reason for this that there are currently no per path states/communications required? (because congestion control is currently out of scope, and it is currently the only per path processing required). In that case I understand why the current design of QUIC is optimizing itself towards application to application state, but we must make sure we don't make our live difficult if we have per connection state (when it is needed, like congestion control).

This is related to encryption options for multipath. I explained the design choices in https://datatracker.ietf.org/doc/draft-huitema-quic-mpath-req/. AEAD encryption requires that sequence numbers do not repeat for a given encryption context. For multipath, this requirement can be met by either having separate encryption contexts per path, or having a single encryption context for all paths and using the same sequence number space for every paths. This is also a requirement when multiple paths are used for connection migration.

We had that discussion in Melbourne, and the sense of the room was clearly that having separate encryption contexts per paths was too complicated. Having a single sequence number space and a single encryption context is significantly simpler. There is a privacy issue, linkability via the sequence numbers, but that privacy issue can be addressed by encrypting the sequence numbers, and we pretty much agreed to do that. Hence my statement that "We are heading towards a single packet sequence number space shared by multiple paths".

Of course we still need to maintain per path variables for RTT, PMTU and congestion control. As long as we only support migration, that could be finessed somewhat by resetting these variables to their initial state at the end of the migration. But when we do true multipath, there will be a need to associate congestion control signals with paths. If we have a single sequence number, the way to do that is to maintain associations between packets and path, e.g. having a path tag in the packet copy kept for retransmission purposes. That's sufficient for signals like ACK or losses, but it requires that ECN signals be tied to specific packets.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email