Re: negotiating Packet Number Protection
Ian Swett <ianswett@google.com> Fri, 07 September 2018 12:40 UTC
Return-Path: <ianswett@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63482130DDB for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 05:40:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.51
X-Spam-Level:
X-Spam-Status: No, score=-17.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kDSxjr4S-eN5 for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 05:40:09 -0700 (PDT)
Received: from mail-yw1-xc35.google.com (mail-yw1-xc35.google.com [IPv6:2607:f8b0:4864:20::c35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEB03130DE5 for <quic@ietf.org>; Fri, 7 Sep 2018 05:40:08 -0700 (PDT)
Received: by mail-yw1-xc35.google.com with SMTP id 14-v6so5334526ywe.2 for <quic@ietf.org>; Fri, 07 Sep 2018 05:40:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=nnL793ilHQwJg5WEYg2z7ttekZoqGydrTn52oloDVys=; b=VLKjmzirJOMWsnOiyGOOgZ39uJJHA41c60T+8BUOnc0aJmy48YPV7t9Fdo4xrqTTJs 4LqGmFPv1Q9df04t0s4e7rPbIEXS4MWKPjHDGPVa/QLaVJieNPHKgTEU/LXFQZ3p/FIe uxbobf2VeXu3xnH2VfufjP+OUD8vfmc7Ebbg2zFJjptBsV/ZiPQDFzVIvU1fyiFhcUrm 0Qj+POejXi0NUAEc7xGnun3Z2Qa+8EiFbOFV8MdRW7xpVCR0zG5CUPyPEqwBnopkKkOu O3nzOqsKKUJgZ3nxdavh9t4In6NxFoOmQksfkqi4s2i/fdQbUE13dFnnHNJUmvP/BJqj ul9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=nnL793ilHQwJg5WEYg2z7ttekZoqGydrTn52oloDVys=; b=DIlzd+0rwjKpiEbSVjRGe+DKokEw1Ut6VsHwsJzML4veuSk657oiwcq1l5Guf6dkkX i7i+JFgJNcQcCcB8cL+lh3csG3D3m80PfcGETeYnvO/zf6gTscgXH0fnsqn4tLxP4BxV Hqg74AepDijASlZKf4LaIUDvSWdVNCZpXEnWOphC7tAgbjLOFYW7FxISczgarDK84D25 LJPuJdNOrmNDIznMfbXwJcd0tAMBUIuOcyEkUR9qHZr2Tgiwla5qZMNPadDchKaeGb7l odHNdlpFyHg27HyUqKdTkMIaxMwJUUSpIR1KhyhxftFbBYo+SPSq2NgH1CxTQhGE/z0d 3NMQ==
X-Gm-Message-State: APzg51Bl3KgfEpVBEevrC+7RjSZWfEC7OfNCkiGNgmPP5nsA3ibTrRVC fUYFdz9goqr6oIg8EkFJyequCFQJRsDuabiizu2g3w==
X-Google-Smtp-Source: ANB0VdaVFEC6C7LT0ymJtgDAopyTT+T2iocCZ0kS3B3xvu25XEdqvxQt7K4ZKFDR6CEuWaLGZn9e4+a6MW1PIyHPxVg=
X-Received: by 2002:a81:6554:: with SMTP id z81-v6mr3878303ywb.34.1536324007597; Fri, 07 Sep 2018 05:40:07 -0700 (PDT)
MIME-Version: 1.0
References: <DM5PR21MB01393FE7097A16C7A68EA7BE95010@DM5PR21MB0139.namprd21.prod.outlook.com> <CABkgnnViOSQOYeEL4bL_hq6jPDaGR-G+O=A96C78+X4mheWaxg@mail.gmail.com> <0d5fb94c-3a79-ac40-ee12-193d190d4408@huitema.net> <DB6PR10MB1766D14FF9B5C1971B72471DAC000@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM>
In-Reply-To: <DB6PR10MB1766D14FF9B5C1971B72471DAC000@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM>
From: Ian Swett <ianswett@google.com>
Date: Fri, 07 Sep 2018 08:38:39 -0400
Message-ID: <CAKcm_gPWf=GZoMr3Nf2k75oRifK51+ZkUbH42-cM2Oa1Smy6Sg@mail.gmail.com>
Subject: Re: negotiating Packet Number Protection
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, Martin Thomson <martin.thomson@gmail.com>, gabriel.montenegro=40microsoft.com@dmarc.ietf.org, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bced980575474ef6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/VuWewPV3Coy28BSUEEfrRh0kJfk>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Sep 2018 12:40:12 -0000
I agree with Mikkel that the MUST not enable it on the public internet is either too strong or potentially impractical to enforce, so I would be inclined to change that to a SHOULD. I would request that this MUST not be used when voluntary/intentional connection migration is enabled. On Thu, Sep 6, 2018 at 11:30 PM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> wrote: > The MUST not disable PNP on internet facing nodes is too strong - you want > a deployment to be able to move to a new DC while talking to the old DC - > although ossification could br a concern, it is not egen limited to quasi > stationært use cases. > > ------------------------------ > *From:* QUIC <quic-bounces@ietf.org> on behalf of Christian Huitema < > huitema@huitema.net> > *Sent:* Friday, September 7, 2018 4:09:01 AM > *To:* Martin Thomson; Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org > *Cc:* QUIC WG > *Subject:* Re: negotiating Packet Number Protection > > This draft requests assignment of single byte code point. I would rather > not do that know, as we are discussing reserving several consecutive > codes for ACK variants and options. Would it be a deal breaker if the > option used a longer code? > > -- Christian Huitema > > > On 9/6/2018 5:05 PM, Martin Thomson wrote: > > This is an entirely appropriate use of transport parameters and it > > looks like the design works as intended. I tend to think that the > > IETF doesn't need to publish this - this sort of extension is why we > > have relatively loose registration policies - but I'm happy to have > > that conversation at the appropriate time. > > On Fri, Sep 7, 2018 at 8:55 AM Gabriel Montenegro > > <Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org> wrote: > >> Folks, > >> > >> > >> > >> We just submitted a draft to negotiate Packet Number Protection. This > would allow disabling it in environments (e.g., in a datacenter) where it > may no be needed if both sides agree. Browsers, of course, would probably > not bother with this. > >> > >> > >> > >> https://tools.ietf.org/html/draft-montenegro-quic-negotiate-pnp-00 > >> > >> > >> > >> thanks, > >> > >> > >> > >> Gabriel, Nick, Praveen > >
- negotiating Packet Number Protection Gabriel Montenegro
- Re: negotiating Packet Number Protection Martin Thomson
- Re: negotiating Packet Number Protection Christian Huitema
- Re: negotiating Packet Number Protection Mikkel Fahnøe Jørgensen
- Re: negotiating Packet Number Protection Martin Thomson
- Re: negotiating Packet Number Protection Christian Huitema
- Re: negotiating Packet Number Protection Ian Swett
- RE: negotiating Packet Number Protection Praveen Balasubramanian
- RE: negotiating Packet Number Protection Praveen Balasubramanian
- RE: negotiating Packet Number Protection Lucas Pardue
- Re: negotiating Packet Number Protection Christian Huitema
- RE: negotiating Packet Number Protection Gabriel Montenegro
- Re: negotiating Packet Number Protection Christopher Wood
- RE: negotiating Packet Number Protection Gabriel Montenegro
- Re: negotiating Packet Number Protection Lars Eggert
- RE: negotiating Packet Number Protection Gabriel Montenegro