Re: negotiating Packet Number Protection
Christian Huitema <huitema@huitema.net> Sat, 08 September 2018 04:20 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DDCD130DEE for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 21:20:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.618
X-Spam-Level:
X-Spam-Status: No, score=-1.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3PYBRANMIoXw for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 21:20:47 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C6A912F295 for <quic@ietf.org>; Fri, 7 Sep 2018 21:20:47 -0700 (PDT)
Received: from xsmtp01.mail2web.com ([168.144.250.230]) by mx3.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1fyUjS-0000ML-4l for quic@ietf.org; Sat, 08 Sep 2018 06:20:44 +0200
Received: from [10.5.2.17] (helo=xmail07.myhosting.com) by xsmtp01.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1fyUjK-0003WX-3r for quic@ietf.org; Sat, 08 Sep 2018 00:20:22 -0400
Received: (qmail 19217 invoked from network); 8 Sep 2018 04:20:17 -0000
Received: from unknown (HELO [192.168.1.105]) (Authenticated-user:_huitema@huitema.net@[172.56.42.28]) (envelope-sender <huitema@huitema.net>) by xmail07.myhosting.com (qmail-ldap-1.03) with ESMTPA for <quic@ietf.org>; 8 Sep 2018 04:20:16 -0000
To: quic@ietf.org
References: <DM5PR21MB01393FE7097A16C7A68EA7BE95010@DM5PR21MB0139.namprd21.prod.outlook.com> <CABkgnnViOSQOYeEL4bL_hq6jPDaGR-G+O=A96C78+X4mheWaxg@mail.gmail.com> <0d5fb94c-3a79-ac40-ee12-193d190d4408@huitema.net> <DB6PR10MB1766D14FF9B5C1971B72471DAC000@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM> <CAKcm_gPWf=GZoMr3Nf2k75oRifK51+ZkUbH42-cM2Oa1Smy6Sg@mail.gmail.com> <7CF7F94CB496BF4FAB1676F375F9666A3BB968F3@bgb01xud1012>
From: Christian Huitema <huitema@huitema.net>
Openpgp: preference=signencrypt
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= xsBNBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAHNJ0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PsLAeQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1bOwE0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAcLBfgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <e96841a5-4700-c6ac-d853-5a5df63a8667@huitema.net>
Date: Fri, 07 Sep 2018 21:20:14 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <7CF7F94CB496BF4FAB1676F375F9666A3BB968F3@bgb01xud1012>
Content-Type: multipart/alternative; boundary="------------31A5610C687A7D8D3C25CF1F"
Content-Language: en-US
Subject: Re: negotiating Packet Number Protection
X-Originating-IP: 168.144.250.230
X-AntiSpamCloud-Domain: xsmtpout.mail2web.com
X-AntiSpamCloud-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.12)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5kAQrZIUAc1Uh7O6gPfJhoR602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO37pNwwF1lRXh5rzvPzo9Jts1ujulqUFmMITHM77eiViHpsXrhr8gUh+2DjkFwDd087i TvJ2/ZGzVWB9scFAaCdIFaUvXN+CI+RGy3Me16pBiuj1YIZWyGteeTEbAD/lb/vRa7MR4hgRIg8N 1QlY4G7x1YBTEs55LirRLgpsvCFtid7SQi4NE/job5y2wAN3GZxznd8NXwc/vKJtfZaXo5QAJAfA 9MMVcQ9WVjD1q+Rbd9IPG/DQ2p+GU04sTuYFs91jhnM/Mbva2XLV/LIEzaKyLm0zESXAkIAT8ZKA DvsGI5uh86ZVnyOrYkLMWyEaRt9fxN2oReTDHAyOynaY0Cn4p2u0cbdyGTcIliCOXEyKIRFsicyJ MEhQFtD8PLoiniWmsFByBoXAuCZEyg59LM/9rUJrEbVA84BZVscMTXpbpuxXJTL417vaJWq5kk+j cuidX4Ts4xdG+C13IyWeZaJSeVepNMlFCJck9eZ1iJl1PwUimsNGvJJilSn4u6QSZPNCzILcdUOO ldEjwYXnJoks95DGoDQyh90npG6wuAU16Y3oZJdQ0WXQEIKhyt8GALxCCXdUXmVhCtBec/fcEYvj esdofIZr77ejLGfC2JB7ygC2BNoAMaYuKRPezBphPk8cW9l7L/bUyy3TdA61l2eLd7jNOurXbHPG ke3Kdf7raVyaWasUJQ63b104WgCDW9Iivy+nwsaRXVdompsKqyLQyuWm7ieIYxdSpIuKpxGY647l NwN4qOsSZg+fYhVZG6s3d+AJyG780FYhIa/Gvz+vPRlp44C0jVYGRiPSt4ToCZPO2GKNZaMtjfyA obtcMvAFMvX7q8M4x6bP/gjzw0OjTdGcfvx5IojyUdakbY3OIKvEx19waJj/yR/yCVBWvmU/ts+C IC6rClmkQnuoxlv2OKHH5lr9xXvSM4nM3avg
X-Report-Abuse-To: spam@quarantine6.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/W0zi7NtZHS8SQ7Rnjbl4ZvceEEs>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Sep 2018 04:20:50 -0000
On the "migration" point. I think that proposing the "no packet number protection" option without also proposing the "migration not supported" option should be treated as a protocol error. -- Christian Huitema On 9/7/2018 10:10 AM, Lucas Pardue wrote: > I agree with relaxing the MUST for Internet-facing. > > There may be some future applications of future versions of QUIC where > the benefits of PNP are harder to rationalise (i.e. traceabiity of > mutlicasted QUIC packets that share a packet number). Indeed, there > may be some other schemes that a benefit from a readble and/or > deterministic packet number. However, that's all a long way off. What > I like about the extension for the QUIC we have today is that it sets > the right frame up for implementations that might want to do things > slightly differently. > > Regards > Lucas > ------------------------------------------------------------------------ > *From:* QUIC [quic-bounces@ietf.org] on behalf of Ian Swett > [ianswett=40google.com@dmarc.ietf.org] > *Sent:* 07 September 2018 13:38 > *To:* Mikkel Fahnøe Jørgensen > *Cc:* Martin Thomson; IETF QUIC WG; Christian Huitema; > gabriel.montenegro=40microsoft.com@dmarc.ietf.org > *Subject:* Re: negotiating Packet Number Protection > > I agree with Mikkel that the MUST not enable it on the public internet > is either too strong or potentially impractical to enforce, so I would > be inclined to change that to a SHOULD. > > I would request that this MUST not be used when voluntary/intentional > connection migration is enabled. > > On Thu, Sep 6, 2018 at 11:30 PM Mikkel Fahnøe Jørgensen > <mikkelfj@gmail.com <mailto:mikkelfj@gmail.com>> wrote: > > The MUST not disable PNP on internet facing nodes is too strong - > you want a deployment to be able to move to a new DC while talking > to the old DC - although ossification could br a concern, it is > not egen limited to quasi stationært use cases. > > ------------------------------------------------------------------------ > *From:* QUIC <quic-bounces@ietf.org > <mailto:quic-bounces@ietf.org>> on behalf of Christian Huitema > <huitema@huitema.net <mailto:huitema@huitema.net>> > *Sent:* Friday, September 7, 2018 4:09:01 AM > *To:* Martin Thomson; > Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org > <mailto:40microsoft.com@dmarc.ietf.org> > *Cc:* QUIC WG > *Subject:* Re: negotiating Packet Number Protection > > This draft requests assignment of single byte code point. I would > rather > not do that know, as we are discussing reserving several consecutive > codes for ACK variants and options. Would it be a deal breaker if the > option used a longer code? > > -- Christian Huitema > > > On 9/6/2018 5:05 PM, Martin Thomson wrote: > > This is an entirely appropriate use of transport parameters and it > > looks like the design works as intended. I tend to think that the > > IETF doesn't need to publish this - this sort of extension is why we > > have relatively loose registration policies - but I'm happy to have > > that conversation at the appropriate time. > > On Fri, Sep 7, 2018 at 8:55 AM Gabriel Montenegro > > <Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org > <mailto:40microsoft.com@dmarc.ietf.org>> wrote: > >> Folks, > >> > >> > >> > >> We just submitted a draft to negotiate Packet Number > Protection. This would allow disabling it in environments (e.g., > in a datacenter) where it may no be needed if both sides agree. > Browsers, of course, would probably not bother with this. > >> > >> > >> > >> https://tools.ietf.org/html/draft-montenegro-quic-negotiate-pnp-00 > >> > >> > >> > >> thanks, > >> > >> > >> > >> Gabriel, Nick, Praveen > > > > ---------------------------- > > http://www.bbc.co.uk <http://www.bbc.co.uk> > This e-mail (and any attachments) is confidential and may contain > personal views which are not the views of the BBC unless specifically > stated. > If you have received it in error, please delete it from your system. > Do not use, copy or disclose the information in any way nor act in > reliance on it and notify the sender immediately. > Please note that the BBC monitors e-mails sent or received. > Further communication will signify your consent to this. > > --------------------- >
- negotiating Packet Number Protection Gabriel Montenegro
- Re: negotiating Packet Number Protection Martin Thomson
- Re: negotiating Packet Number Protection Christian Huitema
- Re: negotiating Packet Number Protection Mikkel Fahnøe Jørgensen
- Re: negotiating Packet Number Protection Martin Thomson
- Re: negotiating Packet Number Protection Christian Huitema
- Re: negotiating Packet Number Protection Ian Swett
- RE: negotiating Packet Number Protection Praveen Balasubramanian
- RE: negotiating Packet Number Protection Praveen Balasubramanian
- RE: negotiating Packet Number Protection Lucas Pardue
- Re: negotiating Packet Number Protection Christian Huitema
- RE: negotiating Packet Number Protection Gabriel Montenegro
- Re: negotiating Packet Number Protection Christopher Wood
- RE: negotiating Packet Number Protection Gabriel Montenegro
- Re: negotiating Packet Number Protection Lars Eggert
- RE: negotiating Packet Number Protection Gabriel Montenegro