IETF Logo Mail Archive

Re: negotiating Packet Number Protection

Christian Huitema <huitema@huitema.net> Sat, 08 September 2018 04:20 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DDCD130DEE for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 21:20:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.618
X-Spam-Level:
X-Spam-Status: No, score=-1.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3PYBRANMIoXw for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 21:20:47 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C6A912F295 for <quic@ietf.org>; Fri, 7 Sep 2018 21:20:47 -0700 (PDT)
Received: from xsmtp01.mail2web.com ([168.144.250.230]) by mx3.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1fyUjS-0000ML-4l for quic@ietf.org; Sat, 08 Sep 2018 06:20:44 +0200
Received: from [10.5.2.17] (helo=xmail07.myhosting.com) by xsmtp01.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1fyUjK-0003WX-3r for quic@ietf.org; Sat, 08 Sep 2018 00:20:22 -0400
Received: (qmail 19217 invoked from network); 8 Sep 2018 04:20:17 -0000
Received: from unknown (HELO [192.168.1.105]) (Authenticated-user:_huitema@huitema.net@[172.56.42.28]) (envelope-sender <huitema@huitema.net>) by xmail07.myhosting.com (qmail-ldap-1.03) with ESMTPA for <quic@ietf.org>; 8 Sep 2018 04:20:16 -0000
To: quic@ietf.org
References: <DM5PR21MB01393FE7097A16C7A68EA7BE95010@DM5PR21MB0139.namprd21.prod.outlook.com> <CABkgnnViOSQOYeEL4bL_hq6jPDaGR-G+O=A96C78+X4mheWaxg@mail.gmail.com> <0d5fb94c-3a79-ac40-ee12-193d190d4408@huitema.net> <DB6PR10MB1766D14FF9B5C1971B72471DAC000@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM> <CAKcm_gPWf=GZoMr3Nf2k75oRifK51+ZkUbH42-cM2Oa1Smy6Sg@mail.gmail.com> <7CF7F94CB496BF4FAB1676F375F9666A3BB968F3@bgb01xud1012>
From: Christian Huitema <huitema@huitema.net>
Openpgp: preference=signencrypt
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= xsBNBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAHNJ0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PsLAeQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1bOwE0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAcLBfgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <e96841a5-4700-c6ac-d853-5a5df63a8667@huitema.net>
Date: Fri, 07 Sep 2018 21:20:14 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <7CF7F94CB496BF4FAB1676F375F9666A3BB968F3@bgb01xud1012>
Content-Type: multipart/alternative; boundary="------------31A5610C687A7D8D3C25CF1F"
Content-Language: en-US
Subject: Re: negotiating Packet Number Protection
X-Originating-IP: 168.144.250.230
X-AntiSpamCloud-Domain: xsmtpout.mail2web.com
X-AntiSpamCloud-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.12)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5kAQrZIUAc1Uh7O6gPfJhoR602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO37pNwwF1lRXh5rzvPzo9Jts1ujulqUFmMITHM77eiViHpsXrhr8gUh+2DjkFwDd087i TvJ2/ZGzVWB9scFAaCdIFaUvXN+CI+RGy3Me16pBiuj1YIZWyGteeTEbAD/lb/vRa7MR4hgRIg8N 1QlY4G7x1YBTEs55LirRLgpsvCFtid7SQi4NE/job5y2wAN3GZxznd8NXwc/vKJtfZaXo5QAJAfA 9MMVcQ9WVjD1q+Rbd9IPG/DQ2p+GU04sTuYFs91jhnM/Mbva2XLV/LIEzaKyLm0zESXAkIAT8ZKA DvsGI5uh86ZVnyOrYkLMWyEaRt9fxN2oReTDHAyOynaY0Cn4p2u0cbdyGTcIliCOXEyKIRFsicyJ MEhQFtD8PLoiniWmsFByBoXAuCZEyg59LM/9rUJrEbVA84BZVscMTXpbpuxXJTL417vaJWq5kk+j cuidX4Ts4xdG+C13IyWeZaJSeVepNMlFCJck9eZ1iJl1PwUimsNGvJJilSn4u6QSZPNCzILcdUOO ldEjwYXnJoks95DGoDQyh90npG6wuAU16Y3oZJdQ0WXQEIKhyt8GALxCCXdUXmVhCtBec/fcEYvj esdofIZr77ejLGfC2JB7ygC2BNoAMaYuKRPezBphPk8cW9l7L/bUyy3TdA61l2eLd7jNOurXbHPG ke3Kdf7raVyaWasUJQ63b104WgCDW9Iivy+nwsaRXVdompsKqyLQyuWm7ieIYxdSpIuKpxGY647l NwN4qOsSZg+fYhVZG6s3d+AJyG780FYhIa/Gvz+vPRlp44C0jVYGRiPSt4ToCZPO2GKNZaMtjfyA obtcMvAFMvX7q8M4x6bP/gjzw0OjTdGcfvx5IojyUdakbY3OIKvEx19waJj/yR/yCVBWvmU/ts+C IC6rClmkQnuoxlv2OKHH5lr9xXvSM4nM3avg
X-Report-Abuse-To: spam@quarantine6.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/W0zi7NtZHS8SQ7Rnjbl4ZvceEEs>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Sep 2018 04:20:50 -0000

On the "migration" point. I think that proposing the "no packet number
protection" option without also proposing the "migration not supported"
option should be treated as a protocol error.

-- Christian Huitema


On 9/7/2018 10:10 AM, Lucas Pardue wrote:
> I agree with relaxing the MUST for Internet-facing. 
>
> There may be some future applications of future versions of QUIC where
> the benefits of PNP are harder to rationalise (i.e. traceabiity of
> mutlicasted QUIC packets that share a packet number). Indeed, there
> may be some other schemes that a benefit from a readble and/or
> deterministic packet number. However, that's all a long way off. What
> I like about the extension for the QUIC we have today is that it sets
> the right frame up for implementations that might want to do things
> slightly differently.
>
> Regards
> Lucas
> ------------------------------------------------------------------------
> *From:* QUIC [quic-bounces@ietf.org] on behalf of Ian Swett
> [ianswett=40google.com@dmarc.ietf.org]
> *Sent:* 07 September 2018 13:38
> *To:* Mikkel Fahnøe Jørgensen
> *Cc:* Martin Thomson; IETF QUIC WG; Christian Huitema;
> gabriel.montenegro=40microsoft.com@dmarc.ietf.org
> *Subject:* Re: negotiating Packet Number Protection
>
> I agree with Mikkel that the MUST not enable it on the public internet
> is either too strong or potentially impractical to enforce, so I would
> be inclined to change that to a SHOULD.
>
> I would request that this MUST not be used when voluntary/intentional
> connection migration is enabled.
>
> On Thu, Sep 6, 2018 at 11:30 PM Mikkel Fahnøe Jørgensen
> <mikkelfj@gmail.com <mailto:mikkelfj@gmail.com>> wrote:
>
>     The MUST not disable PNP on internet facing nodes is too strong -
>     you want a deployment to be able to move to a new DC while talking
>     to the old DC - although ossification could br a concern, it is
>     not egen limited to quasi stationært use cases.
>
>     ------------------------------------------------------------------------
>     *From:* QUIC <quic-bounces@ietf.org
>     <mailto:quic-bounces@ietf.org>> on behalf of Christian Huitema
>     <huitema@huitema.net <mailto:huitema@huitema.net>>
>     *Sent:* Friday, September 7, 2018 4:09:01 AM
>     *To:* Martin Thomson;
>     Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org
>     <mailto:40microsoft.com@dmarc.ietf.org>
>     *Cc:* QUIC WG
>     *Subject:* Re: negotiating Packet Number Protection
>      
>     This draft requests assignment of single byte code point. I would
>     rather
>     not do that know, as we are discussing reserving several consecutive
>     codes for ACK variants and options. Would it be a deal breaker if the
>     option used a longer code?
>
>     -- Christian Huitema
>
>
>     On 9/6/2018 5:05 PM, Martin Thomson wrote:
>     > This is an entirely appropriate use of transport parameters and it
>     > looks like the design works as intended.  I tend to think that the
>     > IETF doesn't need to publish this - this sort of extension is why we
>     > have relatively loose registration policies - but I'm happy to have
>     > that conversation at the appropriate time.
>     > On Fri, Sep 7, 2018 at 8:55 AM Gabriel Montenegro
>     > <Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org
>     <mailto:40microsoft.com@dmarc.ietf.org>> wrote:
>     >> Folks,
>     >>
>     >>
>     >>
>     >> We just submitted a draft to negotiate Packet Number
>     Protection. This would allow disabling it in environments (e.g.,
>     in a datacenter) where it may no be needed if both sides agree.
>     Browsers, of course, would probably not bother with this.
>     >>
>     >>
>     >>
>     >> https://tools.ietf.org/html/draft-montenegro-quic-negotiate-pnp-00
>     >>
>     >>
>     >>
>     >> thanks,
>     >>
>     >>
>     >>
>     >> Gabriel, Nick, Praveen
>
>  
>
> ----------------------------
>
> http://www.bbc.co.uk <http://www.bbc.co.uk>
> This e-mail (and any attachments) is confidential and may contain
> personal views which are not the views of the BBC unless specifically
> stated.
> If you have received it in error, please delete it from your system.
> Do not use, copy or disclose the information in any way nor act in
> reliance on it and notify the sender immediately.
> Please note that the BBC monitors e-mails sent or received.
> Further communication will signify your consent to this.
>
> ---------------------
>

v2.23.0 | Report a Bug | By Email