IETF Logo Mail Archive

Re: QUIC Address Discovery

David Schinazi <dschinazi.ietf@gmail.com> Tue, 24 October 2023 23:19 UTC

Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9A7EC151088 for <quic@ietfa.amsl.com>; Tue, 24 Oct 2023 16:19:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Osrfgut1yWEF for <quic@ietfa.amsl.com>; Tue, 24 Oct 2023 16:19:24 -0700 (PDT)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F194C151073 for <quic@ietf.org>; Tue, 24 Oct 2023 16:19:24 -0700 (PDT)
Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-9c603e235d1so766526466b.3 for <quic@ietf.org>; Tue, 24 Oct 2023 16:19:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1698189562; x=1698794362; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=gcUdY4smYTIwJSkUO0tVqYe+OsZp3CG3iFUawEA+zqA=; b=aicfBIILSAhyTL+025jyCSPtnpgmbKjDwAk2taRHmb9t09VUViIbeYsLxn9eiPdAFT XnV5Rp73ZrnkytXzbPlZS0/YOfX44BSi5MThY8CprzEMFEPVG+gOcmmZ6aJiU5Bisra3 3cxR+KEWU7756oyMmnhOOHytWR8QS/GjmTZvYYVpVIp2OowA84jXBEB9M1tOXgQDktIl pXYDKSiGqjreRf2rWR4faGmf26PYx1kv4XiADQ+nqTOR04qBc+BwOWJg7JJWnwOxRuMf EbGTkBLUkwUnDVB13IRAVznDqmAajQZiYLDgRpbjUiV1vUSAmACzghfE0/6bAhs7NJQC 1h0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698189562; x=1698794362; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gcUdY4smYTIwJSkUO0tVqYe+OsZp3CG3iFUawEA+zqA=; b=bzqoKXJ786xM+XxQ59ShkjacHQEvMXCk/HrULqOPzO7j5IpXbsOk8QYH6L77d2zCjE kAtqd9j/Yrf8fLLHVkm6+f8DPk0J7sASbB9KpWFggCyH9cRpQm6k851LXhKN5A+WZMyX xD7ePUfCnKbHzgliKuir1lUSU1oJCi9zEYmT0cTN7/9t4P5pekuVHrhDpZ3djqZqvyCv 9AzD3evVzN4r6uPdBUyTIUYfFK8g3sMvMiV3EABZNmh+u7BXqAB+eYtCmxvWIuzRrJDE utC3O0uDvAVAErCM3725NiEt9pUaU0sW3AGQSk4Vd2Tk3KqYJ4VFGu6PrmgybRvlXpf1 dOhQ==
X-Gm-Message-State: AOJu0YwI4F40XraxuNv5PR/xbFO8bf8uRiC5+0KyQR2D54P5sLeSyWQj 8S940EWI1Yd4vzJe8m6X0yyN2b1bCXN//Jc43f5NiSDqrgM=
X-Google-Smtp-Source: AGHT+IEY2uwEcIRHb/GEIq+mQa0LfpIe/JsUVg24JDVl5dYVhVBm3/FTARM/YkA40af3k/BjFv7fJ74YBzyOcTrdJEk=
X-Received: by 2002:a17:907:e8b:b0:9c3:e66e:2006 with SMTP id ho11-20020a1709070e8b00b009c3e66e2006mr11797391ejc.9.1698189561619; Tue, 24 Oct 2023 16:19:21 -0700 (PDT)
MIME-Version: 1.0
References: <CAOYVs2os+0EVc-ptpFU8tbHO-4-JcPwpQ6kbbQh9n4UHC5j8rg@mail.gmail.com> <CANatvzxMFWyn6GXXB+OZAOBGNqpvAS6N565PaTvgPmqrPtN2Qg@mail.gmail.com> <CANatvzz3D-iH_-VbwVW=uJGHn_ingd7z3kB2z==eu-_JGYbtLQ@mail.gmail.com>
In-Reply-To: <CANatvzz3D-iH_-VbwVW=uJGHn_ingd7z3kB2z==eu-_JGYbtLQ@mail.gmail.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Tue, 24 Oct 2023 16:19:10 -0700
Message-ID: <CAPDSy+5LeizGhCdo+4PSe297O8_+T_i=FF4pN1v=W-d2JeNfBg@mail.gmail.com>
Subject: Re: QUIC Address Discovery
To: Marten Seemann <martenseemann@gmail.com>
Cc: QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000094e85c06087e91c5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/WQH6ZuIuQwpIZsimehDeHJ5k8T0>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Oct 2023 23:19:28 -0000

This sounds very similar to this draft:
https://datatracker.ietf.org/doc/html/draft-pauly-quic-address-extension
Might be worth chatting with the authors to see if they're still interested
in this topic.

David

On Fri, Oct 20, 2023 at 11:29 AM Kazuho Oku <kazuhooku@gmail.com> wrote:

>
>
> 2023年10月20日(金) 14:27 Kazuho Oku <kazuhooku@gmail.com>:
>
>> Thank you for the draft.
>>
>> I do not have enough knowledge to comment on the use-case, but I have one
>> concern regarding the design.
>>
>> It seems to me that the credit (i.e., permitted sequence number space)
>> for sending REQUEST_ADDRESS frames is not bounded.
>>
>> Doesn't that mean that an attacker can issue an arbitrary number of
>> REQUEST_ADDRESS requests without sending acks, thereby causing state
>> exhaustion at the receiver?
>>
>> That leads me to wonder if it is the best way to implement this sort of
>> request-response protocol directly on top of QUIC frames. What is the
>> rationale for defining this protocol not on top of QUIC streams, as part of
>> the application protocol?
>>
>> FWIW, if use of QUIC streams is undesirable, one alternative would be to
>> use TLS post handshake messages (i.e., the CRYPTO stream at the application
>> packet number space). The benefit of such a design would be that the
>> address discovery mechanism would then work on any protocol built on top of
>> TLS (e.g., TLS-over-TCP, DTLS, QUIC).
>>
>
> PS. Or, if we are seeing an emerging pattern of using one QUIC connection
> for conveying multiple application protocols (looks at WebTransport), is
> there a need to agree on (if not standardize) how QUIC streams are shared
> among the application protocols?
>
>
>>
>> 2023年10月20日(金) 3:39 Marten Seemann <martenseemann@gmail.com>:
>>
>>> I just published an I-D that defines a mechanism for QUIC endpoints to
>>> discover their (public) IP address and helps them determine their position
>>> in the network (e.g. if they're behind a NAT):
>>> https://datatracker.ietf.org/doc/draft-seemann-quic-address-discovery/
>>> This is especially helpful for QUIC nodes running in a p2p setting.
>>>
>>> A similar result could be achieved by using STUN on the same UDP socket,
>>> but there are several advantages of doing it inside of QUIC. See the draft
>>> for details.
>>>
>>>
>>
>> --
>> Kazuho Oku
>>
>
>
> --
> Kazuho Oku
>

v2.23.0 | Report a Bug | By Email