IETF Logo Mail Archive

RE: negotiating Packet Number Protection

Praveen Balasubramanian <pravb@microsoft.com> Fri, 07 September 2018 15:56 UTC

Return-Path: <pravb@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5F8B130E1B for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 08:56:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3m5F8peVsmk0 for <quic@ietfa.amsl.com>; Fri, 7 Sep 2018 08:56:43 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0092.outbound.protection.outlook.com [104.47.37.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A262130DD4 for <quic@ietf.org>; Fri, 7 Sep 2018 08:56:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iF3E5vCL4iPfQG86rlS6OHWdNH1YOMS1o/pl7yc/4lw=; b=RIHp/WNBy+2gWcUycMvVpA5GUnZIKDZ2suUww5GQXXSclyiG6GZetg4vSZYyph8jdTFXZOGfEXR5JkjXAZVDwmKFV2u8Qdp8gu9n48wb+I9cl64YMCoLWMuo8Po2lKDmJr2Rv34bLg03qpVYBkLDQMVYvR93ggefYnsNCXucoXA=
Received: from MWHPR21MB0191.namprd21.prod.outlook.com (10.173.52.137) by MWHPR21MB0510.namprd21.prod.outlook.com (10.172.95.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.8; Fri, 7 Sep 2018 15:56:41 +0000
Received: from MWHPR21MB0191.namprd21.prod.outlook.com ([fe80::1572:8fda:35b4:6231]) by MWHPR21MB0191.namprd21.prod.outlook.com ([fe80::1572:8fda:35b4:6231%5]) with mapi id 15.20.1143.008; Fri, 7 Sep 2018 15:56:41 +0000
From: Praveen Balasubramanian <pravb@microsoft.com>
To: Ian Swett <ianswett=40google.com@dmarc.ietf.org>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
CC: Martin Thomson <martin.thomson@gmail.com>, IETF QUIC WG <quic@ietf.org>, huitema <huitema@huitema.net>, "gabriel.montenegro=40microsoft.com@dmarc.ietf.org" <gabriel.montenegro=40microsoft.com@dmarc.ietf.org>
Subject: RE: negotiating Packet Number Protection
Thread-Topic: negotiating Packet Number Protection
Thread-Index: AdRGNFtNHdOO+Z3gRiiFS3eOLSplqgACixwAAARNpYAAAtZIgAATJxSAAAbjcaA=
Date: Fri, 07 Sep 2018 15:56:41 +0000
Message-ID: <MWHPR21MB0191E9CDC1B44468A66BA31BB6000@MWHPR21MB0191.namprd21.prod.outlook.com>
References: <DM5PR21MB01393FE7097A16C7A68EA7BE95010@DM5PR21MB0139.namprd21.prod.outlook.com> <CABkgnnViOSQOYeEL4bL_hq6jPDaGR-G+O=A96C78+X4mheWaxg@mail.gmail.com> <0d5fb94c-3a79-ac40-ee12-193d190d4408@huitema.net> <DB6PR10MB1766D14FF9B5C1971B72471DAC000@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM> <CAKcm_gPWf=GZoMr3Nf2k75oRifK51+ZkUbH42-cM2Oa1Smy6Sg@mail.gmail.com>
In-Reply-To: <CAKcm_gPWf=GZoMr3Nf2k75oRifK51+ZkUbH42-cM2Oa1Smy6Sg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2001:4898:80e8:b:7dd0:4447:51b2:2abc]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR21MB0510; 6:PGDsWNX7D+4jo6RRb3fjEYds4UH9sqEqmqraPyfHKf2tzVIzsx3i0bkz9aOq2YrcHPGPuil/rlHDS0G+Op8SqzujmWt0ZBOuJsMhzslDRAb5C/0UMhoGaW4eZ57BuqJCM222KA4TrMKLAh4CNbzxkCH6MEd4oG4jxHXEGL1ITgcozSKc/3O8d491fSTXztSAkmjVghY7jUtKuv6mlveB3rmzmScuzK4/OkHgKLGXi3lBK/umhsHMqvdImOTl1xbIDxWnnxMWsk0x3GDkpI5OEi1TcUH0JjM2SJSwM9S4p2uAKYTJz8IcdfF2CWm1G0vHZ6trfazL2eYgPxOb4WVzK20r7TyrB2ARSRhYVPpc3wyUoJN4+Zrh7Asz4IUZbkWOFm5/rHJ1a71U3zjVFmxWyqwf5cxhBPunr6/mxau73G2ykpVRyaf/T64S/bZG/piWSkA4gAHz2Spj3EPMJgvV9A==; 5:8RHAIK/YzhnLJBjN4ejXJ1I/i1BudHePVbOK/7lr3ebUdjZ+qia6PCSp0xUwFVyBDALnru47/T5RfDQpXi9svLAxOiaAGA6TU35YbkniXux1fkB9G6d9y9j+bT9ERnxDi73uoNxJNX+brH+0ckYXkhFYWkM1CJX5CXyfBBqz6Cs=; 7:8IoHrave1ZyeT+FXMRYsJh4+83/A8fhnNRXQywmwfs3ztTdUvIgkoG+UyGrggHR5ACidN3Pn/oC4LsKMP4Ap/gvh5caQs8QtMFsb1rKo6zWKttHL8jeSMdlkUEIcgX66OrLsFfwb50vTngKtF4e8Efkch+tDnGCUh/JF8+qkf9FxZKgUt8QtIUKW1gQPcRXCjJ6DiSkJ0cASo41gAEHetVmLOX5fvRBWdRaGEr/Qx/KaQe2YUHe7DyK1vx+eQIay
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 72c4af91-fde1-4520-ed9b-08d614da80c5
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(4534165)(4627221)(201703031133081)(201702281549075)(5600074)(711020)(4618075)(2017052603328)(7193020); SRVR:MWHPR21MB0510;
x-ms-traffictypediagnostic: MWHPR21MB0510:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pravb@microsoft.com;
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-microsoft-antispam-prvs: <MWHPR21MB051066C66FDADEDECEB8FE51B6000@MWHPR21MB0510.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(189930954265078)(85827821059158)(219752817060721)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(3231344)(944501410)(52105095)(2018427008)(3002001)(10201501046)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201708071742011)(7699050)(76991033); SRVR:MWHPR21MB0510; BCL:0; PCL:0; RULEID:; SRVR:MWHPR21MB0510;
x-forefront-prvs: 07880C4932
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(396003)(136003)(376002)(39860400002)(346002)(189003)(199004)(33656002)(106356001)(478600001)(6116002)(9686003)(55016002)(10290500003)(2906002)(86362001)(8676002)(110136005)(93886005)(14444005)(316002)(10090500001)(54906003)(5660300001)(186003)(256004)(53936002)(6436002)(5250100002)(790700001)(8990500004)(105586002)(54896002)(236005)(97736004)(7736002)(6306002)(14454004)(86612001)(25786009)(19609705001)(229853002)(6246003)(7696005)(966005)(3480700004)(606006)(46003)(76176011)(53546011)(6506007)(2900100001)(39060400002)(81166006)(81156014)(8936002)(99286004)(68736007)(4326008)(22452003)(74316002)(446003)(486006)(11346002)(476003)(102836004); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR21MB0510; H:MWHPR21MB0191.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: zr5meT3hf+ND4xEWIIl+hCohvnmwwMwP+zLcVb6npbaCR4xB2EENz222TLEAwwlel7Hu/+JLZRR3apkL6eO2PLSWRuB3y2kl5gFxTgYSxN1VbooQm7FS+wd08WB0Md+FHT6YLx8j9OQZ9bEV0eyjw4REYweTUhqIkTi9/0mZBZzx7oOc0FE1TjQ+VjKWzFLf2m/9X4+zdnbhO1qut487eHR4oO8qcdOz+Gxp+Ft9q+ihPI724Y0DLKO1sn5wBBh0cWhvSFSU57akoEmShe1qtHH/Nr4AyMJ8Bs2lz1V3h8HK+sX9r/vhCcb6/KqyzRL8foixYFO4Qs0DhwsPWj60HnVxI08Z/LF9vVIaiFe3lDU=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR21MB0191E9CDC1B44468A66BA31BB6000MWHPR21MB0191namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 72c4af91-fde1-4520-ed9b-08d614da80c5
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Sep 2018 15:56:41.4173 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR21MB0510
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/kAPp7Ke_wgRjIN8SHLk45gprMiI>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Sep 2018 15:56:46 -0000

Yes that’s fair feedback. We will get those two changes made.

From: QUIC <quic-bounces@ietf.org> On Behalf Of Ian Swett
Sent: Friday, September 7, 2018 5:39 AM
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Martin Thomson <martin.thomson@gmail.com>; IETF QUIC WG <quic@ietf.org>; huitema <huitema@huitema.net>; gabriel.montenegro=40microsoft.com@dmarc.ietf.org
Subject: Re: negotiating Packet Number Protection

I agree with Mikkel that the MUST not enable it on the public internet is either too strong or potentially impractical to enforce, so I would be inclined to change that to a SHOULD.

I would request that this MUST not be used when voluntary/intentional connection migration is enabled.

On Thu, Sep 6, 2018 at 11:30 PM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com<mailto:mikkelfj@gmail.com>> wrote:
The MUST not disable PNP on internet facing nodes is too strong - you want a deployment to be able to move to a new DC while talking to the old DC - although ossification could br a concern, it is not egen limited to quasi stationært use cases.

________________________________
From: QUIC <quic-bounces@ietf.org<mailto:quic-bounces@ietf.org>> on behalf of Christian Huitema <huitema@huitema.net<mailto:huitema@huitema.net>>
Sent: Friday, September 7, 2018 4:09:01 AM
To: Martin Thomson; Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>
Cc: QUIC WG
Subject: Re: negotiating Packet Number Protection

This draft requests assignment of single byte code point. I would rather
not do that know, as we are discussing reserving several consecutive
codes for ACK variants and options. Would it be a deal breaker if the
option used a longer code?

-- Christian Huitema


On 9/6/2018 5:05 PM, Martin Thomson wrote:
> This is an entirely appropriate use of transport parameters and it
> looks like the design works as intended.  I tend to think that the
> IETF doesn't need to publish this - this sort of extension is why we
> have relatively loose registration policies - but I'm happy to have
> that conversation at the appropriate time.
> On Fri, Sep 7, 2018 at 8:55 AM Gabriel Montenegro
> <Gabriel.Montenegro=40microsoft.com@dmarc.ietf.org<mailto:40microsoft.com@dmarc.ietf.org>> wrote:
>> Folks,
>>
>>
>>
>> We just submitted a draft to negotiate Packet Number Protection. This would allow disabling it in environments (e.g., in a datacenter) where it may no be needed if both sides agree. Browsers, of course, would probably not bother with this.
>>
>>
>>
>> https://tools.ietf.org/html/draft-montenegro-quic-negotiate-pnp-00<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-montenegro-quic-negotiate-pnp-00&data=02%7C01%7Cpravb%40microsoft.com%7Cbdf36f5a1c304bedcc2c08d614bf1a03%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636719208367114539&sdata=mJvvKauxNmo5k4%2FnQas2iicdMOARXGXSYI%2Ftnys60Bc%3D&reserved=0>
>>
>>
>>
>> thanks,
>>
>>
>>
>> Gabriel, Nick, Praveen

v2.23.0 | Report a Bug | By Email