IETF Logo Mail Archive

Re: Benjamin Kaduk's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)

Martin Thomson <mt@lowentropy.net> Thu, 07 January 2021 07:20 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CEB33A00E5; Wed, 6 Jan 2021 23:20:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=N+WW5GW8; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=Ih8sF/9f
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aYUgmpbuerVI; Wed, 6 Jan 2021 23:20:57 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A3AA3A00E0; Wed, 6 Jan 2021 23:20:57 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id C9FA55C00A9; Thu, 7 Jan 2021 02:20:54 -0500 (EST)
Received: from imap10 ([10.202.2.60]) by compute1.internal (MEProxy); Thu, 07 Jan 2021 02:20:54 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm1; bh=D4gRfLgQf1TWX7p+VmSrFZVTkS5K alOy/o7RlRolBxs=; b=N+WW5GW86KJPx5CkWrbEypL6fACn/tsB1ZY2yo5b+FEi 7J5pV6oB7K5b0zwlNZgMzSnRH43Ho3XqEpgCexB73G81zVRJrunojc0DITY5Prip skgITaZuTZoTGOnzBgmbQrj0JJFx7U1JjBmWPRn801gPfl/VH7oOXLi2cE76VJk0 qlM/VGOgJlCPgk5oi16sPn9ChDjCuuXuUcmoIMGDOZdJZ+4uFx7Ap5Iqm98K7qW4 4+OgBycxK7cmWX57VWaGGPcHwokAI/uT+GE7/CCruZGQrH00gZioTALGTqKz5bzW oTIeUX6mS/sFLnYHv2X+4XQZrbwb/FLMWnh2EXFvxA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=D4gRfL gQf1TWX7p+VmSrFZVTkS5KalOy/o7RlRolBxs=; b=Ih8sF/9fQvFiKwyGv60bIX wZYedY5HTb6I4sk4a3hBzq/l2NI9emED95LmuDPzCcarDH4HbHWoQ10ZKjJNos7P gEdqxSCFFw5D7IP8IdRvmNCyiORmSAjdeZL3FDHsrQvGdtN1bHm+F1JO8sAAJzUT 6Y1o6us4Zm3wZhKB4TENt6nQlM8P9JmPJrkba2oCOu4Ek2197SRYY1E7yYggNrhQ 6t7mQcCE7pKSeU9pIwRoXRhzD6oW8S253vpaY2wrSUNb+ejqbOhSlY2HWGdTW+9O JP55abkcz686ndAJYEUuhEv45CNKMc6D9fHPlNcvpn+GKxnAgSI77tTScvA4+dqw ==
X-ME-Sender: <xms:Vbb2X5VXbHYmTNon3_n8Qa6V7B1hZ3ttufeY8IhYY4tEcrJ-zH97Xg> <xme:Vbb2X5lEI_501nXDn1R6tkIWvF-FJc8Ey5IuA6-mC6wCQNFxlKHCiL3MBo_DTlBQH 9S0DuJivk0fvoLz_u0>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvdeguddgvdejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgesthdtredtreerjeenucfhrhhomhepfdforghr thhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnthhrohhphidrnhgvtheqnecugg ftrfgrthhtvghrnhepheefteduudduhedtkefhvdfhteelffdujeegjeffheffveekudei gfeuveekfeelnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:Vbb2X1YDEsfC23qzWHc-xCwapfZRNuUxC_hN9nl0ZhlexVBFx-KahQ> <xmx:Vbb2X8Ub1t0NYKa3y8luoqEfgJHUfl_Q9y0g3bT2uPufMj9mKJuHfQ> <xmx:Vbb2XzmV_HyAh_247Mg5OsXfX9pHZCwMI7aHHhkdkRsracE3JHgyvg> <xmx:Vrb2Xxj9WLwHKuneErLc4gzArS3HohMQY1lPJwThnyQw-r5t7cDYrw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id A9C542014F; Thu, 7 Jan 2021 02:20:53 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.1-61-gb52c239-fm-20201210.001-gb52c2396
Mime-Version: 1.0
Message-Id: <98093648-fed4-4da1-8e25-171c6770431e@www.fastmail.com>
In-Reply-To: <20210107065404.GH93151@kduck.mit.edu>
References: <160996950953.25754.14270013028683006869@ietfa.amsl.com> <39c24306-42dc-454a-8a60-cfbd86ab6c64@www.fastmail.com> <20210107065404.GH93151@kduck.mit.edu>
Date: Thu, 07 Jan 2021 18:20:33 +1100
From: Martin Thomson <mt@lowentropy.net>
To: 'Benjamin Kaduk' <kaduk@mit.edu>
Cc: The IESG <iesg@ietf.org>, draft-ietf-quic-transport@ietf.org, WG Chairs <quic-chairs@ietf.org>, quic@ietf.org, Lars Eggert <lars@eggert.org>
Subject: Re: Benjamin Kaduk's Discuss on draft-ietf-quic-transport-33: (with DISCUSS and COMMENT)
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/_JWqxGPDm5TcLkeb5T6cODfFH_Q>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jan 2021 07:20:59 -0000

Excision performed in the service of brevity.
On Thu, Jan 7, 2021, at 17:54, Benjamin Kaduk wrote:
> Yes.  Do we have any reason to believe that non-standards-track versions
> will or will not intend to coexist with v1?  I, at least, do not have any
> data on that question either way.  I think this relates to my (3) above --
> are we assuming that the problem of downgrade protection only becomes
> relevant when there is specifically an IETF v2?

We have no information, but that indicates more that we have time to work on a solution.

> I agree that it's not necessarily limited to QUIC, though even having
> something that only works within the QUIC ecosystem would be better than
> nothing.  It would be surprising to define a protocol with verisons and a
> Version Negotiation packet but end up with technical flaws that prevent
> that packet from working properly, though.

I am confident that we have enough of an escape valve that we will be able to define new versions securely.  As is the working group (who I am certain will speak up if they disagree).

> I think it would be fruitful to try to drill a little more into
> what assumptions we are making when we say (okay, I'm synthesizing a bit,
> but I believe this is the sentiment) that "it is safe to defer availability
> of this mechanism until a future version of the protocol exists".

If only we hadn't already discussed this at length.

> (I recognize that answering that last one may end up being nearly as hard to
> answer as actually solving the problem.)

I think that we know the answer in the general sense, just not in the specific sense of being able to define the bits and manage operational concerns and other protocol design constraints.

> My main goal here is to have some reasonable level of confidence that we
> are not putting ourselves in a position that will be hard or impossible to
> get out of in the future.  Depending on what assumptions we are making, it
> may be very easy or somewhat less easy to achieve such confidence, but
> deferring entirely to future versions of the protocol without information
> on how or when such version(s) will appear leaves me without much
> confidence on that front.

The working group reached that confidence.  I don't know how much effort I'm able to devote now to helping you reach that state.  Perhaps other participants would like to offer their help now.

v2.23.0 | Report a Bug | By Email