Re: Hidden connection spawning
Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Fri, 27 July 2018 07:07 UTC
Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13FD6130E21 for <quic@ietfa.amsl.com>; Fri, 27 Jul 2018 00:07:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.998
X-Spam-Level:
X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mPdO6GyKsD7m for <quic@ietfa.amsl.com>; Fri, 27 Jul 2018 00:07:52 -0700 (PDT)
Received: from mail-it0-x235.google.com (mail-it0-x235.google.com [IPv6:2607:f8b0:4001:c0b::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC503130E3B for <quic@ietf.org>; Fri, 27 Jul 2018 00:07:51 -0700 (PDT)
Received: by mail-it0-x235.google.com with SMTP id w16-v6so6302672ita.0 for <quic@ietf.org>; Fri, 27 Jul 2018 00:07:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=MEwfKybPItA/JCSR7BsImS9J5jZoyT6eK4iWCuTOwnY=; b=hsP10AcE67uR6c5xe13thPqMTCHrSUB5kBNhaQ8Mj09G2C7DEvSWB8GflaOvg1nQuy U1pC1wPglG6s5LI+LNirkbvd+skka+2nrsQkPLOO5Lg4nlyxe4py8IngFMCoVSUNbWwH zHULQQAVZZj5GOqXCOA+coVHUkp7pBfGku/1OM1KqPFSFfx9i2D5SHHGXxI3BGWI39e0 HDfByl6JuIBy1hf6G6kH9wRqNyPZm01cWkz1SbTsFanx6YeOaKD5IZUWMCE8omq3HsXo 63tj1y8E61iefR+H9pt2XCrB2klStKKHtppBe+UmTfrRwgba/aD7xiOwBiMNWLiRxPfQ 1vTw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=MEwfKybPItA/JCSR7BsImS9J5jZoyT6eK4iWCuTOwnY=; b=WEhrbjSF2M4JIlgXv9rGopdmIifluO77kpaO3ZVy/ocRsU5GwhzfEQl3giXqxRKhqN HC0cqYY6UoR0iKPPkTUNYVhB7S59k60GcNJA/WrX2P5BYNmNKp5TM61idfIGn+0vZsk7 9P32h/0cf35ujtxgZXciKaAUC98PHGaVKpcKtB1SxYW3JEK4nqkQ1IJvL2iGDIqDxfnL cZH4qTh+xTCLV2/b1WSkdgY+D0A6mnkqJ366ORsi0hTi4quRyHgGWgJTt8jv7emUp4DJ g/AYeCLVZfvJ7aNeQMf5t/jBc85Dh7/OvR0Ng9UU0Rw0gWSeDRgFGMJ0itN6FKOK4rW+ HMCw==
X-Gm-Message-State: AOUpUlEaCe/wXRYcB9zLH+FlCbOgtLHO8XXCDjSvd7dRe1ZQw63JseAa eqeF7rzj5YV0j1Wo40/UZQvC4ruyzfB3PeY9gfc=
X-Google-Smtp-Source: AAOMgpdFmYV/X6Kc9m+ucuG6rBv11HeThUmraHX5nVMd2bDkpoUxBTdrAuBYOBBs0n2l81JvDJOl4UO+LergofklhOQ=
X-Received: by 2002:a02:8c75:: with SMTP id j50-v6mr5032517jal.76.1532675271280; Fri, 27 Jul 2018 00:07:51 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 27 Jul 2018 00:07:50 -0700
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <CANatvzztD6M45Qx6v_BzAXeXkOXmpUGBD5-4st9pB+UPf753GA@mail.gmail.com>
References: <CAN1APdfRmLp9R8+3e+kfHusSppnrtyHNFC1mNt9Vt+5kiDf9rw@mail.gmail.com> <CANatvzztD6M45Qx6v_BzAXeXkOXmpUGBD5-4st9pB+UPf753GA@mail.gmail.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Fri, 27 Jul 2018 00:07:50 -0700
Message-ID: <CAN1APdd0Zv2bRwvt4sowg4XpZv_uid+7CGeiduOTicLW-gSVqg@mail.gmail.com>
Subject: Re: Hidden connection spawning
To: Kazuho Oku <kazuhooku@gmail.com>
Cc: Chris Wood <cawood@apple.com>, tpauly@apple.com, IETF QUIC WG <quic@ietf.org>, dschinazi@apple.com
Content-Type: multipart/alternative; boundary="00000000000019ccfb0571f5c5ee"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/aA5n83hNLRvgAj2CNEBcgG-Wsqo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jul 2018 07:07:54 -0000
When you say you prefer option 2 (0-RTT), do you mean to not hide the handshake, or do you mean the until now unlisted option 4: 4. carry out a full 0-RTT handshake over a separate secure channel (QUIC or otherwise) Option 4 may skip the QUIC encryption layer if the outer layer is equally strong (this is a can of worms). Correction: in my earlier mail I wrote “not complex” in relation to option 1, the “not” should not have been there. On 27 July 2018 at 02.31.03, Kazuho Oku (kazuhooku@gmail.com) wrote: 2018-07-26 15:31 GMT+09:00 Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>: > I came to think about a use case where you want to spawn a new connection > from an existing connection because the new connection runs a different > protocol. For example a http connection where you want to run a separate > live conference call, or to control tunnels from http control connection. > > You have roughly three options: > > 1. extend the current protocol with the new feature set in extension frames > or similar > 2. develop or use a purposes specific QUIC protol using 0-RTT for spawning > the connection > 3. negotiate the new connection handshake within the current handshake. > > The first solution is not complex, limited, and not modular. > The second solution can be used to get information about the connection, and > for example block connections that appear to be doing that. > The third solution allows for an invisible connection spawn, but requires > addition handshake logic which is already complex as it is. I prefer the second approach, since it allows spawning connections in 0-RTT across different transports. For example, I think that it would be nice to have a way to spawn a 0-RTT HQ connection from a HTTP/2 connection (via alt-svc). Note also that there is an individual draft submitted to TLSWG that discusses of adding a way for a TLS server to issue session tickets that could be context-specific: see https://datatracker.ietf.org/doc/draft-wood-tls-ticketrequests/. > > I suggesting solution 3 as possible option, although I am not convinced that > this is worthwhile, at least in V1. > > > This was in part inspired by recent discussion on tunneling, and in part by > the following issue where partial reliability is being discussed and > possibly shoe-horned into an extension. I am not following that issue > closely though - it is just an example. > https://github.com/quicwg/base-drafts/issues/1606#issuecomment-407951495 > > > Mikkel -- Kazuho Oku
- Hidden connection spawning Mikkel Fahnøe Jørgensen
- Re: Hidden connection spawning Martin Thomson
- Re: Hidden connection spawning Mirja Kühlewind
- Re: Hidden connection spawning Mikkel Fahnøe Jørgensen
- Re: Hidden connection spawning Christian Huitema
- Re: Hidden connection spawning Ted Hardie
- Re: Hidden connection spawning Christian Huitema
- Re: Hidden connection spawning Kazuho Oku
- Re: Hidden connection spawning Mikkel Fahnøe Jørgensen