IETF Logo Mail Archive

Re: A non-TLS standard is needed

Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> Mon, 27 April 2020 13:05 UTC

Return-Path: <mirja.kuehlewind@ericsson.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 550373A09C1 for <quic@ietfa.amsl.com>; Mon, 27 Apr 2020 06:05:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JXxU7-e1hRkl for <quic@ietfa.amsl.com>; Mon, 27 Apr 2020 06:05:38 -0700 (PDT)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-eopbgr150059.outbound.protection.outlook.com [40.107.15.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07DFA3A09B9 for <quic@ietf.org>; Mon, 27 Apr 2020 06:05:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XwKcEc8/U99PKwIDXaKrOpfooUlsmvqgdO3YL3QuZOzUzxVMyAF/it72KdLqTBNPeUn25iM79bLDWWrbRayxYCvwpebft9svPqZIT2hVuq9Lw3KFNqgnX2PJGxTwDT4GAg/JTLvjz3UKvxkWlbXvRwB67OXJY943yOIceHlFcE1khitJ3D+XnWFq5/xhQoFEsXZfSdpTPgwgx4H5U1BNxCP/q6Qr+Zdx+IzxuyYbMYp6KsQKpFjh9BOy+pVtbJpYODpXAURUBhQIJesDbGd56Qx+MOQvbhAyxKbUn7oXdDWKc1chi/MvWyH2o9hJWgswaI0DeVZ0OiyVX1Ov8lyQgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hQHZeQ/+iKKHrMHNkRDplrR8Wim/7nD+KwZhizfysuo=; b=kEkrlQnU5Iz1hOSJQ465GCoD3FvsHr0KDZ6c2jIYII2MmkgSCt1dyjk8alDJX7NHIHDkjfXtFgM0Daq78+4fZcPVw9/GMJVM5jDyLP3f6J3byV23GbNT//LWHzAgOPDv+BwTWC0wns6pvFkd7doMNWPJ4Pqma8tM/1jK/MsEbMG6nxl90QWkSaUjzPmYYnzsbFsMWAZDdVzdoT8ZosDEZHcS/CCcvPTuQqqNMzfPuclD5uVl4X/H3rnpJ6ISRZH3L2ehJ+208ltxpANSPaQfaJo4Ujm4miKr6O+owrTqApkLFQkkU0FlCSCXvQlidJUhzoQ75Y6sD06mPrt7UVfBiw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hQHZeQ/+iKKHrMHNkRDplrR8Wim/7nD+KwZhizfysuo=; b=AzjIAJuPRCJASrF3W3zdwUaJoyaFHZ9RokDJgEzRbebmUZBkGdsaj/GusOIUTuaZ9/lpieVPYqUW5HVaw3j2Y35z4FozwSJ1jgJ80eRzVkhy0UqpsUXz2h8zoMPFoE44Tt3jEVEO36O1jSbcIQonxZ86vDwXmabTz+TQMToZIOU=
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com (2603:10a6:208:75::30) by AM0PR07MB4147.eurprd07.prod.outlook.com (2603:10a6:208:ad::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2958.7; Mon, 27 Apr 2020 13:05:35 +0000
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::d8e:b09e:d5be:3f89]) by AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::d8e:b09e:d5be:3f89%7]) with mapi id 15.20.2958.014; Mon, 27 Apr 2020 13:05:35 +0000
From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
To: Töma Gavrichenkov <ximaera@gmail.com>, Paul Vixie <paul@redbarn.org>
CC: quic <quic@ietf.org>, Brian Trammell <ietf@trammell.ch>
Subject: Re: A non-TLS standard is needed
Thread-Topic: A non-TLS standard is needed
Thread-Index: AQHWG6JuIfCAhk4hc06FoGIKpImrbaiLm/6AgAAlkoCAAAS+gIABTQiA
Date: Mon, 27 Apr 2020 13:05:35 +0000
Message-ID: <6DAF991E-C4D7-4095-AA2F-1428055DD845@ericsson.com>
References: <tencent_458BB4AFD3E32DBAAEA3F09FAEF063800605@qq.com> <7C5E535B-FA7B-4039-A286-7393C3B232CE@akamai.com> <2208100.KEu4SK8F6j@linux-9daj> <CALZ3u+ZGd=YWJFxLEivow9vXKU=5aAXJhcDYp4MPjpswuWWjKg@mail.gmail.com>
In-Reply-To: <CALZ3u+ZGd=YWJFxLEivow9vXKU=5aAXJhcDYp4MPjpswuWWjKg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.22.0.200209
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mirja.kuehlewind@ericsson.com;
x-originating-ip: [2003:de:e727:100:c569:1799:f547:34e8]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: fa61ca58-a5b6-4a41-ebee-08d7eaabace7
x-ms-traffictypediagnostic: AM0PR07MB4147:
x-microsoft-antispam-prvs: <AM0PR07MB414744447F8A80BC2B93AAE4F4AF0@AM0PR07MB4147.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0386B406AA
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB4691.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(136003)(396003)(346002)(39860400002)(366004)(376002)(44832011)(4326008)(54906003)(2616005)(81156014)(71200400001)(2906002)(8676002)(110136005)(966005)(33656002)(5660300002)(6512007)(86362001)(36756003)(478600001)(316002)(66556008)(6506007)(66476007)(66446008)(8936002)(53546011)(64756008)(76116006)(6486002)(66946007)(66574012)(186003); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 9V3REZHgCmoRk2zXaiPH/I5iO9pXDDTP3sKcaST1FB+ejm5zCoeC8vPVuPMMDMAhFb2x8dMz2XvV9YqGpuITXCV4ku9CrqXFA4Y4m7m0ph/AWQU1ZoCvH8h0qvMneGbtrwUgRKYdiuLwynpm0/HNeM/e+2IJmdXXyT1SsY51ndriQSbYUQFm7liJk6vXF7AqlGbyxrxMgJoAeG+/XPrS0ZQsNjRoLUaUtrDxYdG8jW2C5N7CZf9b4F0ngVD4NRcy+sZNlnZFSSKAquRxK8luD3zwS8Y6JxDb4nnXJNV2M9VpSpJEgAvWmHASuiv4z0mvhIBvQ1Ucz1HV38yl+pGwUsGnyp632b9dsfQf+n6Qjs8hnUi2otBfwrvRiHm4Fr+uazQPu7PSfN3xRfZbG3HUZzKn6jDc2sSbJvytd1N0KipQWTCXe2u7aQKJFWiFFNW0d1Md7aLyxTBEHdQ9brTCUUwoF/ARUXGzcenSzspSGjLTiGZTMv8DdH4eQmo/KeMcsxXtnMaOasb1Gfl8d7DxJg==
x-ms-exchange-antispam-messagedata: 1v7fMKj+NKUAX85ORNPRcKL7w9hrCWV8uOImfQCC6qPvtRFvOBIUM+V8KJOkUSjS/L9/sse8gfTchBHgpqlbhL4EBo8a4g/0JC2q7dB46/vTOVKGBLtlxt5VxpgITsMG7u2AtiN0js7PqKJbjO1qTXZNrIVqE8OBvGlhJ4Ea0CG2fLJTvXvR89q0wb+fZAAdcQXEFCz/L2ZfgBlbWz1DZJgdmn7mCklh/V6KyP+q/A943n0LUL7UV3IvuAjJ583aRXxNSkqEsVAajCZPVjAL3XN+GHvmvbUq1wFX/BU9Hn5QyvQYCXHT53L6228UeLEAlji+fbH/aFUWmiOvO75TZ1DlqpczCuCwJOACDgdMWHnDGZO4mDU9KTpk5U5xqw1Al7ulocxeYSg8MkN/EMeVpoNg+y4OlMiX0BPQFVu4JYvrFjZSHybjQzECwhGyAP0APlDC/6oHjANxB6oOulmkotZunhfiGGWFdDd1aO8RVvFBMgRSO7OYu+OPoK5evJKksUGbdYQwcUdLPpW3FhdaQp6TPDGD+v8Lvto4UjcJWFVBUmqNYgwxNu+uDtM1iCj95FGEkn6K6A/lULsnUNf6qXeKzr417BaGGLXEbi8lcmhRvASh6MboSosS3CkaIi2Yy5fXgw2uah8Hsvwuwiv1FOfRwepbdlwobnpK0jyUUtb+SzIaKufszYuQLu97QtDhchCwgQ9LVphKgZQBgvLXxora3/lUNehSB7iEclYSaBzxh47ZjcVw0dYEfzVg+ot0RFDUGP8ZRPfz4YVO6SDr+TVeaQ3cKUOycBBVjw/fYVwpakuMWg9zzzrseAzfjJ6ABbCMc7SxOBlbbCPEqyhZjH1GiJz7p5wh2guTuP1CX1c=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_6DAF991EC4D74095AA2F1428055DD845ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fa61ca58-a5b6-4a41-ebee-08d7eaabace7
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Apr 2020 13:05:35.6162 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kgDk9mie2XJnxSkHFQU4w3NU8YSP16H5m0MaFUZB7wKw4/4W/CPuUm5hFWRVmQmQDvNntNlqS/iS6wJiQwmDL30JI06CtpBCyYwOes6YM5o=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB4147
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/eioyf1DSEdz6eB_3E2wftOIuyHk>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2020 13:05:40 -0000

Hi Töma,

we did a couple of small updates from time to time, especially for things we had issues for or where alignment with the transport draft needed updating. However, you are right this document does need more work and review and we believe this will come when the main protocol specs are stable and mostly done.

I’m sorry if we didn’t reply to any of your mails. I thought we looked through all mails when we did the last (small) update and usually I try to reply to any request. Maybe something got actually lost. Please resend if there is something that needs addressing, or file an issue on github as you just did. Thanks for that! If you would like to contribute text feel free to also send an respective PR on github.

Mirja




From: QUIC <quic-bounces@ietf.org> on behalf of Töma Gavrichenkov <ximaera@gmail.com>
Date: Sunday, 26. April 2020 at 21:14
To: Paul Vixie <paul@redbarn.org>
Cc: quic <quic@ietf.org>
Subject: Re: A non-TLS standard is needed

Peace,
On Sun, Apr 26, 2020, 9:57 PM Paul Vixie <paul@redbarn.org<mailto:paul@redbarn.org>> wrote:
i was directed to the following i-d when i asked about QUIC manageability:

https://tools.ietf.org/html/draft-ietf-quic-manageability-06#section-3

To be honest, and with all due respect to everyone involved, the manageability draft wasn't properly updated for years (and the authors do not seem to respond to emails, though this could be possibly attributed to some sort of email filtering which is common those days).

To be specific, e.g. the section 4.4, as of today, still states that, to quote, "current practices in detection and mitigation of Distributed Denial of Service (DDoS) attacks generally involve passive measurement using network flow data", which is clearly not how it works, as everyone who has seen reCaptcha interruptions during application layer DDoS could witness.

There's certain amount of hard work required to update this document before referencing it properly (I volunteer).


--
Töma

v2.23.0 | Report a Bug | By Email