RE: Opsdir last call review of draft-ietf-quic-manageability-14
"MORTON JR., AL" <acmorton@att.com> Sat, 05 March 2022 16:02 UTC
Return-Path: <acmorton@att.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C3E83A0597; Sat, 5 Mar 2022 08:02:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=att.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LJhABIoKvGUr; Sat, 5 Mar 2022 08:02:51 -0800 (PST)
Received: from mx0b-00191d01.pphosted.com (mx0b-00191d01.pphosted.com [67.231.157.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C97213A0596; Sat, 5 Mar 2022 08:02:50 -0800 (PST)
Received: from pps.filterd (m0288868.ppops.net [127.0.0.1]) by m0288868.ppops.net-00191d01. (8.17.1.5/8.17.1.5) with ESMTP id 2258gTQK019525; Sat, 5 Mar 2022 11:02:47 -0500
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0288868.ppops.net-00191d01. (PPS) with ESMTPS id 3em4kau32p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 05 Mar 2022 11:02:47 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 225G2kLB001749; Sat, 5 Mar 2022 11:02:46 -0500
Received: from zlp30487.vci.att.com (zlp30487.vci.att.com [135.47.91.176]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 225G2dmU001622 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 5 Mar 2022 11:02:39 -0500
Received: from zlp30487.vci.att.com (zlp30487.vci.att.com [127.0.0.1]) by zlp30487.vci.att.com (Service) with ESMTP id 7CE844005945; Sat, 5 Mar 2022 16:02:39 +0000 (GMT)
Received: from GAALPA1MSGEX1DF.ITServices.sbc.com (unknown [135.50.89.119]) by zlp30487.vci.att.com (Service) with ESMTP id 23E314005941; Sat, 5 Mar 2022 16:02:39 +0000 (GMT)
Received: from GAALPA1MSGEX1CB.ITServices.sbc.com (135.50.89.109) by GAALPA1MSGEX1DF.ITServices.sbc.com (135.50.89.119) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.18; Sat, 5 Mar 2022 11:02:38 -0500
Received: from GAALPA1MSGETA02.tmg.ad.att.com (144.160.249.124) by GAALPA1MSGEX1CB.ITServices.sbc.com (135.50.89.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.18 via Frontend Transport; Sat, 5 Mar 2022 11:02:38 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.57.45) by edgeal2.exch.att.com (144.160.249.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.18; Sat, 5 Mar 2022 11:02:00 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WR/XXvnHFS+zXSRt6/F/fQBE/y+v18CttnaI6zXZV+kJcgRmu8qEUkPaCf9nOKXSwPA6TCtOOT3us2di7NCH3qjibKKaTdNcYGQ60V2xoXJkuWFYksIN2zCtfitR74/cj5aCYhpWcNRlYFMfM/ffNQMcafFEvTZVleQJkCL4DrjJYi7K34UloKZKKa8qTWBcXf33AyeKe0pYiEf9z99mFKw5bQmdcuPyMdGFtSH2+h0xRmksVJiG3MK9wNvubaCBqYzojyIerPwbacwd56j5QpfCkTa4p91m76uSeNFKYscJPM30YE91kb2OAZiuOKncROGJWE7PNHh3SKwM+P60qA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U/bpnDg8+6+DIfn32S/lso3eQMKRHW/BLo+w3ftgVWE=; b=EeACG0XisAIxN3vS3kYVQozUpnkKoqRfzadAD4f1n1CeX7h9D5hx8O+WtaZCVOMSx+sO4xVTe0V+Km4JHDIJcOKyLSkWzpyHM6YBKw3o1kCnaimxgCEea9v3k2W/XBtMzfORj/pmH1tn6IKkTthfZzxWz9UAY/ar2WdynmtadAMgssgQRlddWZeXc7jCc0nRwM95Kt73eF/al8jE/Bl/93NBVvcpl3IEp1Qzl9GRmXqSo4C7HagiYjINM9VYyuuTNEuoCP5FcsNt3L2Hom3tO9F1mRC6uquhlZxusxI0qoywos/N0Oh3MZj/BVlLSACufKa/QC8aNw5BGdfKXio4/A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=att.com; dmarc=pass action=none header.from=att.com; dkim=pass header.d=att.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.onmicrosoft.com; s=selector2-att-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U/bpnDg8+6+DIfn32S/lso3eQMKRHW/BLo+w3ftgVWE=; b=dGNwNs1UrApIq/THrvJsoHN036Iva6ohH+6nFRYJ9dEdib7BDhQegDxeGn0oJhBGqhjIYMTiugilWR3VQu0Bch8eB/wVkOkH7VNg5FcYGinQjptPF70pBmhIr+ALZHX71GFktfql8Gph/uJZOLNpJUzSjiYZgIhVDMDY82VF3JQ=
Received: from CH0PR02MB7980.namprd02.prod.outlook.com (2603:10b6:610:105::17) by BY5PR02MB6612.namprd02.prod.outlook.com (2603:10b6:a03:206::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.14; Sat, 5 Mar 2022 16:01:58 +0000
Received: from CH0PR02MB7980.namprd02.prod.outlook.com ([fe80::1c24:784:d7af:8260]) by CH0PR02MB7980.namprd02.prod.outlook.com ([fe80::1c24:784:d7af:8260%5]) with mapi id 15.20.5038.019; Sat, 5 Mar 2022 16:01:57 +0000
From: "MORTON JR., AL" <acmorton@att.com>
To: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
CC: "last-call@ietf.org" <last-call@ietf.org>, "draft-ietf-quic-manageability.all@ietf.org" <draft-ietf-quic-manageability.all@ietf.org>, "quic@ietf.org" <quic@ietf.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>
Subject: RE: Opsdir last call review of draft-ietf-quic-manageability-14
Thread-Topic: Opsdir last call review of draft-ietf-quic-manageability-14
Thread-Index: AdggNpsvC4XiX/liSmSPxtbxuobGvgG9Sw6AATXYhEAAaJAnAAC/IODg
Date: Sat, 05 Mar 2022 16:01:57 +0000
Message-ID: <CH0PR02MB798003A25A1C96D02F1FE525D3069@CH0PR02MB7980.namprd02.prod.outlook.com>
References: <CH0PR02MB7980CA04E5EADBF6D25AD8F2D3319@CH0PR02MB7980.namprd02.prod.outlook.com> <D82872C2-4C79-45AB-92F1-9F27B324ADE0@ericsson.com> <CH0PR02MB79803C4AF8ED0F28A5F81D30D3009@CH0PR02MB7980.namprd02.prod.outlook.com> <5224BCAC-B8EC-4150-B3B1-5735056BC54C@ericsson.com>
In-Reply-To: <5224BCAC-B8EC-4150-B3B1-5735056BC54C@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c7d2d85c-dbbd-4f08-b3b0-08d9fec17a12
x-ms-traffictypediagnostic: BY5PR02MB6612:EE_
x-microsoft-antispam-prvs: <BY5PR02MB6612780D77C7AF1F860E6D37D3069@BY5PR02MB6612.namprd02.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 46TfPVmT5d7Bx6G5lofblch9lyEPiuemXMM0lzoBrhYu4g8h8lMUKCGvawxkPMhU+xFwvKbBjreBWyGjIYQTmMDXzepd2x+Lt5nKtnDbxVwRn5FHvDI4k5U9ZACTAitHHoxu9o3KSorBLZJ8Y8tSwZqFuIaK9CfC1fmr8VdZutHwexWExQQ2WHDn1VJteTo319or1x3zAohW2RX3hk3ay5cbFbDOqPb+V6PNzhw5it9qYPHnmJPe5veftv79tl0QlAA8zCGUoQ7oJLKoGA/ympJvYpr1kAHeAJQ+r0V12WfweR+AsosmexiIquVNDmEyiRgFxMXGiZjouizpT5I5DVuk4T/PwU2z+CAwCHWGtYdkXWGjOW8Csr5uIM37zf/laBlNKhyGoE9JfwAVj0SFan0g6mt3tXEdwdpH2la4JctV0k2PdSFQkskz5wc2Ug8yoWearw2usA+aX2a9EWT659HCOizzEJf5pV/F3VzjS0TtylvJ+FHvG4Hxq0BECNs3F23/+d57t3vVKJS2GLt30TlIII/S9QpDtRvuykO9PkKvHXFK+mKBBhZIzoxqn+VEudYM9hhc4M1FEvQYgEF1PvMAjnBxQPi9XzrS6cp/6mscIy1skCnJwZrPdXtjColvymXZOL9tOONKf8j6ySzSWrOHwlMWW/2bzmbT1F82DHFrs1yKl1V9Pr7or+/Ruoq2SQiFchW+9pBR4+6rz66nA5nPyZsvVXlF2fGan30RZi2ZeccKUInp5uPCFjQ+0IpGO0Whx2G7tH+ahKG6J14TV17uJK7pQW2h62owHg9xVkI=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR02MB7980.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(54906003)(71200400001)(38070700005)(316002)(9686003)(82202003)(6916009)(64756008)(66446008)(66476007)(66556008)(66946007)(4326008)(122000001)(8676002)(76116006)(2906002)(38100700002)(55016003)(186003)(83380400001)(508600001)(26005)(82960400001)(966005)(33656002)(53546011)(66574015)(7696005)(5660300002)(52536014)(86362001)(8936002)(6506007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: vksTjBkSfiuUGP2BeINeMMufuu4FM10wSH6NPmKtpGLOumCqFyLbBbrX0p5YWJHsnDVvP2sBKvmhiEFqeioh4ht04PJHXfkpdDouKvgPbTXhlszIYAbFwfrQFpAZ0u0jb6T532oT9M4iT/KgVx0Q3xCRZjhVlaxbxMIxuWBa5zGZ5SfDmRAMUD8x3/New7PHIozmP4Zw1n1Jg1ygoroh2z3qHn3vZpji+U5MoMOZdscD/6OwL+lOjnGWfQfQdJeHAH88lr8B/wcqcjSU+2UGAE83dUjsuKkWGwBVw2DN3NRcTm2bK4Jan5Bw1sisepRV99UAN9Pmw0D2oUzJtkKdMTGc9pqypcuCHki92rzW/YIzWaZXMvH7p0agWEmmDNFmbm2L0VgSZqEM2A8UdD7yslM2rYrOvNY/6JQ8Mc/xEi7iZWMoneDEkCGXMa0+b9pkfvr7CLKTq9gl3tcTQnuSzNM/MmJtepS1fKweD1lrGQDJzfD2fb7/6cWA7qBJlAtvPyDl7znS6ZcRYB0kU0Dmq4mYyjTyXuDgiUqmAWuqwnb9Yky2oB/c80C1MJ+GpcGL2WzUsCsxIfnmLlDt5eqaEpKaoaOC8xySlY+C+roUs323WnorATIehx+ZxqqXBb8MtNbjhxiWvsZfIOoILhL6XXQQpsXn5OhIAgvJBcfAeEHhEPiJ54AQ9t1q4MgLHeTQZOSZntWYsJgyaLR+gwCAGel/TfAes5PQ6wSs0MELRn2HsdzTofEysfTn1NE5XDAWVtmwKLQJjqXi2OJV+OaW9YuGrs7U+NknNsAQ5lF4cnY0+V5m9pWdLqlTweWvP9LYzV6m63jz3/1B93Ea8urJSWu9eSTF1nmhLC9myVA6yGYSrBZscCno82NqTTRszaQjaMGIXRap5z+8bQMdY4Hl/kg0rznrlzUvSeptNPuRJjTzBSfMRKBMLBFLifchxI+6/RUcVlCzwD73bgeOPaM0a+NCbo11LxTwpcRdh5iV1R6YDszyBu39BANcEczoHvMUYwAhfH2FYZHk7SYg5ap9TZp5y81emqMPUPzoP5DsTzLXfjS9YFCgWIDe5ODzh3j49jtjcwy9BhBFTAIRhdkzVwyUAYo6LYPwpqYkwdafEJtgWNF4Yb763fo3YHuF/zm4X3r7oHT2/AHcoWXqO3QJ+tSDhXC+IiER1/UskH79dEDGV/xHIIyASRRWk5OZo1+wnYFqsuYnrB2x24n34PfNrSxdXtXFk64g/1q2EfLDvRrvbIkjN7y+wOTVF1AUKHcEEkN7bdzq3s2qFHgH+4eo8rZMRZ+nV19IZhaYy4y5zadDh/lc9ooKAYpMd66c0li0VEL2Z7euJbuUCWEDJriphCzpOjfvhrTMungSc1EbHDToTzf4PF144Hl18KvnYFUk9PxSTSYEYHZnvZ0jlydbMUTc1UhfiHKOYYZH8FGgDfwgtdsT3fMV01n0iLGOKWUtWllM31lrnnY7HzwwZSpgQFUZyLVSswAwLK5L8dQmOBtlm48k1x0IJ0WF8XeIx/B6IKiIGpfX+dhe7wOwiFQCTg==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR02MB7980.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c7d2d85c-dbbd-4f08-b3b0-08d9fec17a12
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2022 16:01:57.9043 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e741d71c-c6b6-47b0-803c-0f3b32b07556
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: tfPYE+zkJUv71/wB3y+MuISa5y1OoPW7xA1DKxTU5OKP9X5wTg5lQRN239OXgVd9
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR02MB6612
X-TM-SNTS-SMTP: 41CDF19516544435F5B7369E44A614C80B2F13C30D6D264DDFE9580BD0B4D1A42
X-Proofpoint-GUID: QZrncT5DmT1ZASIWVA65mP_MWgO54syU
X-Proofpoint-ORIG-GUID: QZrncT5DmT1ZASIWVA65mP_MWgO54syU
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.64.514 definitions=2022-03-05_06,2022-03-04_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 phishscore=0 mlxscore=0 lowpriorityscore=0 clxscore=1015 mlxlogscore=999 spamscore=0 malwarescore=0 impostorscore=0 adultscore=0 suspectscore=0 priorityscore=1501 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2203050091
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/eoOLAqLJ18-SvDRxQ6RyRIQRQVc>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Mar 2022 16:02:56 -0000
Hi Mirja, thanks for your replies and PRs. please see replies below, I clipped discussions we have closed. Al > -----Original Message----- > From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> > Sent: Tuesday, March 1, 2022 1:49 PM > To: MORTON JR., AL <acmorton@att.com> > Cc: last-call@ietf.org; draft-ietf-quic-manageability.all@ietf.org; > quic@ietf.org; ops-dir@ietf.org > Subject: Re: Opsdir last call review of draft-ietf-quic-manageability-14 > > Hi Al, > > thanks again! See below! > > On 27.02.22, 19:50, "MORTON JR., AL" <acmorton@att.com> wrote: > > [snip] ... > [acm] I see that there was additional editing since you wrote last Monday, > so I made a comment and suggestions on GitHub. > > [MK] Thx! Added you suggestions! > > [snip] > > > > > > > > 2.8. Version Negotiation and Greasing > > > > > > ... > > > QUIC is expected to evolve rapidly, so new versions, both > > > experimental and IETF standard versions, will be deployed > on the > > > Internet more often than with traditional Internet- and > > transport- > > > layer protocols. Using a particular version number to > recognize > > > valid QUIC traffic is likely to persistently miss a > fraction of > > QUIC > > > flows and completely fail in the near future, and is > therefore > > not > > > recommended. > > > [acm] Where "valid traffic" is the focus, I agree, let it > flow. > > > But the Operator's focus may instead be "admissible traffic", > where > > > experimental traffic is not wanted or allowed. IOW, only > traffic > > that is > > > understood to conform to <RFC list> shall pass, because > "Active > > Attacks are > > > also Pervasive", to put a different spin on 7258. [acm] See > also the > > comment in > > > 3.4.1. > > > > > > [MK] This is not about experimentation. > > [acm] > > OK, let's just say unexpected traffic. > > > > > The expectation is that QUIC versions > > > will change often, e.g. we already have a draft for a new version > > adopted in > > > the group and there might be another RFC some time this year. So > if you > > > "manually" have to allow for new versions in all your equipment > that > > will > > > delay deployment of new versions (or even hinder them because > there is > > always > > > one box that doesn't get updated). Therefore we strongly recommend > to > > not use > > > the version to filter QUIC traffic. Is that not clear enough in > the > > text? > > > > > > In addition, due to the speed of evolution of the > > > protocol, devices that attempt to distinguish QUIC traffic > from > > non- > > > QUIC traffic for purposes of network admission control > should > > admit > > > all QUIC traffic regardless of version. > > [acm] > > I think it is clear, and at the same time, it is aspirational for > many > > networks. > > This sentence informs, but then strays into policy. > > > > Maybe this will work: > > ...devices that attempt to distinguish QUIC traffic from non- > > QUIC traffic for purposes of network admission control should > not > > rely > > on the version field alone. > > > > [MK] I think your proposal is not correct because the whole point is > that you > > really should not use the version field _at all_. I know that people > will > > still do that, but I think we should at least spell it out clearly here > that > > this is problematic and hinders evolution. > [acm] > Evolution is what happens when a succeeding RFC is approved. > Experimentation is the many months between approvals. > > ...devices that attempt to distinguish QUIC traffic from non- > QUIC traffic for purposes of network admission control > *** should admit all QUIC traffic regardless of version.*** > The last phrase attempts to define operator policy. > Don't do that. > The version field exists. It's specified in a standard. > If you simply say, > "The version field will change in the future." no one will be surprised. > > [MK] Okay I got your point about policy. However, this document is meant to > provide guidance/recommendations to operators. I also see now that this in the > "background" part which is also rather to explain QUIC than give > recommendations. However, I think this is actually one of the essential > recommendations of the document, so I would like to still spell this out > clearly and as early/often as possible. I tried a slightly different wording > in a new PR on github. Is that any better? > > https://urldefense.com/v3/__https://github.com/quicwg/ops- > drafts/pull/459/files__;!!BhdT!mOHh0CyPDRUf9uvgZfIrDspADvFLupiMn- > 5czo4ercUtLNr7_gQJcuGTzI0cYadmIRktrtZrgoTKCp4DmqHssizC$ > [acm] Not yet. Maybe we can compose your message to operators *without* making it sound like you are trying to set policy. I suggested text in the PR like this: Developers would prefer admission of all QUIC traffic regardless of version in order to support continuous version-based evolution. However, all parties understand the value of versions with a corresponding, fully-approved standard. > > > > > > > > > [acm] I was hoping to see a description of fallback to TCP (I > see > > that fallback > > > is mentioned briefly at the end of section 4.2., and later, > fail > > over and > > > failover. pick one...) > > > > > > How can Network Operators observe when a QUIC setup has > failed, and > > the > > > corresponding TCP fallback connection(s) succeeded? > > > > > > [MK] There is no unified way how and if fallback is implemented. > > However, why > > > do you think a network operator would need that information? > > [acm] > > To affirm that their admission policy is working properly, for one > reason. > > > > [MK] However, there is really no guarantee that all QUIC will have a > fallback. > > Without further knowledge about what higher layer service the QUIC > transport > > carries, I don't think you can make any assumption about fallback. If > you want > > to support evolution, you need to support QUIC and not rely on any > potentially > > fallbacks. > [acm] > I chose example carefully: the operator wants to support QUIC, but has > reports that QUIC setup is failing and needs to make measurements to gather > symptoms & info. Experience will indicate the circumstances where QUIC setup > failure is accompanied by fallback, and other possibilities. Repeated > experiences become heuristics for passive observation. > No assumptions necessary. > Has QUIC setup failed if the exchanges in Figure 1 are incomplete? > I think there might be a yes or no answer... > If no, then the passive observation procedure will mostly be governed by > heuristics. > > [MK] I think I lost the point now. If QUIC fails even if there is a fallback, > that's still not great because the original intention was obviously to use > QUIC. Is there anything we need to say in the draft that is missing? [acm] Without getting into fallback in any way, Help the operator determine when a QUIC setup has failed by providing a little more info. It would be useful to know: What QUIC messages would accompany a QUIC setup failure? (other than those in Figure 1) OR A statement like: If the exchange in Figure 1 is incomplete, then the QUIC setup has failed. (IF that is true) > > > > > > > > > Is there a reference available with this info, to save effort > here? > > > > > > [MK] As I said this is rather implementation specific, so I would > say > > no. > > > > > > ... > > > > > > 3.4.1. Extracting Server Name Indication (SNI) Information > > > > > > ... > > > > > > Note that proprietary QUIC versions, that have been > deployed > > before > > > standardization, might not set the first bit in a QUIC long > > header > > > packet to 1. However, it is expected that these versions > will > > > gradually disappear over time. > > > [acm] > > > And some networks may prefer not to admit experimental > traffic. The > > goal of the > > > experiment may be problematic for the network operator and/or > their > > > subscribers. I think this is legitimate operator behavior, and > worth > > a few more > > > words in the draft. > > > > > > [MK] To be honest I don't understand this point. How would an > operator > > even > > > know if an experiment would be problematic or no? QUIC is fully > > encrypted. > > > Versioning is only one extension mechanism. So basically even if > you see > > the > > > same version number, the QUIC behind that could behave very > differently > > > depending on which extensions are used and because of the > encryption, > > there is > > > no chance for the operator to know about this. Is this not clear > in the > > > document? Do we need to state this more clearly? > > [acm] > > First, let's say s/experimental/unexpected/ or > s/experimental/proprietary/ > > Then, I'm responding to your reply more than the paragraph in the > draft > > now: > > Network operators are also end users, and often act on their > subscriber's > > behalf. Observations are not strictly limited to mid-points, where > encryption > > is present. > > Harboring old notions of what operators cannot do will not sit well > with > > your audience... > > > > So, (in the paragraph above) you've informed operators that some > > proprietary QUIC versions remain in use as of this writing. > > But traffic that doesn't conform *might* be considered nefarious. > That's > > all. It's a message for everyone involved. > > > > [MK] I think the point is actually rather that we want to say here: if > you > > don't support these old versions that will not be a problem in the near > > future. > [acm] > Ok, say that in the draft, please. > > [MK] Okay started a PR on github. Is that more clear now? > > https://urldefense.com/v3/__https://github.com/quicwg/ops- > drafts/pull/460/files__;!!BhdT!mOHh0CyPDRUf9uvgZfIrDspADvFLupiMn- > 5czo4ercUtLNr7_gQJcuGTzI0cYadmIRktrtZrgoTKCp4DmqkDVmpL$ > > [acm] I'm ok with this one, thanks. >
- Opsdir last call review of draft-ietf-quic-manage… Al Morton via Datatracker
- Re: Opsdir last call review of draft-ietf-quic-ma… Martin Thomson
- Re: Opsdir last call review of draft-ietf-quic-ma… Gorry Fairhurst
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: [Last-Call] Opsdir last call review of draft-… Spencer Dawkins at IETF
- Re: [Last-Call] Opsdir last call review of draft-… Lucas Pardue
- Re: Opsdir last call review of draft-ietf-quic-ma… Mirja Kuehlewind
- Re: Opsdir last call review of draft-ietf-quic-ma… Spencer Dawkins at IETF
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: [Last-Call] Opsdir last call review of draft-… Spencer Dawkins at IETF
- Re: Opsdir last call review of draft-ietf-quic-ma… Mirja Kuehlewind
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Mirja Kuehlewind
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Mirja Kuehlewind
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Paul Vixie
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- Re: Opsdir last call review of draft-ietf-quic-ma… Paul Vixie
- Re: Opsdir last call review of draft-ietf-quic-ma… Paul Vixie
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- Re: Opsdir last call review of draft-ietf-quic-ma… Gorry Fairhurst
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Lucas Pardue
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Lucas Pardue
- RE: Opsdir last call review of draft-ietf-quic-ma… MORTON JR., AL
- Re: Opsdir last call review of draft-ietf-quic-ma… Brian Trammell (IETF)
- Re: [OPS-DIR] Opsdir last call review of draft-ie… Warren Kumari
- RE: [OPS-DIR] Opsdir last call review of draft-ie… MORTON JR., AL
- Re: [OPS-DIR] Opsdir last call review of draft-ie… Brian Trammell (IETF)
- Re: [OPS-DIR] Opsdir last call review of draft-ie… Zaheduzzaman Sarker