IETF Logo Mail Archive

Re: Privacy holes

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Thu, 05 April 2018 16:57 UTC

Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C0CC12DA28 for <quic@ietfa.amsl.com>; Thu, 5 Apr 2018 09:57:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.209
X-Spam-Level:
X-Spam-Status: No, score=-4.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t_NPNqO0nesN for <quic@ietfa.amsl.com>; Thu, 5 Apr 2018 09:57:21 -0700 (PDT)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [139.133.204.173]) by ietfa.amsl.com (Postfix) with ESMTP id AFCDD1271DF for <quic@ietf.org>; Thu, 5 Apr 2018 09:57:21 -0700 (PDT)
Received: from dhcp-207-156.erg.abdn.ac.uk (unknown [IPv6:2001:630:241:207:b4be:8e72:cc28:8630]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPSA id F0B061B003A8; Thu, 5 Apr 2018 17:57:20 +0100 (BST)
Reply-To: gorry@erg.abdn.ac.uk
Subject: Re: Privacy holes
To: Christian Huitema <huitema@huitema.net>, Frederick Kautz <fkautz@alumni.cmu.edu>
Cc: quic@ietf.org, Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>
References: <7fd34142-2e14-e383-1f65-bc3ca657576c@huitema.net> <d8e35569-e939-4064-9ec4-2cccfba2f341@huitema.net> <CACpbDccqKoF-Y1poHMN2cLOK9GOuvtMTPsF-QEen3b30kUo9bg@mail.gmail.com> <CAKcm_gNffwpraF-H2LQBF33vUhYFx0bi_UXJ3N14k4Xj4NmWUw@mail.gmail.com> <40C1F6FE-2B2C-469F-8F98-66329703ED50@mnot.net> <21C36B57-6AE2-40EF-9549-7196D7FA9B45@tik.ee.ethz.ch> <B176FC07-887D-4135-B01E-FE8B4986A5EE@mnot.net> <CAKcm_gOCeocLyrYpOS7Ud332xdz3xHSH0psPN8T6BGRjoL9ptQ@mail.gmail.com> <CY4PR21MB0630FA0EDD343396AD414641B6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <CAN1APde13JTzCvKFFvMd183Fka6QGD1kGBjsa9fcoLrYeA2hsA@mail.gmail.com> <CY4PR21MB0630C0FD4FBECBFEC3C863BBB6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <B0F49097-F77A-4831-B68 B-4266AA880A86@tik.ee.ethz.ch> <759C5BE4-DE4C-4A82-929C-B03234B88A37@huitema.net> <CAJGwveB=qs+J2iBQRs3d5jdGuP9yBWoAgv0t3mwD=Wrf6Q5g8g@mail.gmail.com> <F395D018-FFCA-405F-BBD5-1313C6F6DAF9@huitema.net>
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
Organization: The University of Aberdeen is a charity registered in Scotland, No SC013683.
Message-ID: <0133ba5a-466f-b037-0ba7-47d24a9eaa75@erg.abdn.ac.uk>
Date: Thu, 05 Apr 2018 17:57:20 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <F395D018-FFCA-405F-BBD5-1313C6F6DAF9@huitema.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/f8m3U3Yz64iMf8lTzwsXTEGEYrU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2018 16:57:24 -0000

On 05/04/2018 17:08, Christian Huitema wrote:
> 
> 
>> On Apr 5, 2018, at 8:58 AM, Frederick Kautz <fkautz@alumni.cmu.edu> wrote:
>>
>> Are you concerned that middleware boxes may be trained to reject migrations, thereby forcing a new connection with a visible negotiation?
> 
> Yes. Hence the need to grease. For example, have clients do some gratuitous migration to a new source port number rather frequently.
> 
> -- Christian Huitema
> 
This concern about "migration", seems an odd concern to me - and that 
probably stems from a very different perspective. My desire to see 
numbers here is to allow for toolchains to plot, analyse, connection 
progress and a variety of other traffic characteristics - complimenting 
the SPIN bit(s); I see it can also provide opportunities to leverage 
what we know about using hardware offload fro transport processing (and 
I expect potentially crypto), etc.

Yes potentially such numbers could be used to help build connection 
state in CGNs or whatever middlebox that wants to see connections 
continue to progress (but then they can also count packets right now t 
do that). To me such use is totally independent of how QUIC chooses to 
use these numbers internally in future, and in no way stops the QUIC 
protocol evolving.

My point is that I keep hearing issues: e.g. the potential opportunities 
for discovering linkability - yet the uses I had in mind do not need to 
be per-path, for these topics there could just as well be one sequence 
space per "path" being used.

Gorry

v2.23.0 | Report a Bug | By Email