IETF Logo Mail Archive

Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS

Ian Swett <ianswett@google.com> Fri, 27 September 2019 13:29 UTC

Return-Path: <ianswett@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7315F120144 for <quic@ietfa.amsl.com>; Fri, 27 Sep 2019 06:29:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.499
X-Spam-Level:
X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 71wG1worf4bv for <quic@ietfa.amsl.com>; Fri, 27 Sep 2019 06:29:47 -0700 (PDT)
Received: from mail-ua1-x92a.google.com (mail-ua1-x92a.google.com [IPv6:2607:f8b0:4864:20::92a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49A0712003E for <quic@ietf.org>; Fri, 27 Sep 2019 06:29:47 -0700 (PDT)
Received: by mail-ua1-x92a.google.com with SMTP id r25so1936156uam.3 for <quic@ietf.org>; Fri, 27 Sep 2019 06:29:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=q93QNxx+YqVfjkBG3wZhH4FM2dVofIzODu2VfThrubI=; b=MK6qoDN68gG8uyltel4qFl/tcQVglEgPhQw5fZzelgdk/z5zd9NMX1whsUSG68+H3B c+m6kMDc07R2I5wEikP70RVAMVT64tDE/V0MPDI5+b+EZl3LtAHoAeZHCsAu9OWrhcll bDkHkALr7DIKrdsjlSm7pADnEzbPObLpo7FXvB7W9sOx3wSRCTR2YLMNWqRZqx1BOSqS HgVVyRlNYxrOeSejf1KSiHjRw0gdVKx2a52Mi5ZN1KwtQZk/zMiXgXDDo72zdZkB2SeG GzK2FN3+amV25/wbprpRFUzFTx1vF0Klk56llOIYo5wdZkGVXVsC30mSyaqyuKh1++wG iUuQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=q93QNxx+YqVfjkBG3wZhH4FM2dVofIzODu2VfThrubI=; b=r58RGZXLchgyrOM3S0cLY8Ej4tCnGdbS1CV4c9nI5nke134YFmlGIht9DqQw/MdDh4 oZfjhdlYEiZ1TM8DSjWJj2AWcC1RQZP1ss0z1mTtLOnZqG75sOpI4VKLZrcgTNMXuH3G tP7Vcm2Q3Tx5gm2eXsvHZLEUfXoZgQ6VTIwB6d2cjTm7y9UuJQJaNJ6f7uY+lo1Z0wl3 ZMyOSLFv67A1SODM09g6DY4lt04OtfgGODF0Z4oU5pOBTN3m9vbKWRC6qkdOiI2DVvCq 0bpytkbo/zGrGyWvGvb7vakR3iHl8DTaaOfj5dx0wlAYs8VwfBZj5a7BS+GOMoVyzEGk EZlw==
X-Gm-Message-State: APjAAAXDTBVjlzEaHFTAKmmSqqIEAkCDKHTiLGg+oQBo4A0GMP6NO+9t 3Dt/chwTsuPZfZDsuSW7YtwUJ75LF/lHvUzPO6azQCXGsjU=
X-Google-Smtp-Source: APXvYqxpANzF7M5KZta/Ag4BJ5UwxBpiXm8rok/mQxcbUWlMLVdBzcQ2cnMV2Cq8ifHylxtxMN/IAGZW4CqWjXnovVk=
X-Received: by 2002:ab0:7411:: with SMTP id r17mr4722177uap.74.1569590985952; Fri, 27 Sep 2019 06:29:45 -0700 (PDT)
MIME-Version: 1.0
References: <CACdeXiLEnvmqmxSgXbvAwEo0rgm-F59RL2sk0Ugu6PNuiDkfsw@mail.gmail.com> <c22f8e1d-887e-1bef-799f-47e4f3151966@huitema.net> <CACdeXiJhC+gOKKj49CTh7JfOPFsy0=6fG69Fy=GH=280+aGdOw@mail.gmail.com> <CAN1APdc-qTH-E+GMhvGbamYMJhfg7UYpoBWqAVEvrSy2hfzAkg@mail.gmail.com>
In-Reply-To: <CAN1APdc-qTH-E+GMhvGbamYMJhfg7UYpoBWqAVEvrSy2hfzAkg@mail.gmail.com>
From: Ian Swett <ianswett@google.com>
Date: Fri, 27 Sep 2019 09:29:34 -0400
Message-ID: <CAKcm_gMKsBY0nwqtp4Cuo7CLCVUKkh1u=keWnOVLPGsoufU6_g@mail.gmail.com>
Subject: Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Christian Huitema <huitema@huitema.net>, Nick Harper <nharper=40google.com@dmarc.ietf.org>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000299a6d059388e15f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/mQnfXVxiuYsK7pMQR2EAnan16GA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 13:29:49 -0000

I agree that there is a privacy concern on the client side, but I don't
believe adding HTTP/3 SETTINGS makes it meaningfully worse than the
existing design.  As Nick said, the existing 10 transport params are likely
to have a lot more variability among implementations.  If we think that's a
real problem, then I think we'd do best to solve the general issue that
client transport params aren't encrypted.

I like this because it fits better with the overall design of QUIC where
we've combined transport, crypto and application handshake into one
optimized step.  I also think it'll make implementations simpler and it'll
be more likely QPACK will be used on early requests.

On Fri, Sep 27, 2019 at 1:55 AM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
wrote:

> Not arguing against the usefulness of such a feature, and aside from
> already mentioned privacy issues:
>
> It seems to be possible to facilitate a man-in-the-middle attack on
> application parameters unless the application takes counter-measures which
> would complicate matters and likely introduce delays anyway.
>
> I also wonder how this would work with 0-RTT since it cannot be assumed
> that application parameters would be remembered across connenctions.
>

When connecting with 0-RTT, you must remember past transport params and use
those until the new transport parameters arrive.

>
>
> On 27 September 2019 at 06.55.02, Nick Harper (
> nharper=40google.com@dmarc.ietf.org) wrote:
>
> On Thu, Sep 26, 2019 at 7:48 PM Christian Huitema <huitema@huitema.net>
> wrote:
> >
> > On 9/26/2019 2:51 PM, Nick Harper wrote:
> >
> > > I propose introducing application parameters to the QUIC handshake and
> > > using this new mechanism for H3 SETTINGS instead of sending them as
> > > the first thing in the control stream. Application parameters would
> > > allow applications using QUIC to advertise or negotiate
> > > application-specific parameters during the cryptographic and transport
> > > handshake. It would guarantee that the client and server have
> > > exchanged their application parameters once the handshake is complete.
> > >
> > > Specifically, I’m proposing a new “application_layer_parameters”
> > > transport parameter, which when sent by the client is a series of ALPN
> > > identifiers with an opaque blob of application parameters per
> > > identifier, and when sent by the server is a single opaque blob of
> > > application parameters for the application identified in the ALPN
> > > extension.
> >
> >
> > I am a tad concerned with the privacy aspects of this proposal, at least
> > on the client side. Currently, the settings frame is sent encrypted in
> > 0-RTT or 1-RTT packets. With your proposal, it would be sent in
> > clear-text, allowing very easy fingerprinting of clients.
> >
> > -- Christian Huitema
> >
>
> Yes, this does provide a fingerprinting vector. Transport Parameters
> also provide a fingerprinting vector with about 10 parameters that
> could reasonably be used for fingerprinting, compared to the 3 we have
> in H3. The nature of both of those sets of parameters is that they'd
> likely fingerprint implementations but not individual clients.
>
> In terms of the application parameters design, individual applications
> can choose whether or not they want to use them in the client flight
> or just the server flight. We could keep client SETTINGS in the
> control stream and only put server SETTINGS in application parameters.
>
>

v2.23.0 | Report a Bug | By Email