RE: Go Back to Single Packet Number Space
Nick Banks <nibanks@microsoft.com> Thu, 26 July 2018 14:05 UTC
Return-Path: <nibanks@microsoft.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC392130E70 for <quic@ietfa.amsl.com>; Thu, 26 Jul 2018 07:05:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id um3r3l3oav4T for <quic@ietfa.amsl.com>; Thu, 26 Jul 2018 07:04:59 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0123.outbound.protection.outlook.com [104.47.41.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 16282131158 for <quic@ietf.org>; Thu, 26 Jul 2018 07:04:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bkra2vfAEITDOlNnmMCps/ab9jnkjisdJySdgh74iT4=; b=OUilGR+k7H2aecL4aJdAgXJ91hTL1DgogNLqznziVa2Vu9shPa08m6m3ICaS8MCq6una55pMm0bz5lJSttM+5WPhRat7wtqz7M7Uk3Jr+Cw3bDMvxRcsDaArAHqwzfbzdJAWyMEJ+Qo4Ge7bkb2FOPMuxG/bS57pA2MyZx1prsE=
Received: from DM5PR2101MB0901.namprd21.prod.outlook.com (52.132.132.158) by DM5PR2101MB0917.namprd21.prod.outlook.com (52.132.132.162) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1017.2; Thu, 26 Jul 2018 14:04:50 +0000
Received: from DM5PR2101MB0901.namprd21.prod.outlook.com ([fe80::b1ef:f0bd:d9eb:2545]) by DM5PR2101MB0901.namprd21.prod.outlook.com ([fe80::b1ef:f0bd:d9eb:2545%2]) with mapi id 15.20.1017.000; Thu, 26 Jul 2018 14:04:50 +0000
From: Nick Banks <nibanks@microsoft.com>
To: Patrick McManus <pmcmanus@mozilla.com>, Kazuho Oku <kazuhooku@gmail.com>, QUIC WG <quic@ietf.org>
CC: Martin Thomson <martin.thomson@gmail.com>
Subject: RE: Go Back to Single Packet Number Space
Thread-Topic: Go Back to Single Packet Number Space
Thread-Index: AdQkTBwat6Uz522HTCmlcfdQS0RX0wANbUcAAA5hLwAAB8AWgAADcZzg
Date: Thu, 26 Jul 2018 14:04:50 +0000
Message-ID: <DM5PR2101MB0901581E982F410F31E42E2AB32B0@DM5PR2101MB0901.namprd21.prod.outlook.com>
References: <DM5PR2101MB09016D44959E5796570F3CB7B3540@DM5PR2101MB0901.namprd21.prod.outlook.com> <CABkgnnUTPvrVALX0Xr9xGpJnTHq=yWN48NRqtcQSZ4bzGFjAYA@mail.gmail.com> <CANatvzwP9czJSVzLWYj1+0-rGMkeX0UAE9T+11Zd2ygip4K29A@mail.gmail.com> <CAOdDvNqzecNOX9hPrMqpTWTFh3yrqFjdmxtm1e+_sC6y+xxZsA@mail.gmail.com>
In-Reply-To: <CAOdDvNqzecNOX9hPrMqpTWTFh3yrqFjdmxtm1e+_sC6y+xxZsA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=nibanks@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2018-07-26T14:04:48.6805047Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General
x-originating-ip: [2001:4898:80e8:1:1d83:4be1:90a4:2f3c]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR2101MB0917; 6:db612/Bt6xuUXIvSDTyQolz26fvNxMKP+KuqyCZ6kocwe7+h3cpFeFjKaBxkcbqh5doGA6aQqCVd2ATjkkGOOyYoEu4u1VbkT79YrnhuNEvdl3ena8JlWG47xroCu0/OUWV1vPcjpPkSoz5h0mlyAuTqEBpBorVz7ofkyZyez5D7Z+sgwAw2HqjWN4z9cC/TSxY3BjLH0IbabtMISFZtwFYAYPVIs12CFCRGM9LF00KNdv+khfBaNvooVmLjijaIbSSlhaWnjSShQVshz80mzueqMjvWydfwyvGiGvGDEQ2Iz5PCtxDWGcpTwWLVT2LRC2yTJd08TFbTXi019DCJQoKlNaP73J+L3C1zBcnMycJq0pS2qIkSAcuIpMgnajvyHvaoVMJurUSJXlGs7XCwyFCF5SH91Jymb5XOnKQ9C8Zir6Yj5sEikU1C4QxUIdb9qgEuaEz1ygVLXFrfdZcHMg==; 5:hYKE5R0dPFfg1lQ41enKZJMsAE+x3VUssjwgMmd1bYIo10E5W4UfpeeBeCLYrnu0Npwlnxm2l2R6avKmdNkx3POdAXMms3r5BSQ0JVIK4SCCCFw1jAH6BdZeRXPocgGDZWPX50lu2AJuO6h8rsh5ZNVHOWkwKRvbmdJyAQ7XsOE=; 7:uphZiNakbYKbwcbEAjKoE8AKq5vwMrXp/VeyXL9jY691cXa5PLhSZdvtOnZ/YLwRGl26K5CL6DQVeclEeaO3Elcn4RmsPBx72z3wy9gMcxVdwo5NpjSxcLf5ZyI5KnLMwu0BHMsF38vvqedzF+r7FrppgIWyi/vcm4ktnjWRj/bhlVdtpI5YoomQt5PwRj5PkM+vylaQH7kJPdIIk11aziBV7MnQF6+GmqaGPI1+zGgn7d+EaFdPZJRYN8HjYmTj
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 484a4d6c-3480-4e5a-5578-08d5f300c0e5
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600073)(711020)(4618075)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(2017052603328)(7193020); SRVR:DM5PR2101MB0917;
x-ms-traffictypediagnostic: DM5PR2101MB0917:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=nibanks@microsoft.com;
x-microsoft-antispam-prvs: <DM5PR2101MB09176507C902FF6802DA4BD1B32B0@DM5PR2101MB0917.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(89211679590171)(85827821059158)(21748063052155);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(3231311)(944501410)(52105095)(2018427008)(93006095)(93001095)(3002001)(6055026)(149027)(150027)(6041310)(20161123562045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(6072148)(201708071742011)(7699016); SRVR:DM5PR2101MB0917; BCL:0; PCL:0; RULEID:; SRVR:DM5PR2101MB0917;
x-forefront-prvs: 07459438AA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(136003)(346002)(366004)(396003)(39860400002)(189003)(199004)(6116002)(19609705001)(9686003)(236005)(54896002)(6306002)(55016002)(5660300001)(229853002)(102836004)(76176011)(46003)(6506007)(53546011)(105586002)(106356001)(110136005)(316002)(86612001)(2900100001)(81166006)(8936002)(8676002)(186003)(22452003)(53936002)(86362001)(790700001)(6436002)(97736004)(81156014)(10090500001)(8990500004)(476003)(33656002)(561944003)(5250100002)(2906002)(68736007)(256004)(14444005)(10290500003)(7736002)(99286004)(446003)(11346002)(486006)(93886005)(4326008)(14454004)(478600001)(7696005)(6246003)(39060400002)(25786009)(74316002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR2101MB0917; H:DM5PR2101MB0901.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: Dedj+d3SEpyq6PF6wHlWlAYTKrWTcvYAvhD1tasp9saPeN88f4oaq1SzDZ7T5Ty5IVWu7RhnhCU0Plpg5m6y61DcfTXwN2vGrNimi+3FrBMJu23c/Sh73S/sJ0xhjwW3FCA7Sl+gdk/JQXtr4lgSTDsnmT9roIXLpgWXXTUHulLx9LA4SDcAZfCA2iipPPhh8kr/WwJmwpFeSvvXcObYuO4H/ZUV8gM5PkHEPjhF0ZdAu99Jl3j3YDICB5ppd/9+HESVh+pZ5UYtUHV3nCvWNFiDYPvzfzrodQQQ+tJXoZtWMDbHIcL5WmWn84IfTUtkRcdmywc5at1fC5w4w5WmdeTExZ2ESwjJ4K9hcTD4OLc=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR2101MB0901581E982F410F31E42E2AB32B0DM5PR2101MB0901_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 484a4d6c-3480-4e5a-5578-08d5f300c0e5
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Jul 2018 14:04:50.2906 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR2101MB0917
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/WHZrfxuiMAcCqtTE3qLim_FPUxQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jul 2018 14:05:08 -0000
First, I think we should limit the discussion to what actually is in V1. Things like post quantum crypto and possible future TLS changes are interesting to reason about, but should have no immediate bearing on the design right now. If things change in the future that might cause additional issues, we should handle them in a future version. Second, on the topic of only acknowledging packets at a greater than or equal encryption level being even harder or less efficient to implement, while I whole-heartedly disagree, I was thinking about this, and feel we could actually go one step further. Already I have proposed disallowing ACKs in Initial packets and allowing 0-RTT packets to be acknowledged in Handshake packets. We could instead just say no ACKs in Initial packets, but all other packets can acknowledge any other packet. No encryption level requirements at all. The obvious possible point of contention with this, is that it would allow Handshake packets to acknowledge 1-RTT packets. While it is a ‘lower’ encryption level (I don’t really know what that means) both Handshake and 1-RTT keys are keys only the endpoints know. I don’t see any harm in temporarily (as long as you accept Handshake packets) allowing Handshake packets to acknowledge 1-RTT packets. With this design, an implementation that needs to acknowledge something can then do whatever it likes, so long as it doesn’t use an Initial packets. Next, for not explicitly sending ACK frames in Initial packets, I personally don’t see the explicit event of TLS changing read encryption keys from initial to handshake as an implicit signal. To me, it seems very reasonable to call that out as the explicit signal to treat your initial packet(s?) as acknowledged. - Nick From: Patrick McManus <pmcmanus@mozilla.com> Sent: Thursday, July 26, 2018 5:15 AM To: Kazuho Oku <kazuhooku@gmail.com> Cc: Martin Thomson <martin.thomson@gmail.com>; Nick Banks <nibanks@microsoft.com>; QUIC WG <quic@ietf.org> Subject: Re: Go Back to Single Packet Number Space On Thu, Jul 26, 2018 at 4:33 AM, Kazuho Oku <kazuhooku@gmail.com<mailto:kazuhooku@gmail.com>> wrote: I prefer having split packet number spaces, because in addition to what Martin says, I feel uneasy about allowing a receiver to acknowledge a packet "in a greater than or equal encryption level." My understanding is that this the key of the proposal. Use of a unified packet number space makes sense only when an endpoint can send an acknowledgement for all packets that it has received in one encryption level. This sums up my feelings as well - I really like the explicitness of the separate spaces.
- RE: Go Back to Single Packet Number Space Nick Banks
- Go Back to Single Packet Number Space Nick Banks
- Re: Go Back to Single Packet Number Space Martin Thomson
- RE: Go Back to Single Packet Number Space Nick Banks
- Re: Go Back to Single Packet Number Space Dmitri Tikhonov
- Re: Go Back to Single Packet Number Space Tommy Pauly
- RE: Go Back to Single Packet Number Space Nick Banks
- RE: Go Back to Single Packet Number Space Praveen Balasubramanian
- Re: Go Back to Single Packet Number Space Eggert, Lars
- Re: Go Back to Single Packet Number Space Mikkel Fahnøe Jørgensen
- Re: Go Back to Single Packet Number Space Kazuho Oku
- Re: Go Back to Single Packet Number Space Patrick McManus
- RE: Go Back to Single Packet Number Space Nick Banks
- Re: Go Back to Single Packet Number Space Eric Rescorla
- Re: Go Back to Single Packet Number Space Tommy Pauly