WG last call comments on draft-ietf-quic-transport-29
Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 08 July 2020 18:04 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D9FD3A059F for <quic@ietfa.amsl.com>; Wed, 8 Jul 2020 11:04:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rryYYdsyOnln for <quic@ietfa.amsl.com>; Wed, 8 Jul 2020 11:04:45 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2078.outbound.protection.outlook.com [40.107.22.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E0703A0542 for <quic@ietf.org>; Wed, 8 Jul 2020 11:04:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RbUchu0WXKzfqiwK+E8f2ScKZIB1LAz2h95r8ZrElZd3kaXZaF9JkAelwLSWQeOn4D6lEhCr0kZU97fZnIaQMBaoYo857Ihm8FVvFqbFcjqRiRWpGEEoIVP0KSru56qytHmRTuJLBRRL782haFdhnqDvR+OngdFR+yBSzG1al5ci4Z5VHRNiu+Z9+zr/ilBqF2QYjXrsK8/niP4yaZk20EmHQXiA9BH1CSD+hy/ssjZwanSiPppmsDkoDZp2A5IQZ5tujldUf4AutQMl71nCCaKv1eQ5JsxreZED5YUc03SiHrGp0EReWxIEBfLVvVzdf1yoRgP0bWxPnVjX0AEXTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wiNm1FFMKBGzcfrcD+0cuWXUdF0naJP4V9iZ87RWr34=; b=MCUQdoJSwqnBMoo0TyYAJOZ03vmJnCkPuXRkRXBy2MjEakHLhXSvQcw+hv/eGdKnYE5Fz/MWKlkLCY+GjbBRQScCsRuZhOWP+Y0oIZG9237jQlu8Qd/rIv/vtKsliwL54T1dOQdDe1j4bFoHdmLRNDecYVzhRDSBwiQ2F1bo1dYRBXWDPQALJ3HMm7Fmy65KfxM/JUy/bzPEyYzbGS+3OU3nEPoRxNjrmiwoPI9DO/f7ydniUwlNgx6h5clvTsP2Z9Cx2hU4Sa2gu3qMRax6jN+TBkBHNxtLOOGzQHbi+V/Ucgale1wIWnatko93Ob1yqgb6UTBLaJnIfBwFPHdclA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wiNm1FFMKBGzcfrcD+0cuWXUdF0naJP4V9iZ87RWr34=; b=Gu/JQrh8khA+AuPoTjgROVORbD1PDy5jIEaReWIQwDZrmg+FCRTtNB2Iod2KtiUxS8hT5IMv6O7JiqXYJXXVj4FEjTp9PSQI2Df0/E//RO1FV6FmuOAzW1eHwsKvl29sfNCCWbfAlxeIp4/6XXLXM7tylOohtcQ1ZQtSo75gn5k=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR0701MB2795.eurprd07.prod.outlook.com (2603:10a6:3:9b::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.8; Wed, 8 Jul 2020 18:04:37 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::546c:3b3:9193:3351]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::546c:3b3:9193:3351%6]) with mapi id 15.20.3174.020; Wed, 8 Jul 2020 18:04:37 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "quic@ietf.org" <quic@ietf.org>, "draft-ietf-quic-transport@ietf.rog" <draft-ietf-quic-transport@ietf.rog>
Subject: WG last call comments on draft-ietf-quic-transport-29
Thread-Topic: WG last call comments on draft-ietf-quic-transport-29
Thread-Index: AdZVSFz+OetpiiZFSvGMix+HsfHEEg==
Date: Wed, 08 Jul 2020 18:04:37 +0000
Message-ID: <HE1PR0702MB37720D42E58ACB56A14E679495670@HE1PR0702MB3772.eurprd07.prod.outlook.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [158.174.104.67]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 456f5aa7-993a-445a-ae12-08d8236960a3
x-ms-traffictypediagnostic: HE1PR0701MB2795:
x-microsoft-antispam-prvs: <HE1PR0701MB27956D6C5D776590F36AA23C95670@HE1PR0701MB2795.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: MwxObVRBGZr6je0abB96vWXnq6gz1pmlMMio3GoWvxKXy34tseCOsG6c5/3jV9xV1e1G3EVjHHZ1ef8TAeUvXKdj9Ky1ZfbUgRW6Ia/ZzoQXNWGZ9Hk3hw4wXTbtEvyTrQ6F2lt+EueOvwVpUsysWyQcCC7dVSHHTLQKnQDiJj07nHcYOXjX4ajSSfXLh+4c6A7ZU+9LVBfzb3K029ohNiewQsEvMV7dTcEY8FvZ1s0noDN5uatdsTshx7Sih0h9DPbyncSRn0chdDhQKp2sritHY+qFbk6S2tEXFMmkBSLPI1Rsk2W0roGAvtBopQa/C6mpTem9s5UvQw27uqhdlFwY9Pn4QQuliLWYww6Mq4ldirj2/P1lX/AtF9SALLaAfCn0pZZmw0Zkic88YhB+Tw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(376002)(366004)(39860400002)(136003)(396003)(7696005)(33656002)(99936003)(9686003)(316002)(55016002)(110136005)(66476007)(66616009)(76116006)(66446008)(66946007)(66556008)(64756008)(186003)(8936002)(8676002)(26005)(6506007)(966005)(478600001)(83380400001)(5660300002)(2906002)(71200400001)(44832011)(52536014)(86362001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: Sk1LSDY1FxNU2P0X8wUJz6qwpedaY9Nz8oE2/5GfMh+CxXeb5Bf4FFMsZNlx7sV6VWf2bsJZlZsbmiboM7lxhCE0WDSFdpfHcQnIP/u+tcI4IXzt3zTICW0iyJj390hOFUQavb+Il8cTehCs04ajk80v+oMsYa7NbqavA4vf/wbtQ6zYyS+dHSiQgllnp5kYCLSzDtjZYFZuF+iypL7HP+719o2NmkwHl5TJM6/B8+TRkmstOka+CuJ3hpTAx3/RCWewN/wQb0O/YDu4k8tTuzKVzBd5A+4rScKlI45kvPoBwG8h0RpeqOq2Bwafik9mP9fZX0UjZdu+zu4jhxJRZGujrgKYh031ISepuc3k+IZ1rv42JshKI2La0IwvKr0Q2wpf2QFTaUwbg2jMXYf3xct2MVpbNFyQt2b7+onzQkQCUvsCQQIvwTQ1av0k+BWz5c22Jp+kmAVQ7bdHxXWrkwYBPq1oaT3694C29/PdSfJxqPh6oJH2FhluAKeCIr4W
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_013B_01D65563.0098DE70"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 456f5aa7-993a-445a-ae12-08d8236960a3
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Jul 2020 18:04:37.1583 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hUoFYDtb8CFn9K3xicQcpUwA8vSVKfbtT2iYtqRB9GxDYMB66vzXfaGWwdkASRZfyf4cIfZhDMklJcyESfFsCOXeS9pivJIelr+yBeR1TFo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2795
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/3eajkpwoaIpZlEcPBkSGavVWhqc>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2020 18:04:48 -0000
Hi Sorry for not filing issues and instead giving you this dump. A bit short of time so I wanted to get these in before the end of the last call. And I have noticed that some are really edge cases. So think them through and then it is fine to say this is not relevant because of . 1. Section 1.3: x (A..B): Indicates that x can be any length from A to B; A can be omitted to indicate a minimum of zero bits and B can be omitted to indicate no set upper limit; values in this format always end on an octet boundary There is an upper limit based on the protocol even in these cases, either due to encoding restrictions or the protocol. 2^62-1 bytes in most cases for length or data limits or the per packet limit where MPS will be a restriction. Should that be made more explicit. 2. Section 3.2, Figure 3: The top most RESET_STREAM which leads to the Recv state. Shouldn't that go to the RESET Recvd state immediately. If I interpret the figure it will take two RESET_STREAMS until one end up in RESET RECVD 3. Section 4.1: " If a sender is blocked for a period longer than the idle timeout (Section 10.2), the connection might be closed even when data is available for transmission." Who may close the conenction? both peers, or the sender that is blocked or the receiver? 4. Section 7.4.1: " In particular, a server that accepts 0-RTT data MUST NOT set values for the following parameters (Section 18.2) that are smaller than the remembered value of the parameters." So far I have not seen any definition for how long TP parameters will be remembered. I guess that there is a time limit on the 0-RTT keying material stored in the client that is relevant her, however this is not at all referenced here. Should there be a pointer or explanation? Because the above normative statement appears to be missing the tie into how long the client will remember theses remembered values. 5. Section 8.1.3 and 8.1.4: First of all I got the wrong impression of this section as the details about address validation part, that you actually include the address is in the next section 8.1.4. I don't know if there should be something done about this or not. But my impression after 8.1.3 and before I read 8.1.4 that this was not address validation, only client validation, i.e. this is a client I talked to before. My actual question I have on these section is if it there should be clarification on that the client should keep track of the token on a server authority + client address/network scope. So that the client will not send the token unless it is on the same network it was before. But maybe this last is unnecessary as the server will ignore the token if it doesn't match. 6. Section 9.2: Receiving acknowledgments for data sent on the new path serves as proof of the peer's reachability from the new address. This contradicts the text in Section 8.5: Receipt of an acknowledgment for a packet containing a PATH_CHALLENGE frame is not adequate validation, since the acknowledgment can be spoofed by a malicious peer. So this might be an intended differenation between path validation and indication of basic reachability (assuming no hostility). Maybe that exception also needs to be noted in the last paragraph in Section 9.2. 7. Section 9.3.1: If an endpoint skips validation of a peer address as described in Section 9.3, it does not need to limit its sending rate. So I assume what is referenced in Section 9.3 is this: An endpoint MAY skip validation of a peer address if that address has been seen recently. In particular, if an endpoint returns to a previously-validated path after detecting some form of spurious migration, skipping address validation and restoring loss detection and congestion state can reduce the performance impact of the attack. So the question here is what is considered recently. I think the lifetime of a address validation is significantly longer than the validity of the congestion control state. 8. Section 10.1: "Endpoints that have some alternative means to ensure that late-arriving packets on the connection do not induce a response, such as those that are able to close the UDP socket, MAY use an abbreviated draining period which can allow for faster resource recovery." So to me this assumes that the underlying system will not reuse the local UDP port in the time it takes to drain the network. I assume even applications may shoot itself in the foot if it insist on a local source port for an outgoing QUIC connections and that was recently used. I assume that this will not have any significant impact on a QUIC instance, and what it does to another UDP protocol is all dependent. 10. Section 10.2: " If a max_idle_timeout is specified by either peer in its transport parameters (Section 18.2), the connection is silently closed and its state is discarded when it remains idle for longer than the minimum of both peers max_idle_timeout values and three times the current Probe Timeout (PTO)." Should this really be the minimum and not the maximum. For very low values of MAX_IDLE_TIMEOUT the QUIC stack is not even given a fair chance of probing if the path is still there or not? And for larger value the 3*PTO will always be setting the value. I would have expected the maximum, that below 3*PTO it will not timeout, and when MAX_IDLE_TIMEOUT > 3*PTO that value will be limit for how long probing is done. Doesn't the rule also prevent a stack being silent for longer than 3*PTOs? That appears wasteful to force continuos communication if there are no data be sent. 11. Section 10.3: Such an endpoint SHOULD limit the number of packets it generates containing a CONNECTION_CLOSE frame. To what level should it be limited, e.g. one packet per 1/4 RTT? Or is the argument that Any reduction is sufficient. To me it looks like a simple packet mirror on path that sends the packets back to the sender will maintain the number of packets in flight unless there is a reduction factor. 12. Section 12.4: Packet Payload { Frame (..) ..., } The payload of a packet that contains frames MUST contain at least one frame, and MAY contain multiple frames and multiple frame types. Shouldn't the above be written as: Packet Payload { Frame (1..) 1..., } Each frame has a minimal length of one octet, and there is a requirement of at least one frame. I did note that there are no x.y definition. And that the definition says there are 0 or more entries which isn't true here. I don't know how much to do about the inconsistency in the notation for this case? 13. Section 17.2.2: Length field for the Packet header is undefined. I would guess that it contains the total length of the Initial Packet in bytes but that should be defined. Applies also to the 0-RTT and Handshake packet. 14. Section 17.2.5: The value in the Unused field is selected randomly by the server. Should this say that the receiver should ignore the value in the field? 15. Section 19.9: The Maximum Data (i) field as currently defined will be in many connections the upper limit for how many packets can be sent in any connection due to its bit limit. As this is a maximum value due to usage of the variable encoding to 2^62-1 bytes. It is possible that this value could be reached as around 2^52 packets approximately. An QUIC packet will be possible to contain at least 1024 bytes, i.e. 10 bits worth of bytes. In a DC center network with larger MTUs it is possible that already after 2^50 packets this value will be exhausted. Should I simply assume that this amount of data is such a big number that if an application runs into the limit forcing it to restart the connection is a minor issue. However considering that the limit in packets are relatively more discussed, this limit is not much discussed and in fact there are no mention in 19.9 what to do if that value reaches maximum that can be encoded, i.e. close the connection. 16. Section 22.1.4: All registrations in this document are assigned a permanent status and list as contact both the IESG (ietf@ietf.org) and the QUIC working group (quic@ietf.org (mailto:quic@ietf.org)). The IESG is recommending that registration owner for IETF STD documents are IETF. The arguments are in this doc: https://datatracker.ietf.org/doc/draft-leiba-ietf-iana-registrations/ 17. Section 22: An important question that for the high level structure of the registries are the question if these registries are Version 1 specific, or expected to be used across multiple versions of QUIC? Because if the former then the general heading for the registries should say QUIC Version 1. If they are intended to be for multiple versions, what type of indication for which version particular entries are valid are needed? Editorials: A. Section 8.2 uses PMTU without expansion. Before this point it is only used in TOC. B. Section 9.1: An endpoint MAY probe for peer reachability from a new local address using path validation Section 8.2 prior to migrating the connection to the new local address. Missing parenthis around Section ref. C. Section 9.6.3: " If the connection to the server's preferred address is not from the same client address, the server MUST protect against potential attacks as described in Section 9.3.1 and Section 9.3.2." Shouldn't it say something more like: If the client's packet flow to the server's preferred address for the connection is not from the same client address, the server MUST protect against potential attacks as described in Section 9.3.1 and Section 9.3.2.
- WG last call comments on draft-ietf-quic-transpor… Magnus Westerlund
- RE: WG last call comments on draft-ietf-quic-tran… Magnus Westerlund
- Re: WG last call comments on draft-ietf-quic-tran… Martin Thomson