IETF Logo Mail Archive

Re: [QUIC] Alissa Cooper's Yes on charter-ietf-quic-00-01: (with COMMENT)

Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Tue, 13 September 2016 17:01 UTC

Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D507812B3EE; Tue, 13 Sep 2016 10:01:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id thu0LDor3y3v; Tue, 13 Sep 2016 10:01:44 -0700 (PDT)
Received: from mail-yw0-x236.google.com (mail-yw0-x236.google.com [IPv6:2607:f8b0:4002:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D9FA12B3A1; Tue, 13 Sep 2016 10:01:44 -0700 (PDT)
Received: by mail-yw0-x236.google.com with SMTP id u82so43239732ywc.2; Tue, 13 Sep 2016 10:01:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=XfsUhHnKjDhMVH8acJ2xQ/G0CjIxe7DNlxKzT4THYYk=; b=ZZcsKwMfdVIwczXvMcuLW//m6hKOapeIdpV000WM6JqHbC+jFJurK5xf7y1L8z+enh XB5H38CSGp8x8+/2aE+n0725noDSMKMgcgSYdNe/ZuY8WexddDRGj9JAWe6p3aXNhDjz UKm2HejgI8owLeYU43L0A3NDI1ZnSoLKWooIY1Ww61jZXHHQ1DrK77vi8m1KpDnNUytQ FquyxqRqu5dI8yw5HIzEaQzejAMjqHAbe6iJdQGJNvz1HcJnFWb/szz+UErzfFh8Vn5J 9HsmNn4I5JQXsRmC6/s3LlEiCW0oYiciHoi2f7DBxabAYfK9Om+N1luLqtaTlS/wSkQf e6Fg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=XfsUhHnKjDhMVH8acJ2xQ/G0CjIxe7DNlxKzT4THYYk=; b=S1TRkVZ+wFNVyEa0ReVYJmjGl923zGnd6yyIzvORMxv6nHNXjS6purLjE+BKRIAx6L ac4OEijYAe3Oo6P2KxWFVneSASseO+0a+LqP2ZsnuXK0t6x8zZF/Sc3fHPM7mRkhYCSc MhzUHwcEDif6AQsVwqzLEwc0e4VV6CBqDDJkWYnXtcIJcO3d8MhvGdDNwcMUuUh9tJjJ stBKqUMv50lXbVWEXviOqrnoBLwb/rKecDvgb39t6pnCtRlR5918n19t5jxj6TxABkp1 iSvcF4OUsxWSYxEffINjuWeBiyGzQxe+GPcQ6uu7y9viuaDMSo6m/NXqtGlo58LEcaZh Z9Ng==
X-Gm-Message-State: AE9vXwO1Q0KxbSP6T1IQ29nSrlunxmj/sYHu6yOhk2rx0ftlayAclVobqzgHL4FoIcrOrNqr/n+08RHh1lbVvg==
X-Received: by 10.129.73.135 with SMTP id w129mr1812129ywa.64.1473786103712; Tue, 13 Sep 2016 10:01:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.24.86 with HTTP; Tue, 13 Sep 2016 10:01:43 -0700 (PDT)
In-Reply-To: <CABcZeBN1E8zQvuRr5XiQyBojgfqXQLv601JO0jtJOO7BFpa7Vg@mail.gmail.com>
References: <147273767703.10217.5299850397860146217.idtracker@ietfa.amsl.com> <CAKKJt-dE_q2iNFLn_BFqPoy1V4kBnxGkbAiGzjyFkDdj6+gMBw@mail.gmail.com> <CABcZeBNDGQT141+9Q-YJRsuVrWGD=SDdeeFaKe0=iNwb+1ckLQ@mail.gmail.com> <CAJ_4DfRrLxOYKaFN_Bi7PpLRVx8_bNWAMChFNKaiPqfaKxaT6A@mail.gmail.com> <CABcZeBN1E8zQvuRr5XiQyBojgfqXQLv601JO0jtJOO7BFpa7Vg@mail.gmail.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Tue, 13 Sep 2016 12:01:43 -0500
Message-ID: <CAKKJt-ek=+zy=-Tn4+MdpABLk8FqVS8_n6L+95ic=_v0LNjoZg@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="001a114dd0942fd0f0053c66913d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/q-lxLSwWItq-TApdefOqDkBErNI>
Cc: quic@ietf.org, Alissa Cooper <alissa@cooperw.in>, The IESG <iesg@ietf.org>, Ryan Hamilton <rch@google.com>
Subject: Re: [QUIC] Alissa Cooper's Yes on charter-ietf-quic-00-01: (with COMMENT)
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list to discuss QUIC standardization <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2016 17:01:49 -0000

Hi, Eric,

On Tue, Sep 13, 2016 at 11:52 AM, Eric Rescorla <ekr@rtfm.com> wrote:

>
>
> On Mon, Sep 12, 2016 at 5:50 PM, Ryan Hamilton <rch@google.com> wrote:
>
>> ​​
>>
>>
>> On Mon, Sep 12, 2016 at 4:39 PM, Eric Rescorla <ekr@rtfm.com> wrote:
>>
>>> I had a few comments on the draft charter:
>>>
>>> > There is emerging implementation and deployment experience with QUIC,
>>> a
>>> > UDP-based protocol that provides a stream-multiplexing encrypted
>>> transport.
>>> > Based on that implementation and deployment experience, the QUIC working
>>> group
>>> > will provide a standards track specification generalizing the design
>>> described
>>> > in the initial set of draft-tsvwg-quic-protocol, draft-tsvwg-quic
>>> -loss-recovery,
>>> > and related documents.
>>>
>>> "initial set" is ungrammatical here. Strike it.
>>>
>>>
>>> > Key goals for QUIC are:
>>> >
>>> > - Minimizing connection establishment and overall transport latency for
>>> > applications, starting with HTTP/2;
>>> > - Providing multiplexing without head-of-line blocking;
>>> > - Enabling deployment over unmodified Internet paths; and
>>> > - Enabling multipath and forward error correction extensions.
>>>
>>> I would like to see a security objective here, as I think we all agree
>>> that it's a first-class priority.
>>>
>>> - Providing secure transport by default using TLS 1.3.
>>>
>>
>> ​QUIC is designed to have a plug-able handshake mechanism​. For sure, TLS
>> 1.3 should be used in many cases, including HTTP over QUIC. But I would
>> want to makes sure that we don't lose the ability to develop other
>> applications on top of QUIC which want a different handshake.
>>
>> ​I'd be happy to see language requiring that we come up with a QUIC + TLS
>> 1.3 mapping, just not language that says that TLS 1.3 is the only handshake
>> for QUIC.​ Perhaps you were already saying this, I'm not sure.
>>
>
> Sorry for any unclarity. I wasn't trying to start an argument just
> memorialize the consensus.
> I'm mirroring the language here from draft-hamilton-quic-transport-
> protocol-00:
>
> "TLS is assumed to be the default crypto handshake protocol, as described
> in [draft-mthomson-quic-tls
> <https://tools.ietf.org/html/draft-mthomson-quic-tls>]."
> and was trying to fit it into charter-ese by making "default" do
> double-duty.
>
> How about:
> - Provide always-secure transport [using TLS 1.3 by default]
>
> I could live with the [] text either way, as I think the milestones make
> clear that we're doing a TLS 1.3 binding.
>

Thanks for clarifying. My previous e-mail crossed yours, I think. So I
should be asking about

- Provide always-secure transport

and

- Provide always-secure transport using TLS

Would either of those say what you're saying?

Thanks,

Spencer


>
> -Ekr
>
> Cheers,
>>
>> Ryan
>>
>>
>>
>>>
>>> > This work will ensure that
>>> > QUIC using TLS1.3 has security and privacy properties that are at
>>> least as good
>>> > as a stack composed of TLS1.3 using TCP (or MPTCP when using
>>> multipath).
>>>
>>> This "QUIC using TLS 1.3" language is a little weird. I would just say
>>> "QUIC". I believe MT provided a similar comment.
>>>
>>>
>>>
>>> > The third focus area will describe mappings between specific
>>> applications???
>>> > semantics and the transport facilities of QUIC. The first mapping
>>> will be a
>>> > description of HTTP/2 semantics using QUIC, specifically with the
>>> goal of
>>> > minimizing web latency using QUIC. This mapping will accommodate the
>>> extension
>>> > mechanisms defined in the HTTP/2 specification. Upon completion of
>>> that mapping,
>>> > additional protocols may be added by updating this charter to include
>>> them.
>>>
>>> I'm not sure this should be in QUIC so much as HTTP. Minimally it
>>> somehow
>>> needs to be in cooperation and I don't see anything here. I certainly
>>> don't
>>> want this to preclude a mapping of only HTTP/2's transport facilities.
>>>
>>> -Ekr
>>>
>>>
>>> On Thu, Sep 1, 2016 at 7:02 AM, Spencer Dawkins at IETF <
>>> spencerdawkins.ietf@gmail.com> wrote:
>>>
>>>> Hi, Alissa,
>>>>
>>>> On Thu, Sep 1, 2016 at 8:47 AM, Alissa Cooper <alissa@cooperw.in>
>>>> wrote:
>>>>
>>>>> Alissa Cooper has entered the following ballot position for
>>>>> charter-ietf-quic-00-01: Yes
>>>>>
>>>>> When responding, please keep the subject line intact and reply to all
>>>>> email addresses included in the To and CC lines. (Feel free to cut this
>>>>> introductory paragraph, however.)
>>>>>
>>>>>
>>>>>
>>>>> The document, along with other ballot positions, can be found here:
>>>>> https://datatracker.ietf.org/doc/charter-ietf-quic/
>>>>>
>>>>>
>>>>>
>>>>> ----------------------------------------------------------------------
>>>>> COMMENT:
>>>>> ----------------------------------------------------------------------
>>>>>
>>>>> What is the status of these PRs?
>>>>> https://github.com/IETF-QUIC/Charter/pulls
>>>>
>>>>
>>>> I checked two of the PRs. One looks like it's reflected in the
>>>> datatracker, but the other does not. I'll make sure the proponents think
>>>> the datatracker text reflects what they want to go with, before this goes
>>>> for external review.
>>>>
>>>> Spencer
>>>>
>>>> _______________________________________________
>>>> QUIC mailing list
>>>> QUIC@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/quic
>>>>
>>>>
>>>
>>> _______________________________________________
>>> QUIC mailing list
>>> QUIC@ietf.org
>>> https://www.ietf.org/mailman/listinfo/quic
>>>
>>>
>>
>

v2.23.0 | Report a Bug | By Email