Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt

Roberto Peon <fenix@fb.com> Sun, 15 August 2021 17:50 UTC

Return-Path: <prvs=78610dabaa=fenix@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF0033A1E20 for <quic@ietfa.amsl.com>; Sun, 15 Aug 2021 10:50:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.548
X-Spam-Level:
X-Spam-Status: No, score=-2.548 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vfu3xEDueeul for <quic@ietfa.amsl.com>; Sun, 15 Aug 2021 10:50:52 -0700 (PDT)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B48FA3A1E17 for <quic@ietf.org>; Sun, 15 Aug 2021 10:50:52 -0700 (PDT)
Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17FHmV4Q006359; Sun, 15 Aug 2021 10:50:50 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=facebook; bh=bT6pJn5wAfL/OVLHmKgzB+8RTfkJl8yWIn0Grz78thc=; b=L/gxNCP/1yVGqmg4A4+5nv+JElS5LaMLmeBt40R6orGGfue15rL8f+xHC7Q6dLPZf6jY 1+lVGdDJ2GQg/GmGVRGA65gkr7lofPScupRW2pkbHA+zYxHBuHOqbscNHy/QXxaPvJol PmauItWTwVM7zZ2hSkvLEKxxKW8UQYNnyPw=
Received: from mail.thefacebook.com ([163.114.132.120]) by mx0a-00082601.pphosted.com with ESMTP id 3aed56cxxa-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Sun, 15 Aug 2021 10:50:50 -0700
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (100.104.98.9) by o365-in.thefacebook.com (100.104.94.196) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Sun, 15 Aug 2021 10:50:49 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FLn7fj+QFl+97yfCtDsQKvGJ7dcSpMBKP/TtkLd7ydsw7+I1frhLRvFBNqIuS7Qn6S68yrbkXle78QB4pTQrL9ovujvLXF4HXCHAiO2mrsil4ecdXbZgZTYfGgfkRrg4nIKdy1RJIyCiwMYAC7OJytpMNTZOZi3ujhY73tntVHsQM+kwxNpCpmeHpxUSvo1dQmWsvTsGjye6bYYZLkCpOz76spqsHIrZZd0GG+Gq0BL02/JjDWWr6xnwGBJzI0TzvpIyyXxtcHD9hryL/ioXApIyl030HiZ06Pouhw88olI/cBwnEnEkkgINSkfcz45milfGQXBY5VzZrZCBmeEF1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bT6pJn5wAfL/OVLHmKgzB+8RTfkJl8yWIn0Grz78thc=; b=nVN2LNgo6oeKlAW3tgIqvDhnT+Z2kuGBpvl9qbJQQhVUaedRDEHIdjgSen+yldCdgQHvC0TdTJRS9290iq/IPcUpzvHHssyoDgXgJu5YDaLyT/5RBoQfhtbeF5u766+BP1BVlumNWTtfxVzp+NKSFzu37CJ2VX1Gqb5t9agcpEzDCJKNCgKoUJHulbGZ6KW9lsjMPJ8LkrkJo8rkAm5FJL/eHT+8qtAoAarLoeAd0TavNs9NBgBVCERjRn3F6aQK4Pd1mg1hbe8aOEMJSdgcGxkaALJC+bFrudgkctp3v9W5kbzY6ZVGB1DeKYmCOosTfJdAa9lOLKLsUqcwdZVZZQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fb.com; dmarc=pass action=none header.from=fb.com; dkim=pass header.d=fb.com; arc=none
Received: from DM6PR15MB2681.namprd15.prod.outlook.com (2603:10b6:5:1aa::28) by DM5PR15MB1513.namprd15.prod.outlook.com (2603:10b6:3:c6::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.21; Sun, 15 Aug 2021 17:50:47 +0000
Received: from DM6PR15MB2681.namprd15.prod.outlook.com ([fe80::b85e:ed20:5de2:9115]) by DM6PR15MB2681.namprd15.prod.outlook.com ([fe80::b85e:ed20:5de2:9115%3]) with mapi id 15.20.4415.022; Sun, 15 Aug 2021 17:50:47 +0000
From: Roberto Peon <fenix@fb.com>
To: Roberto Peon <fenix=40fb.com@dmarc.ietf.org>, Ryan Sleevi <ryan-ietf@sleevi.com>, Kazuho Oku <kazuhooku@gmail.com>
CC: Jana Iyengar <jri.ietf@gmail.com>, Robin MARX <robin.marx@uhasselt.be>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt
Thread-Topic: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt
Thread-Index: AQHXkAqT1N6wG6XQ2E65zUc3Hzcu9qtxoE2AgAJ61wCAAB+BgIAAK7YAgAAAXoA=
Date: Sun, 15 Aug 2021 17:50:47 +0000
Message-ID: <EA6B8FE3-09B4-4050-8EE1-2CD1D9AB7FD0@fb.com>
References: <162883401993.25302.7275724432785172464@ietfa.amsl.com> <CANatvzxWrg+rciDpOZqsnDWq_oW_cr-Do2SjUzGgPy_vyAUs=Q@mail.gmail.com> <CAC7UV9aVnrUfvLuMB6dFSqiVzyr5PNF_xc+nRiZve35R3xqyrw@mail.gmail.com> <CANatvzx_O_38nU3wyD6UCtFRfBSarT4=NO45yOQMbSOe0oCK=g@mail.gmail.com> <CAErg=HEJ_r2TgEf643Y49DKdawyJUZeypS0e2oTVXsBihSHpTA@mail.gmail.com> <4076AAE3-2547-42E5-B12D-14F10C4C415C@fb.com>
In-Reply-To: <4076AAE3-2547-42E5-B12D-14F10C4C415C@fb.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.51.21071101
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=fb.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7efb984c-0fd9-4000-bc45-08d9601536a8
x-ms-traffictypediagnostic: DM5PR15MB1513:
x-microsoft-antispam-prvs: <DM5PR15MB151301263F6AF37B5AEA0269CDFC9@DM5PR15MB1513.namprd15.prod.outlook.com>
x-fb-source: Internal
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HBlRoCkbhzO7PYevG98QLLN06uzMXh93YfNO48/0u6lTamws0xdKiy2VdT00KM4fPzSvWl0GpolL+HRseV3QB06q1F8e7q55blWD63UmWPw2R4cg/e9FsZosoVREL2DJi+2vR2vq9I1sUCy2wBHG5/7PrON/xF31/c2MCItREvF7b2XB9gNgA4Vz5eTf4gcp5xSH/3UWjPV+Z8fFpT5Unq/w4tf2yDYsch3dwHEp69M+9eCUdR33pmM4RZaXfLCD4fh/5jxt/xUMaWQOP8H1moU7vIhXAlp870KS3/6UuCRDXuvTFFnzH2dWCbLyxdjV1XkNuBOo1LeeBEGcq7rXJocelzY49bOyW5sg/VuaBNtRj+qRtCG4tRbdtL2V5eT6np3BBzuso/8s1uyB0UlUxalp69oG1rm648df7wTzoKHikqYYoIVCn4jS2S6mZkcUmgInZoZrS7IQ0W1E8cCtbJxJ+QaGgzVr1d/oCXfJ17gRQgKkDKM1fNQF1UrJxva1A2n0MzJ3Y07L68kYnGAIiL6cca6L/jiQjW0viZivkmCObvgH5weJRMUWApYfgZYZvnin/4zJJWpLrN/6HKhdZrm5pfwf4CPQALWl/bwdnvuJfpWJYLf+YlaArhDs9WZiy3Nf6DsKlNHu+bMb0Pz9tdymVFk3OzRfPilM4chAXwgjReuASHB2aF5P1HuHZcQQfPoe8cjeppWU5nXBU8unzD1yo7cEJORvqB21Thf3vuc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR15MB2681.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(346002)(136003)(39860400002)(396003)(186003)(6506007)(26005)(53546011)(36756003)(6512007)(2616005)(6486002)(2906002)(38100700002)(5660300002)(33656002)(66946007)(66556008)(316002)(15650500001)(8936002)(8676002)(110136005)(66574015)(66476007)(4326008)(64756008)(478600001)(38070700005)(83380400001)(71200400001)(86362001)(76116006)(91956017)(66446008)(122000001)(54906003)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?bSt6dXppc1JKS2w5OWltMVZrWjZGRFZpZjNwTXhmRjl6dENsU2lXZmZXTVZk?= =?utf-8?B?R1Y5TTJyU3pyVHBWSEd3QjlBcG9GNFRleDcvdWxMS2pDU25qbzNJaHY1VW8w?= =?utf-8?B?dEJoRlVSR3d6QlRta2J2RzRpanhjTVk0Z1VxSGNOcFpoM0d0NUNYSUFaa0p2?= =?utf-8?B?Y3Y0dEhqYkJ6UWRkWUVzT1pkWDdKaDA2bzJXb0gwVEVJWE91VTBOZTVMSE9P?= =?utf-8?B?K2JvMWVqWDMxeUpRdVdaV3pKWTdPeHU3K3FWSktCWlhqZ1FmWUtHYUdKWTRh?= =?utf-8?B?VG1lRmladWNKeVFlWEtXS002ZXBqc3pXWE9sSVJSVVVQbDM3eloxakFldGJU?= =?utf-8?B?QVRMRy9xSjBJN05nQmFnbHoyRHJ1UUhUU1pEWFg1K2MycUEwdzRkS2hDcXlZ?= =?utf-8?B?VVlSNCtTajloTXAvd2NnY2pienB6Z0VHUnpMeGM3Q3p0bVNZS2JNTE8zR2RG?= =?utf-8?B?SW5Fd05QRUdmLzNURHdWUFRQNzRlY0ovR2d6dllkYmo0L2swVW9KRjJOV3VL?= =?utf-8?B?L2hYN3VFcW02Kzlld0J4djQ1SEZubXA0QmIyQk5vZ1oxNVdrYnRjVk5SR3o1?= =?utf-8?B?VGltTnZJaGZXckZZY0ZQcjlhMFV1bUlJcXZQN2w0Rlpjcmdmc2ROL1dDbjBM?= =?utf-8?B?RG5Oc3pPREQ2bTBYWlZrWUMzYzRuekZLaW1IYXByT1NSUnZDa0pFSUJydCtF?= =?utf-8?B?MFBxbEJGK0VxNEhWb0JLL1AvcHBraGZCbVBjaDBNeXI5OUtnY2J6c1MyNVhi?= =?utf-8?B?OHJGR0FDRTRUNjRZNWpKdHk3VjVxeWU5d0JlSnVqcElKOVlPbGNkbkVmSERM?= =?utf-8?B?eEJnclNWZ092VHZUT0VWUEFZNk5RYzdhRVFnTERpVWlvRk5kbktyYjFwVzRW?= =?utf-8?B?ZkpGdlVUUEpoY3lDdXYyMjJob1dnQ3hLN1lMYnhnSHZCaGQ2YlM1ekRtQVlx?= =?utf-8?B?Zi8yc2RKUHBDWUEydUhCbWxBSnB2ZHFmcjUzZTBRM2FVMXVPck5oNFNjQzFv?= =?utf-8?B?Y29PUitvZm14UWpYeXo2c04rMFdJSGVPd2FqSFhERGFDYlFNWVAzM3VZaUdC?= =?utf-8?B?cTBoVHoySENNcnJNL2tXMkJFU0Y0aTVjOW1ZM2VmdVVwN0VvVi9scnRFa0lH?= =?utf-8?B?MDdKcnkvQ3Z0RTlYVVNtRjZlYmJMZkdaT0lIZDM2cUZSVkxYRlY2L01QMVYw?= =?utf-8?B?N0c1QldrRkQzVkFqSlY5eFNmYjQyUXJIWjQ1OG9SdlZ3cnpoRXV2cWFaYVk0?= =?utf-8?B?ZHA4b2FBNWJhTlBmTFhxZVlvL0hkN3N4aUo1RlJVNDdHeENKZUQ4VFpaaVRS?= =?utf-8?B?Um1iZTRDdzJMNmUvQ21DeWtjcHJTa1VSNGJSMElVYmhmT0ozN2kyTHYzSEh0?= =?utf-8?B?THE0Tzg5eFc1QkFrdWowUk5ZMENOQm1DcU5oaVptWlFhME1VMTg0MCtHb3Zu?= =?utf-8?B?N3AvdGZpUkJ0YkIwK0VOQlczcGFITFR2T1FkM1JaVmVMYnZ6ODZEYXVQdTBL?= =?utf-8?B?RWoyM3hvbnFDdFZEUTgwTExodHc2L2h3NFE0VnhWYVlCdVhibSs2VHIzdnBQ?= =?utf-8?B?WGJiNnpEY1ltbE5heFdDWkxoUGZaaGpsTDFyWnNPdkd1Sjl6OUdCN1pvTVla?= =?utf-8?B?RC9pcHl5MGV6RTY5WkFqa1d0ODRkWVUzRzRmaW14Q0xmQTlIYUZNU0krYmNG?= =?utf-8?B?aXdHUHpzeDFmT3phSjZpL0JnWUU4ZFRrQ01TMUR6RjMvaHNjbHNjUVkrMU1a?= =?utf-8?Q?98GsirY+xNH/EoGBRiLotBdC1Mi2vh8kTEh1ypf?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_EA6B8FE309B440508EE12CD1D9AB7FD0fbcom_"
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR15MB2681.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7efb984c-0fd9-4000-bc45-08d9601536a8
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Aug 2021 17:50:47.6453 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6oQOarM/nXOyG2HbU6u5bXkGEf/mOcRVwqydlftO2EKuqvv96fA8KfD25jGGTse0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR15MB1513
X-OriginatorOrg: fb.com
X-Proofpoint-ORIG-GUID: 4kqNaR6x61aU6W9VpMoTthgyJTbPLGPi
X-Proofpoint-GUID: 4kqNaR6x61aU6W9VpMoTthgyJTbPLGPi
X-Proofpoint-UnRewURL: 0 URL was un-rewritten
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-15_06:2021-08-13, 2021-08-15 signatures=0
X-Proofpoint-Spam-Details: rule=fb_default_notspam policy=fb_default score=0 spamscore=0 suspectscore=0 mlxlogscore=999 phishscore=0 mlxscore=0 bulkscore=0 impostorscore=0 clxscore=1015 malwarescore=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2107140000 definitions=main-2108150123
X-FB-Internal: deliver
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/rGv4Bmsc7pdFb74EQCD5Ajha-NA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Aug 2021 17:50:58 -0000

Oops, this was a reply to the wrong thread—meant for the tracing discussion (as likely one would infer).
-=R

From: QUIC <quic-bounces@ietf.org> on behalf of Roberto Peon <fenix=40fb.com@dmarc.ietf.org>
Date: Sunday, August 15, 2021 at 10:49 AM
To: Ryan Sleevi <ryan-ietf@sleevi.com>, Kazuho Oku <kazuhooku@gmail.com>
Cc: Jana Iyengar <jri.ietf@gmail.com>, Robin MARX <robin.marx@uhasselt.be>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt

My main concern would be side-channel attacks.
What kind of information can be gleaned by the size/timing of the trace as it is sent from one side to another?
What hypotheses does it allow an attacker to verify?
-=R

From: QUIC <quic-bounces@ietf.org> on behalf of Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Sunday, August 15, 2021 at 1:13 AM
To: Kazuho Oku <kazuhooku@gmail.com>
Cc: Jana Iyengar <jri.ietf@gmail.com>, Robin MARX <robin.marx@uhasselt.be>, IETF QUIC WG <quic@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Subject: Re: New Version Notification for draft-kazuho-httpbis-selftrace-00.txt



On Sat, Aug 14, 2021 at 8:24 PM Kazuho Oku <kazuhooku@gmail.com<mailto:kazuhooku@gmail.com>> wrote:


3) Relatedly, your POC seems to assume the browser will have just a single connection and a trace request in a second tab will auto map to that connection.
    That works fine for the POC, but for a real deployment that lets end-users fetch traces, you'd need built-in browser/client support to select a specific connection / fetch traces for all connections to a given origin.
     Not a big problem ofc, and things like Chrome's netlog export already do this, but still a practical hurdle.

Right. I would hope that it would be possible to implement this as a browser extension at least (with the assumption being that requests from a browser extension would be coalesced with other requests going to the same authority).

Unfortunately, browsers do not guarantee this property, and past efforts in the IETF to standardize features that assume this property (e.g. Token Binding) or in other SDOs (e.g. ETSI’s unfortunate design with regards to QWACs) end up not working in practice.

This is especially true as browsers look to segment connections even further, in relation to privacy properties unique to browser environments (e.g. CORS credentialless, as further expanded by COEP, or the fetch() specifications Network Partition Keys, or security isolation primitives to restrict extension access).

I don’t have much stake in this, other than flagging that any design that makes assumptions about connection properties to bits on screen are, generally, flawed assumptions. That’s not to preclude the possibility of direct browser integrations, should it prove useful and of demonstrable value to merit such implementation, although past efforts have failed to achieve that value relative to the complexities of such coupling.