IETF Logo Mail Archive

Re: Back to work

Eric Kinnear <ekinnear@apple.com> Thu, 29 October 2020 02:13 UTC

Return-Path: <ekinnear@apple.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 388A93A0B20 for <quic@ietfa.amsl.com>; Wed, 28 Oct 2020 19:13:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0DYsovQNdksQ for <quic@ietfa.amsl.com>; Wed, 28 Oct 2020 19:13:39 -0700 (PDT)
Received: from ma1-aaemail-dr-lapp02.apple.com (ma1-aaemail-dr-lapp02.apple.com [17.171.2.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0DA43A0B22 for <quic@ietf.org>; Wed, 28 Oct 2020 19:13:39 -0700 (PDT)
Received: from pps.filterd (ma1-aaemail-dr-lapp02.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp02.apple.com (8.16.0.42/8.16.0.42) with SMTP id 09T289FN022823; Wed, 28 Oct 2020 19:13:32 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=MQYB0cBzW8vYLTAC2pFSRBTumPdsO21knjtcIbbpMZo=; b=ddn7yt1AVxEVpgf3iLmym2AOkF870u6UIhsdB12+tlNFUd6ATsXnjN5B8bTuVxPQC77g pWP6sJj4M0nQFA2CQlsevRfv5Wl7RxJkyBDA4GyD+CTalw+2t8UqzS66RP9vtQcTuApH k/YI/HoJPwjunRPXaWIrXa7Wnce1xVAiOVzPAypMx5YT4YzRbK57yhQnMpEt32wQ77d9 d+hpgz3Y+3oM1UjPoLU8mWSQidXffaVUvvRhr/jT/oIwssiWHnbwc0o0Zm6V9/QgyWsV /YEK/aPpIxub6K8RAFzbrlP7DYVLHURNl1x6CGoS3Ih+rmzxeJ90NFMwwOD24fJR8F8J 3Q==
Received: from rn-mailsvcp-mta-lapp02.rno.apple.com (rn-mailsvcp-mta-lapp02.rno.apple.com [10.225.203.150]) by ma1-aaemail-dr-lapp02.apple.com with ESMTP id 34cgxwgsmd-18 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 28 Oct 2020 19:13:32 -0700
Received: from rn-mailsvcp-mmp-lapp04.rno.apple.com (rn-mailsvcp-mmp-lapp04.rno.apple.com [17.179.253.17]) by rn-mailsvcp-mta-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) with ESMTPS id <0QIX00KQJY6JB1G0@rn-mailsvcp-mta-lapp02.rno.apple.com>; Wed, 28 Oct 2020 19:13:31 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp04.rno.apple.com by rn-mailsvcp-mmp-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) id <0QIX00700Y1XPF00@rn-mailsvcp-mmp-lapp04.rno.apple.com>; Wed, 28 Oct 2020 19:13:31 -0700 (PDT)
X-Va-A:
X-Va-T-CD: 058bbac8ca772bcfc9e38720b87faa94
X-Va-E-CD: f9547cdfcf1db34a2e58b4894fc4b8f8
X-Va-R-CD: 2ba71f0fef3449a5a37d3b7967c49b1e
X-Va-CD: 0
X-Va-ID: f75b559b-3104-41e9-9e46-8a083ebfea83
X-V-A:
X-V-T-CD: 058bbac8ca772bcfc9e38720b87faa94
X-V-E-CD: f9547cdfcf1db34a2e58b4894fc4b8f8
X-V-R-CD: 2ba71f0fef3449a5a37d3b7967c49b1e
X-V-CD: 0
X-V-ID: 9a9f9965-2ab7-4c30-abb3-62bf817854f1
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-10-28_09:2020-10-28, 2020-10-28 signatures=0
Received: from [17.232.168.180] (unknown [17.232.168.180]) by rn-mailsvcp-mmp-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.6.20200729 64bit (built Jul 29 2020)) with ESMTPSA id <0QIX00C1NY6IT600@rn-mailsvcp-mmp-lapp04.rno.apple.com>; Wed, 28 Oct 2020 19:13:31 -0700 (PDT)
From: Eric Kinnear <ekinnear@apple.com>
Message-id: <59211AC5-0D72-4295-9E67-DA0BF5B92965@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_322F211E-D572-466D-90F1-88F7769E2FD4"
MIME-version: 1.0 (Mac OS X Mail 14.0 \(3654.0.3.2.91\))
Subject: Re: Back to work
Date: Wed, 28 Oct 2020 19:13:30 -0700
In-reply-to: <cc9aca43-7556-7fed-8ef8-1b5343316a0d@huitema.net>
Cc: Jana Iyengar <jri.ietf@gmail.com>, Ian Swett <ianswett=40google.com@dmarc.ietf.org>, Magnus Westerlund <magnus.westerlund@ericsson.com>, Martin Duke <martin.h.duke@gmail.com>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, "quic@ietf.org" <quic@ietf.org>, Martin Thomson <mt@lowentropy.net>
To: Christian Huitema <huitema@huitema.net>
References: <0f150dec-e408-48bf-8e54-05e3e96e7a85@www.fastmail.com> <CALZ3u+a1fBq1MB52H-h-JYY=OOkOo9=jEu7smNVeyy_9U3abEw@mail.gmail.com> <CAKcm_gNoB=nP050VRfw5MXAAw-HhpnKHp6pAx9onaA4a5CH5-Q@mail.gmail.com> <b80cf41524865c171712bfcfca7ef92e2a472044.camel@ericsson.com> <efe63bdf-7af2-49c0-932d-3a36de61bdd6@www.fastmail.com> <41A07550-1BFA-43E6-83A0-93FA96DF1E9B@apple.com> <CAN1APddS_qtMoUiUL9uwtAB3rXuAQ0NmiipXGDkS4hcA5od6Ag@mail.gmail.com> <CAKcm_gOcuuF_REWszJyYC6eO6swavMD3D9VnzgJTHEwEAXOsnw@mail.gmail.com> <CAM4esxT2kD6U-Hb5cOSfykBPvTmboEozqqiYiFF63ywxstm-LQ@mail.gmail.com> <CAKcm_gPzEgEssO3LMyW=t9tvbsRrLQBJ7M=2mxySs3H-YUXF5A@mail.gmail.com> <CACpbDceKFAVZ=Vrvj8ZoOj95TNfkCqNrpLh8FOBMBUBU=Qx_eQ@mail.gmail.com> <cc9aca43-7556-7fed-8ef8-1b5343316a0d@huitema.net>
X-Mailer: Apple Mail (2.3654.0.3.2.91)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-10-28_09:2020-10-28, 2020-10-28 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/rbvmtPiBhv9gdu5D3RJIEFosxh4>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Oct 2020 02:13:41 -0000

I was originally shying a bit away from that option, Christian, but the more I think about it the less painful it seems: back out the padding requirement, add in a note that “after a new path has been validated, endpoints can/should/must do PMTUD to validate the MTU on that path”. 

The natural responses that an endpoint goes through during path validation (or abrupt migration) leave it with either a working or failing path when trying to migrate; this was always the case and is no more or less the case due to MTU concerns. 

Alternately, you also note that we might want to avoid forcing the server specifically to send large packets — in my opinion, that would be another equally valid way to tackle this: require the padding only for PATH_CHALLENGES sent from the client and any PATH_RESPONSE to a padded challenge.
That’s really nice in a number of ways, especially for the MOTS cases where I can make the server think that every new packet is on a new path, etc.

So… lots of words to say: I very much agree with what you’re saying. :) 

It seems like these would be good options to use if we think that there’s something we don’t like about the 3x limit (perhaps how it interacts with NAT rebinding). Otherwise, the 3x limit is nice and general.

How worried are we about the 3x limit?

Thanks,
Eric


> On Oct 28, 2020, at 5:41 PM, Christian Huitema <huitema@huitema.net> wrote:
> 
> 
> On 10/28/2020 5:17 PM, Jana Iyengar wrote:
>> I like the universality of the 3x limit. The reasoning applies broadly
>> and there's no reason to separately reason about how a server responds
>> to new addresses, be it at the start of a connection or
>> mid-connection. Overall, I have a few minor suggestions to make, but
>> I'm happy with the way the PR is headed.
> 
> 
> I think that we can devise proper solutions for "organized migrations",
> such as requiring both receipt and acknowledgement of a long enough
> packet before validating a path. I am not going to belabor that. But NAT
> traversal is a can of worms, and some of the norms are going to bite us.
> 
> I order to support NAT traversal, we request servers to take action if
> they see a packet arriving from a new address of the client. This opens
> a huge hole through which enterprising MOTS or "specially crafted
> clients" can harass servers. We have an OK defense: send a challenge to
> both old and new IP to force "proof of address ownership". That defense
> is OK because it uses minimal length packets, and thus does not cause
> too much amplification. I think we should leave it at that, and not
> force the server to send large packets. There is a need to then validate
> that the path can carry traffic, which will happen naturally when the
> server tries to send a large packet. But if the server only sends these
> large packets after address ownership has been verified, things ought to
> be quite good.
> 
> -- Christian Huitema
> 
>

v2.23.0 | Report a Bug | By Email