RE: Greasing the QUIC Bit

Mike Bishop <mbishop@evequefou.be> Thu, 02 July 2020 20:38 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFEF33A0AB1 for <quic@ietfa.amsl.com>; Thu, 2 Jul 2020 13:38:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gAZIPNjGbocz for <quic@ietfa.amsl.com>; Thu, 2 Jul 2020 13:38:43 -0700 (PDT)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2092.outbound.protection.outlook.com [40.107.243.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E7C63A0AAF for <quic@ietf.org>; Thu, 2 Jul 2020 13:38:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TsWZNShRlr2ljjRJRa7o7TZi5hZ0AJwDQI/ajZaxpzc4UXAaYJ2qKfPwEsAxWrGdBvucm3hTrRB1fcz7W8abIkUm0xCqsr3R9ZpyUJo8lR+5TRmLiZRgGhvGJXLH9wYVY3GyS+NEkU5pWMxB49D/PM4Tmv5JVFvE7iD2b7PS5GTR8UH59IOu5y5PzaCehZwDTo+RshDv74xfXZLcxrh6ra/FOjX1QW1T16jTQTGP1ZxcCinbvJ18Ud5GWtffX1phODeIcedLjx7YJngk9toGdyHLf5cubxJWNhvc1j0ahI1X7Mm3dCYa7/8QItXieswHP8s/8od3CPU4zGtgLnmNBw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3ZATvRt6msp32AVjcvGE1PSJi01yctxLZgw9/R6S1Uo=; b=irhTxIBFsADAlSi4BzeHfjDftm7We4HuCYHuLA26a7cxJhXhBPz2Jv5CStwbg/0XMzTuXvitpRoI6x2fPeUj4B9CyXcXBE7N9n7BFMouzVoKQREtntSmTpNgbJTF9igPBzfS3NlpiiVZZSeUfmK6Qt9hyS9+neZ8uECSQWy6aGAgDTCGC1otNMzvtRp8X9U6eEIpncfz3bWWiChyHD7HSW/kCBznCYgBot7nWSETb/qV371WC/zhNz5/jZW3mV7g+sYbhyElbjw0sz93r8VGr9TXMvzLP8ef+ygg8euAzVJyonjOPhmS0yDVCTls00RklxaFNgn0QDJ/2SmIsWoI5w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3ZATvRt6msp32AVjcvGE1PSJi01yctxLZgw9/R6S1Uo=; b=XogIsnf85PphF5OaaeHtGUXXgSruDr8zaWy6mZM6s8z5H1KxdjQeun3APdeupp7Vv6McrJl6XvDkf8uX3ddWbM1i9MO3ThHRkLRlisAnuM4k9LWqAYxAQyj9CFjjnZvc2JNzQ7vUlAdChTFEiK+LK6e2hxxlXZD6BwzZB36a+oo=
Received: from CH2PR22MB2086.namprd22.prod.outlook.com (2603:10b6:610:8c::8) by CH2PR22MB2070.namprd22.prod.outlook.com (2603:10b6:610:5c::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20; Thu, 2 Jul 2020 20:38:41 +0000
Received: from CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::f0e6:8202:6056:a596]) by CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::f0e6:8202:6056:a596%3]) with mapi id 15.20.3153.022; Thu, 2 Jul 2020 20:38:40 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Martin Thomson <mt@lowentropy.net>, "quic@ietf.org" <quic@ietf.org>
Subject: RE: Greasing the QUIC Bit
Thread-Topic: Greasing the QUIC Bit
Thread-Index: AQHWUGAyASHAGcBTf06DhEh5hoRNmKj0wDxA
Date: Thu, 2 Jul 2020 20:38:40 +0000
Message-ID: <CH2PR22MB2086FD91E42AC403D85DC42FDA6D0@CH2PR22MB2086.namprd22.prod.outlook.com>
References: <5943e1bd-fba9-473b-a20f-7992ad0579ab@www.fastmail.com>
In-Reply-To: <5943e1bd-fba9-473b-a20f-7992ad0579ab@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: lowentropy.net; dkim=none (message not signed) header.d=none;lowentropy.net; dmarc=none action=none header.from=evequefou.be;
x-originating-ip: [72.49.212.17]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ca753c76-bc58-4ff2-1d3b-08d81ec7e7c5
x-ms-traffictypediagnostic: CH2PR22MB2070:
x-microsoft-antispam-prvs: <CH2PR22MB207053B9BCB4F94AD0981983DA6D0@CH2PR22MB2070.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 0452022BE1
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: AG+gNeWNpG1kCjmuYBYmOF85cN2nsw9iEspywe0pG0Km5l7cGI4sgThN/RaYEJr7E9mwLEPdd3ke/vVbr6nNginW25x9GTmcx0wA4T6dZNnCrNZGWMTucHrqENtqh3dw/B1FdZkQFGPm5y9f1G5P4eFAXRnKO/8ZiluY7lUVnJSQuP9w7Uc+bGC5Xf5RD4sbeVv2W2m80V14JXzwiyHjWkIIPewDLp7n0xRHYA4QAfvcFnGgikgDZKdJ8s30Jo6tTz9mc7BmVBRrgn9eaHPvzQYyS9ZFewoeCZXIIopIzdzmRYu1O4GYL0YtOmi8b77yrYXmKv9JUqrXD4DoHkMtuJqqh2uYMg6+U6mvmQWzS/YnTxnYWEmlfOB96udU9378s03c4A7OfnTgeTLdkHpetA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR22MB2086.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(346002)(396003)(376002)(39830400003)(136003)(366004)(186003)(64756008)(66446008)(66556008)(66476007)(83380400001)(76116006)(7696005)(3480700007)(71200400001)(5660300002)(966005)(33656002)(2906002)(508600001)(8936002)(8676002)(9686003)(316002)(55016002)(86362001)(52536014)(66946007)(110136005)(53546011)(26005)(6506007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: irpsI+wFx8cbXg+BVW3nrnWSlNLLnxyhnlBbpIcVFxk4VK9nOKf9Qu3dY/zV4J0WU2RGs23dZRu8OQsI442g3Pr8OxXhfvCrHdkJvuha+apM0IgoT5zDVMbFxflfbRwEK5jktf2Snn2NVTlGHkMGpKEd4VYRbPjCtKhrOQN5IL0Qz+HzV1Ghas7Y9ymS9nHFNS8R9OkMBkQ4GbxiKP6C7RUzAChuTQN61Q3LwT43P5ibnTxyubQEpn+R7po5mDTZZB8TPToLOu55fO3SgmwWaCdKjUMpjy6hC3nFZ+P5bFusZeJ/feWH3RnVQFkd+S/cUA+o766EgT5Bfr5kUGEBCjW6UnVu6Wc/ZMhcvU+eD5kJMlIeSN4lta6lPshQqvf8xA1rIdCU4ovOovaoHZs6iDHuyvFMRsU+656KU43A9EoiopZdQ2n0h0oJTsZoMv/xif3uTmP41H/nDRyuPyxW5ztqVTSAwQipYNcH6US6E28=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR22MB2086.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ca753c76-bc58-4ff2-1d3b-08d81ec7e7c5
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jul 2020 20:38:40.6823 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IqVPMrNvjX2OLazQJpoZm4ZXZRrGJ/T+YIsM+1jV5QFe8hswcMhP7M9kLBRMvqCBseQbe0fppAt5rL3Rob3UbA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR22MB2070
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/_7LNBA9lisLK9a-OAB3VRrPDdlQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2020 20:38:45 -0000

Seems like the most straightforward way to grease it to be extending header protection to cover that bit as well.  It's always set to 1, but you change the mask you're using on the first byte of header protection and get instant variability, just like the reserved bits.  I'm surprised the document doesn't mention that way of implementing it, even if it's hardly the only way to achieve an "unpredictable value."

-----Original Message-----
From: QUIC <quic-bounces@ietf.org> On Behalf Of Martin Thomson
Sent: Thursday, July 2, 2020 7:01 AM
To: quic@ietf.org
Subject: Greasing the QUIC Bit

The QUIC Bit (aka. the bit in the first byte that is fixed to 1) is one of the few things that doesn't change in QUIC.

That's a shame, so I wrote a draft explaining how that might not need to be true forever.  This might be a little too optimistic for some, but I thought that it was worth the time needed to write it up:

https://tools.ietf.org/html/draft-thomson-quic-bit-grease-00

Mostly this is so I had something to work with while I was working out GitHub Actions.  But I am considering implementing it still.