Re: UDP Ports and QUIC version

Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com> Fri, 26 November 2021 15:10 UTC

Return-Path: <zaheduzzaman.sarker@ericsson.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35F373A0780 for <quic@ietfa.amsl.com>; Fri, 26 Nov 2021 07:10:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.802
X-Spam-Level:
X-Spam-Status: No, score=-2.802 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.701, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cs58GFw1jeBN for <quic@ietfa.amsl.com>; Fri, 26 Nov 2021 07:10:30 -0800 (PST)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30063.outbound.protection.outlook.com [40.107.3.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E22D3A0784 for <quic@ietf.org>; Fri, 26 Nov 2021 07:10:30 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FHM/kiFbPjcTGnWjZjFpp5zp2m67oQhsMZMfR6JduWquj5HZiWTFI7zUJNOmRY9YHCTaPHE3dbp5jC6mp6eIJ2DdUTxAIuKv84bWcu1+eRb4eE9PZsluLX2q9HotApcPM5ctLH+Y0DFPCZMv1nOsjiRp30ZwRMV95boZjIr+aEOnFBD+0pgx6VCQbvtqNgZ4IvErcP1lgkc0Zry8OMhUR/euyYakWtt9ri1IkgqI3janQYnZWsPpOn4j1LpkeuPKOTjWzXRroZjM5AJVIMqs2qklN0mMxMt1SAXd0zWaSgR6zrs9GNeQlNrb2BSkDguBr5Zsxpxsuec+hSiHJHRc9w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/14AiEM45NyiUiG/sglRsZWB80YCQrVnwcpS9IHlFKc=; b=f1vm28vvHpNS+HRaVJVeO9Do0AGTWlOjVskgc6ltZcRjLicUuLpS+PacrBkPG1FyaHr+v9CEdUzBJXuKe7nrFO7+mgTKGguk/IDibZ4nbrja+nF/ZFOvGIoEvXD1qTw9CDkjvwBQJN3otmFx36iXcGpRzIT+zCld3o3i96laCxlHT/QO7X9lbzYiVbLgefFV9hTcCQMniRERrEETa3GVAmZ5bziPsE4cUEiFtLfRN2GwtorPKRyK1qe3SQGSS2Io4qLncsx79HS+BWOCOGox+15AAxn2rYBlSQV+ydhNs0SSmyAccBzn7mQTk7b1IFspYpuXqOa4FT5jyRhxFH8c3w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/14AiEM45NyiUiG/sglRsZWB80YCQrVnwcpS9IHlFKc=; b=jB8sRw6PxCSR06d8pqeMPBhipWOgDwnl0I2Md1xXDUzD1ikudaxbP3igBCRYaMbZGj/yCf5B6iq5nc4ze/nK0v/3JVtQzowO5nUTy1yR5HSfgnVIjP+pnTNlGlQHdpZMT4ofC2SP1EGhJHusks3TKN5VijkDP8ghC8iZEDuU+mc=
Received: from AM0PR07MB4178.eurprd07.prod.outlook.com (2603:10a6:208:b7::31) by AM9PR07MB7330.eurprd07.prod.outlook.com (2603:10a6:20b:2c1::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4734.14; Fri, 26 Nov 2021 15:10:26 +0000
Received: from AM0PR07MB4178.eurprd07.prod.outlook.com ([fe80::cc43:63d6:3084:382c]) by AM0PR07MB4178.eurprd07.prod.outlook.com ([fe80::cc43:63d6:3084:382c%2]) with mapi id 15.20.4734.017; Fri, 26 Nov 2021 15:10:26 +0000
From: Zaheduzzaman Sarker <zaheduzzaman.sarker@ericsson.com>
To: Christian Huitema <huitema@huitema.net>, Paul Vixie <paul@redbarn.org>, IETF QUIC WG <quic@ietf.org>
Subject: Re: UDP Ports and QUIC version
Thread-Topic: UDP Ports and QUIC version
Thread-Index: AQHX4WORiD7Q3nPKtU+2NIdOnFULZ6wTB7qAgAAR1ICAAAQsgIAAAzgAgALchQA=
Date: Fri, 26 Nov 2021 15:10:26 +0000
Message-ID: <2494D27D-BA2A-46AA-86D7-3FEFDA01394F@ericsson.com>
References: <CAM4esxRqTdYYSw5EMkLXjnRdhsYOgW1BDjVHdxG01md5dkEwCw@mail.gmail.com> <20211124185823.GU6443@akamai.com> <07540fa9-92e3-1c13-2965-f884aca7c795@huitema.net> <c0cfff38-50b5-4f55-25f3-b308da74b04e@redbarn.org> <05e1ff85-d21a-d485-03f4-179be0feb528@huitema.net>
In-Reply-To: <05e1ff85-d21a-d485-03f4-179be0feb528@huitema.net>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.55.21111400
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6a81a963-6477-408d-485d-08d9b0eee096
x-ms-traffictypediagnostic: AM9PR07MB7330:
x-microsoft-antispam-prvs: <AM9PR07MB73308B7F72313FAE58E7CEBE9F639@AM9PR07MB7330.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: GmARNcUxXX1kknpuZyKNgtzc2kpwGbbGQmplMb+lDSt3E0jmOVe3PNXlERQV1SA52gtvL1sv2PwdOOyQpwrA561IBcbYidqph36xk1jm8QC+4JE5q2e2onsMymRIfWsWv/sHviGN5FBox0wmjFj1OZJo4Cdmd5uGwD1X7oNBLIsIz4rMWtYfEW3MgW4G95sK8IYOt/OAVPdt8X9hK1tGNf/nI+Eaq4lnCoydKyT5/3gy6tJWvGEcYMaCwHv0wlLVOHrb6mQxhdqyeH4Sp1UVPIy9RTA+Ny9QGnYsQggCHj+ByV3RiTTvy35oilbTs/hDkoz9CaQ2f/KtL9YqLT4az4o8+uy3U2F+AdNau+0H9hMOUDiXyRTKjDhO6jwY4wqjCxrIoPnCWcipA36cYzUfD3b0T0M3BKm1SAv4tyoLTHd8BRV2t/vum1WokC3zw+JFEJIng+OYYq9pIGlz424hFlZoanhOfbURYalMKf4fwimKQN8SmdJoxd13sR896iGxTKibWbcMjqttCNa2rlkVtW5yYTCEQp6+KWykeK8YgWQM5cahxe14YU58DwYbEAF+Tgeh1C5uLMaZYsOWqzwdgIcl0vfOYVtBPiaNO9RjmSrAes5DVZd6TcERLxOCo8dlNYSVv35xJLKDka8j6g7EkEP3Z+XMfWrVTF/OJkQAowP4vjD1JBX8vAy1ryPnCycUkzuMXM8xIerXZtDPYTqJD5OywH7jVDMKgoI/vpCJjmscOqW+hnoOPGtZUUk+1hyBt0tB1mbrVMqHdYEWt66lsbLccc40hrwSbdbS8nB15WzZ/8u9+6baAc33oA85ANIm3V0ljqRD4/1Ae/hhBTJYpQuFYQCF+RDz13BjxC8cNeNQBXZH+LMt+dpCiED7uPbc
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB4178.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(26005)(53546011)(71200400001)(6506007)(4001150100001)(86362001)(38100700002)(66946007)(82960400001)(38070700005)(5660300002)(91956017)(66476007)(186003)(36756003)(66556008)(66446008)(8676002)(2906002)(33656002)(64756008)(110136005)(83380400001)(2616005)(6486002)(508600001)(8936002)(6512007)(76116006)(122000001)(316002)(44832011)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?utf-8?B?L2F4N2lxeTE4YUQ2RHdYWVdXMWVPVHJjTkRoTlVRYWZiN3k1MDFNQUROSzFw?= =?utf-8?B?R29FVGNRellPRVo1TG1xUFhXbTFhYWhCaitLbGg3OVdRR21iSUtRNGkwdlBM?= =?utf-8?B?ZnFTTVlWKzNpamVnRDl6YmJIQm95dlBqTkRtVW84WFF0c0ZxM09KZjVsRmVC?= =?utf-8?B?SjVaZXJKUktnMWZIaUxWNEZmai84KzF4REI4U2pxaHllcnlQM3c2SVJhZHRp?= =?utf-8?B?MkhRYk12WlJkMGV1Qi82TkVIVUs4SW9CWXFJLzlaU2dpMGppVGhBOHQyUlI0?= =?utf-8?B?WWNPRkN5cWxldEU0ZjRPWGMraFN6Mmx6cEpFY2dtTmRTbllmZ3pVcUJHK3Np?= =?utf-8?B?TGNDSE9PYTR1bUQ3b0R3Ly9pcThpUzF1d3A1WVR4QzJBenR6MHdMRDNWVkJk?= =?utf-8?B?eVdlL091NUlLUDF5QkVJSFZPVzR0UzFvenNnY1R2QmIwcXppa0xQS09ZSVAw?= =?utf-8?B?Qisxb1VFVW0vM2dIeTBLcjdVNEFJa0RDeGQvbUdyYkZhRWN1NU9pWk5OYjFX?= =?utf-8?B?ZVA5Q1FjTWFUbVdBRzMwNFZRcjkrYVR5YzN1Mm02cmQ2RnhTbVBncTc5bFFS?= =?utf-8?B?UVJmbUR1Y0Z3QTY1ZGhLbWlCUTd6VllsN05sd2NrK3EwS1N0a1VzQWRkMVls?= =?utf-8?B?bVg3T1lTWC9MbEYyTXFZTDhHQjBMQURxK1YxMUdCelZsQzRrNmZZOWR4VE5T?= =?utf-8?B?clZQSDV1SHhQbjlLOFd3YUFyRnFIa1VVZEdRRFZxcTExV3dES1NTR0pyR1Yv?= =?utf-8?B?bkFaVFVlczdyWXZLUzdpRVhacXdmZU85M3Z1cjUxZm4zVmVtTzJ5czlwcFB1?= =?utf-8?B?U1ZRNmdaQjJ0VXNWSXNBZHFDYkdJRG5IViszS2plb0orMTFzMFNuQU90NWVL?= =?utf-8?B?RmU3SGFFNVdvZHBqSDM5d1V4eCtZTzhwdk5RK01adXFMazdoci9NUllSc1dW?= =?utf-8?B?QWxxbEhVZE02eXdGUnEwYlFQWUoxS2EwYkpKWXJCQ0dMQlZVSytyQWduMGVo?= =?utf-8?B?b0NxSmkya0IxUURGb1RHdWgvUVpPM0tYRS9BQU9OZGF4NHZGdWVvNEZpcTA4?= =?utf-8?B?d0ZPMmc0VXJGdGc0OU5XYThEWnYvUXJNczQybGhxUVVIblJGaVBFSEtZTm54?= =?utf-8?B?MmtUbTlxMXdiakhYSmcvVElmdFpIMkpCZXBST1ZPdEZGTEtQQnlidVlLYU1F?= =?utf-8?B?ZkNxTmJ3dndCMnFQODh1YmlJNDQxRFRTSU9iV3E5SlhFTVRhQ1BFMnhkZlpD?= =?utf-8?B?SDFVaTNoV1hFYi9SSHRSVlcyTmxMb09oQXVqVk9zWVlWa0t1R0EyRkZ5bGpP?= =?utf-8?B?RE1EVVRMcUZNSnpYZTRGa1FtSEhubDFSWnBZUGVpM2FzSGRXT0JPREdXMFlk?= =?utf-8?B?bGVFR3pxem1Ld2g1WThsQkxWaVpHdUMwUTQ5bkdkdENlcytSWjQ1VUxLSVEr?= =?utf-8?B?cmJSb0c5QTJGa21UK3JEY1RPaUU0cldlWmdqQlBZeDBzQ2h6Wlg2Z0RmUjlW?= =?utf-8?B?NFZxK3RzeHhYb1BuRktrR1ZyeTIvbTc1K2NBbGdvWm9nNktuTDMrUE5tMnpX?= =?utf-8?B?WFFBekZIdHNWSWIvZlJrVVZ4UGdzeXRkYktmTFRwY2tMSUFONkR2c21zV0Vo?= =?utf-8?B?M0lON0hJbTd2a2R0dXVwVlNFRUo3cnJvUjJSZUV0b2diUWhrdUhyV29pOWxp?= =?utf-8?B?eXppOWsyNmJ5STFkYWt6SWhxUnlJSlljYWhwSlVvZnJUL3N3QTlaQU1MZk1l?= =?utf-8?B?Q2dwQVdFMFFMTkIzSys5aWswdEpzdkhUeHBuOFlncS9DMEk1TWJLSGtjQXpI?= =?utf-8?B?V3drUVJqUEtlTnIzZDMyTGl1emVLaDRZaTBOOWc4RlJtR3FaQTREWThDaHBI?= =?utf-8?B?U1NmQXhEbDdHTG16RW5BLzR3ZFo0Y1dqR0o0LzBHT1FBREw4Q2haTWRrakl3?= =?utf-8?B?MmpyWXJiY09XblNWRlZUUm83TE8zQVJmV2lJVWVxMm94OW1BeitqRXAzYUV4?= =?utf-8?B?QXN2R0pYdHBuQjBLOHU1bVV2QkFyYmtIa0I3Q1JRS1crY2w0aGF4ZUZORGZu?= =?utf-8?B?dEpsRnlrajRZajhqVWRqTUdkbU9Dck5ETjdYb2ZzamE5OTV2Ynd6ZmxwYmRx?= =?utf-8?B?cHVxODFqdjA4b2FKb1VhT3hiT2hZQmZaZGZBZmRkT3ExTDlxV1JUbDJCcUlO?= =?utf-8?B?S3hucVYzWUU3a2RNa3JDRXBqWDhMVThIRDdQTEw0YWM2eS9ZeXpYMDdZT2xQ?= =?utf-8?B?bGQxcmt4VkVmM2ZqU1R6TVpidklSZll1WmsvNEpNSENWSXMrdkVyTzNzdTg5?= =?utf-8?B?VCtORlFpd2FOSUNaWStWNzJ6TlVFV0d3Q3Y3UzVqZy9jbzl0MURhUT09?=
Content-Type: text/plain; charset="utf-8"
Content-ID: <6EDF09CE11E21F47BA62585646CF93F9@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB4178.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6a81a963-6477-408d-485d-08d9b0eee096
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Nov 2021 15:10:26.5336 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: IBLqro2rk0/V8rmMCoakDcoxw//lTnaz2B7+f7fAmYLFuFvW+vVa9kBfbQ7+cCh45H+TFks1r3eTY6FRphDMYmGRyXSdMONIrvhc2uvFBTSVd5zcWUKuXtSyCDbu2fBZ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR07MB7330
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/uWEnP1Ef8ScLvW79B_NO88f4nEs>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Nov 2021 15:10:36 -0000

Reading this thread made me worder if we should cover this analysis in the applicability draft or not. I have opened an issue regarding this (https://github.com/quicwg/ops-drafts/issues/428#issue-1064583264). 

BR
Zahed

´╗┐On 2021-11-24, 21:29, "QUIC on behalf of Christian Huitema" <quic-bounces@ietf.org on behalf of huitema@huitema.net> wrote:


    On 11/24/2021 12:17 PM, Paul Vixie wrote:
    >
    >
    > Christian Huitema wrote on 2021-11-24 12:02:
    >> ...
    >>
    >> Note that port 853 is a bit of a special case. TCP port 853 was first 
    >> reserved for DNS over TLS. UDP port 853 was then reserved for DNS 
    >> over DTLS, which was defined in an experimental RFC. Turns out that 
    >> several years later we are not aware of any deployment of DNS over 
    >> DTLS. So we believe that having UDP port 853 for DNS over QUIC and 
    >> TCP port 853 for DNS over TLS would keep the nice symmetry that was 
    >> originally intended. 
    >
    > who is "we"?
    The DNS over QUIC draft authors. Sorry, I should have specified.
    >
    >> It would for example make management of firewalls easier, "port 853 
    >> is encrypted DNS for both UDP and TCP". The downside would the case 
    >> of servers trying to run both DNS over QUIC and DNS over DTLS. We 
    >> don't know any such server, but it is nice to have a fallback 
    >> mechanism in the unforeseen case of some server somewhere trying to 
    >> do that. The ability of multiplexing QUIC and DTLS on the same port 
    >> gives us that.
    >
    > i likewise think UDP/853 for both DoD and DoQ is fine.
    >
    > the reason for widespread lack of deployment of DoT (TCP/853) and DoD 
    > (UDP/853) is simply because the TLS (middleware) supply chain does not 
    > broadly know how to authenticate a server whose domain name is 
    > unknown. that is, all DNS has at the time it wishes to transmit some 
    > kinds of queries is an IP6/IP4 address. putting these into 
    > presentation form and comparing the certificate's common name with 
    > that converted string can be done, but the logic to do so is in the 
    > TLS library not the DNS server. so, deployment of DoD (DTLS, UDP/853) 
    > is "stuck" at the moment.

    Yes. In theory, practical solutions must exist. In practice, we need 
    practice...

    -- Christian Huitema