Re: Handling consensus on design issues identified during AD Review
Martin Thomson <mt@lowentropy.net> Tue, 20 October 2020 14:41 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 113603A0DCD for <quic@ietfa.amsl.com>; Tue, 20 Oct 2020 07:41:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=rsUYOsAo; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=rUm+24g/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LykXX7lGYUPF for <quic@ietfa.amsl.com>; Tue, 20 Oct 2020 07:41:12 -0700 (PDT)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64A943A0A85 for <quic@ietf.org>; Tue, 20 Oct 2020 07:41:12 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id C432E9E0 for <quic@ietf.org>; Tue, 20 Oct 2020 10:41:10 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute1.internal (MEProxy); Tue, 20 Oct 2020 10:41:10 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm3; bh=oSmss szsLWfzZ8BK2sGaUApGFhgYDm/goWJpbP5wCyQ=; b=rsUYOsAod/A8ipH7l/jHf J4dyBiGtHf45WKAqPzZZPB5p2TGcqE6dfeLFYPM5Fcu296ykzux2As1ec54crDo/ HGY3zYtoqbLAjV9hHBuceICXX/9YTazhJ1QyRVSPgwis51iCM4OOAv4cF/+mVy5M zuRPizz4xk5l9kxQ+T/MCfVlN2zWZ6rG14IOtBDhqfD48bV91OcoRj3qKp71R3Wq RvGzADwaOX8nn7BAxFe6eGlo6gh+TVO5qhIXHz/BIQvEaqbd0cT99gqdH90mDvrR 2+LAxXoBCWzbp/vGqAMII07DhM54XbDJfr1HIfG0fnGUtxonpey7oJFFkoxpTLDu w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=oSmssszsLWfzZ8BK2sGaUApGFhgYDm/goWJpbP5wC yQ=; b=rUm+24g/sXPxlkzf7MCAkhxJ1kVMA2ygwISx4rEPvsBJkWggt4c/3IwFq iGjrW4J85uZCNgI/V4HMjpMgLM2Qg+NX/TyDzAWrwM8UhGdHWyvtGG8lXOdwlYTV pzf+BykRLdGUUSd03yp7xDxmFEW+8XLBMf1ZCilF5MfQjg0vs2h50mayzAaWqpma acB65GfX+f4kZ5dsoGohqVuhO1Sql33oN6JHkOV18n3QPC+ub76hOXmyqSVs/eH9 /pr+JUhGSfVRPyJs/ILMr5dDmoAo/O8TsCuZXztIgNckSTCSb4VnX/PF33NpLJD9 V2jnDDVJ2adAY9szDsdHEGHBc1KWw==
X-ME-Sender: <xms:BfeOX4XPR3f7Rhqs0JU_z65CnvcIReUD7tbMqE-s6imuU5IoGQMr-A> <xme:BfeOX8n1ljq29JvJbPA-6KOBnfEc9z2MPikAdVsAY2IGq4UzoCwUoY8LKQ5L9JrJg usVsVw4CyojOBMDuA4>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrjeefgdejkecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgfgsehtqh ertderreejnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeejhfffleehvedufeejfe dvvdfhvdeiteduheeuffduveduueegleefffffledvfeenucffohhmrghinhepghhithhh uhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrh homhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:BfeOX8aUxW1H2Ifvc0VhUyDwIyYwqa2ROhLReEPToGw-XNgQAzCySg> <xmx:BfeOX3WoNWD1lIopJCSKCKyS_PxOlznE3hf0W4llIfOctEtn-J6rRA> <xmx:BfeOXymcUSrsabq5WAHhvPCVD_ByWlBHGU2P-Qo0ZWSPcnJETfuboA> <xmx:BveOX-zFrh83zbv_6HeFFTaozxRuorYBSNW5klT86E9JISkpaiEVGQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 93D1720075; Tue, 20 Oct 2020 10:41:09 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-502-gfef6c88-fm-20201019.001-gfef6c888
Mime-Version: 1.0
Message-Id: <0d3d9b02-2fc3-4a43-ba71-0d3056b92f17@www.fastmail.com>
In-Reply-To: <CANatvzwgVRGnJN_HCCDvYwZh7ix4=NEV7a_HOJPb1tnNUokSyw@mail.gmail.com>
References: <77CE8B82-23CB-40D0-B28C-B2BC1BEABED3@eggert.org> <CANatvzwgVRGnJN_HCCDvYwZh7ix4=NEV7a_HOJPb1tnNUokSyw@mail.gmail.com>
Date: Wed, 21 Oct 2020 01:40:46 +1100
From: Martin Thomson <mt@lowentropy.net>
To: quic@ietf.org
Subject: Re: Handling consensus on design issues identified during AD Review
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/vJ67Z3DA83IX0aUU828rzINyipo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2020 14:41:14 -0000
Kazuho has identified the set of changes that I too think we should take. Thanks Kazuho. On Wed, Oct 21, 2020, at 01:32, Kazuho Oku wrote: > Thanks to chairs / editors / ADs for pushing the draft forward. > > My comments inline. > > 2020年10月20日(火) 21:32 Lars Eggert <lars@eggert.org>: > > Hi, > > > > we are getting very close to publishing a new set of drafts that address Magnus' AD Review comments and will then be taken to IETF Last Call. > > > > The vast majority of changes were editorial, but there were three "design" issues that changed the protocol in non-editorial ways, for which we need to confirm WG consensus. These issues are: > > > > * #4183 Handshake failure (infinite ping-pong) when path MTU is asymmetric > > https://github.com/quicwg/base-drafts/issues/4183 > > Just to make sure, the solution is #4188 (merged on GitHub). > https://github.com/quicwg/base-drafts/pull/4188 > > > * #4216 Connection Migration Failure when Path MTU is asymmetric > > https://github.com/quicwg/base-drafts/issues/4216 > > The solution is #4226 (open on GitHub). > https://github.com/quicwg/base-drafts/pull/4226 > > > * #3701 The QUIC-TLS draft should define anti-forgery limits for packet lengths up to 2^16 > > https://github.com/quicwg/base-drafts/issues/3701 > > The solution is #4175 (merged on GitHub). > https://github.com/quicwg/base-drafts/pull/4175 > > Regarding #4183 and #4216, I have a tiny preference, in short, I think > #4253 (PR #4254) should be merged as part of the pair. > https://github.com/quicwg/base-drafts/pull/4254 > > The two issues cover the same problem: how to fail when the MTU of the > path in one direction is below 1200 bytes. Both say "MUST pad to > datagrams to at least 1200 bytes," and that's fine. OTOH, #4183 says > that a receiver MAY close the connection if the sender fails to meet > the padding requirement. #4216 does not provide guidance to the > receiver side. > > For #4216, it is my understanding that we have to state that the > receiver MUST NOT try to enforce the behavior of the sender, as the > size of UDP datagrams is not authenticated. Ignoring unauthenticated > signal is the basis of a secure transport protocol. That in turn raises > the question on if the guidance that we adopted in #4183 (i.e. MAY > close) has been correct. To be precise, it is questionable if Initial > packets are "authenticated," as they are not protected by keys only > known to the endpoints. But still, it sticks out from the design > principle of a secure transport protocol. > > That's why I think we should merge #4254 alongside the other two, so > that we'd be principled, that we'd have less rules. > > > > > > > The resolutions for these issues are linked from the respective issue pages, and will be merged into the text of the upcoming draft revisions, together with the editorial changes. > > > > Instead of performing a separate WG Last Call and further delaying the start of the IETF Last Call, we've agreed with our AD to judge WG consensus on these design changes as part of the IETF Last Call. > > > > Thanks, > > Lars and Lucas > > > -- > Kazuho Oku
- Handling consensus on design issues identified du… Lars Eggert
- Re: Handling consensus on design issues identifie… Kazuho Oku
- Re: Handling consensus on design issues identifie… Martin Thomson
- Re: Handling consensus on design issues identifie… Ian Swett