IETF Logo Mail Archive

RE: Clarification of transport and HTTP version compatibility

Lucas Pardue <Lucas.Pardue@bbc.co.uk> Wed, 09 May 2018 21:43 UTC

Return-Path: <Lucas.Pardue@bbc.co.uk>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63DD712DB6E for <quic@ietfa.amsl.com>; Wed, 9 May 2018 14:43:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s9tWpGp-L81b for <quic@ietfa.amsl.com>; Wed, 9 May 2018 14:43:02 -0700 (PDT)
Received: from mailout0.cwwtf.bbc.co.uk (mailout0.cwwtf.bbc.co.uk [132.185.160.179]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2458A12DB6F for <quic@ietf.org>; Wed, 9 May 2018 14:42:58 -0700 (PDT)
Received: from BGB01XI1006.national.core.bbc.co.uk ([10.184.50.56]) by mailout0.cwwtf.bbc.co.uk (8.15.2/8.15.2) with ESMTP id w49Lgr1d025525; Wed, 9 May 2018 22:42:53 +0100 (BST)
Received: from BGB01XUD1012.national.core.bbc.co.uk ([10.161.14.10]) by BGB01XI1006.national.core.bbc.co.uk ([10.184.50.56]) with mapi id 14.03.0361.001; Wed, 9 May 2018 22:42:53 +0100
From: Lucas Pardue <Lucas.Pardue@bbc.co.uk>
To: Mike Bishop <mbishop@evequefou.be>, Sam Hurst-RD <samuelh@rd.bbc.co.uk>, IETF QUIC WG <quic@ietf.org>
Subject: RE: Clarification of transport and HTTP version compatibility
Thread-Topic: Clarification of transport and HTTP version compatibility
Thread-Index: AQHT56+xKCNEYXqr2EueYoxG7/YhOKQnk0UAgAAbrQ+AACLaAIAAFAPX
Date: Wed, 09 May 2018 21:42:52 +0000
Message-ID: <7CF7F94CB496BF4FAB1676F375F9666A3BB2B6A9@bgb01xud1012>
References: <906fdff3-8009-238b-998b-4ea515a2684d@rd.bbc.co.uk>, <SN1PR08MB1854826DACF0454471CB162DDA990@SN1PR08MB1854.namprd08.prod.outlook.com> <7CF7F94CB496BF4FAB1676F375F9666A3BB2B67C@bgb01xud1012>, <SN1PR08MB1854FC73444239C609552459DA990@SN1PR08MB1854.namprd08.prod.outlook.com>
In-Reply-To: <SN1PR08MB1854FC73444239C609552459DA990@SN1PR08MB1854.namprd08.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.19.161.213]
x-exclaimer-md-config: 1cd3ac1c-62e5-43f2-8404-6b688271c769
x-tm-as-product-ver: SMEX-11.0.0.4255-8.200.1013-23834.002
x-tm-as-result: No--15.322400-0.000000-31
x-tm-as-user-approved-sender: Yes
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/vOxm48oGNr6N1GZL-V7Uq8uWXn8>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 May 2018 21:43:04 -0000

I've not terribly familiar with the transport negotiation aspects, so I'm probably missing something sorry.

I guess what is not clear to me is the question, who is responsible for ensuring a sane answer is negotiated? (I suspect no one). It gets more annoying if the client is acting on information provided to it via Alt-Svc, which is quite liberal to from the sender perspective (there are some rules for the client defined in HTTP/QUIC 2.1.1.).

How I read things in the simple case was:

1) Transport version negotiation takes place and client chooses a version. Cryptographic handshake is next.
2) Client intitiates TLS 1.3 handshake with version info for revalidation, plus ALPN list of what it believes are application protocols that are compatible with the chosen version of QUIC.
   a) POSSIBILITY 1 in a pathological case it always sends the same list regardless of version.
3) Server selects an application protocol it believes is compatible with the chosen version of QUIC.
  b) POSSIBILITY 2 naive implementations just assume "hq" works for everything.
4) Client sends something the server is unhappy with and the connection bombs with a protocol error.

Cheers
Lucas
________________________________________
From: Mike Bishop [mbishop@evequefou.be]
Sent: 09 May 2018 22:01
To: Lucas Pardue; Sam Hurst-RD; IETF QUIC WG
Subject: RE: Clarification of transport and HTTP version compatibility

They *shouldn't* be unanticipated protocol errors, because both are negotiated.  I would expect (or at least hope) that these will manifest as negotiation failures at worst.

-----Original Message-----
From: Lucas Pardue [mailto:Lucas.Pardue@bbc.co.uk]
Sent: Wednesday, May 9, 2018 11:04 AM
To: Mike Bishop <mbishop@evequefou.be>; Sam Hurst-RD <samuelh@rd.bbc.co.uk>; IETF QUIC WG <quic@ietf.org>
Subject: RE: Clarification of transport and HTTP version compatibility

I think this all works fine in the current stage of specification.

Longer term, what is the failure case for interoperability where different implementations have  different rules for how to combine QUIC version and HTTP/QUIC version. Protocol error due to reception of unanticipated packets and or HTTP/QUIC frames?

Lucas
________________________________________
From: QUIC [quic-bounces@ietf.org] on behalf of Mike Bishop [mbishop@evequefou.be]
Sent: 09 May 2018 18:18
To: Sam Hurst-RD; IETF QUIC WG
Subject: RE: Clarification of transport and HTTP version compatibility

There's no firm restriction, no.  While I find it likely that draft deployments will choose to keep matching versions, the only restriction that the HTTP draft currently imposes is that it be a version of QUIC which uses TLS as the handshake protocol.

-----Original Message-----
From: QUIC <quic-bounces@ietf.org> On Behalf Of Samuel Hurst
Sent: Wednesday, May 9, 2018 9:05 AM
To: IETF QUIC WG <quic@ietf.org>
Subject: Clarification of transport and HTTP version compatibility

Hi all,

Does the quic-transport version and the HTTP mapping version have to match? For example, could you negotiate QUIC draft-11, but the HTTP side is still using an older version (such as draft-09 to avoid the requirement of QPACK)?

As far as I understand it, the QUIC transport version is negotiated as part of the TransportParams in the appropriate TLS extension, and the HTTP mapping version is negotiated by ALPN. So in the example above, would it be acceptable to negotiate 0xff00000a as the transport protocol version, and then have an ALPN string of "hq-09"?

I'm then assuming that a valid Alt-Svc header for my example could be as
follows:

Alt-Svc: hq-09=":4443";quic="ff00000a"

The quic-tls draft mentions in Section 9.1 "The application-layer protocol MAY restrict the QUIC version that it can operate over", but none of the quic-http drafts that I've read list any such restriction.
Therefore, I'm then further assuming that it's safe to run whatever version of the HTTP mapping I like, unless there's a compatibility matrix between the various specs that I'm missing?

Best Regards,
Sam



-----------------------------
http://www.bbc.co.uk
This e-mail (and any attachments) is confidential and
may contain personal views which are not the views of the BBC unless specifically stated.
If you have received it in
error, please delete it from your system.
Do not use, copy or disclose the
information in any way nor act in reliance on it and notify the sender
immediately.
Please note that the BBC monitors e-mails
sent or received.
Further communication will signify your consent to
this.
-----------------------------

v2.35.0 | Report a Bug | By Email | System Status