IETF Logo Mail Archive

Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS

Roberto Peon <fenix@fb.com> Fri, 27 September 2019 17:11 UTC

Return-Path: <prvs=417305f952=fenix@fb.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF8CB120A7A for <quic@ietfa.amsl.com>; Fri, 27 Sep 2019 10:11:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=XxBh1U9d; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=LNQVPks0
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T-ogjke81kxg for <quic@ietfa.amsl.com>; Fri, 27 Sep 2019 10:11:44 -0700 (PDT)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DAB24120A7B for <quic@ietf.org>; Fri, 27 Sep 2019 10:11:44 -0700 (PDT)
Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x8RH3MBL025773; Fri, 27 Sep 2019 10:11:40 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=facebook; bh=d1NWND9FiL9cMzXQ/diKYghb5MewC7/fGf4CARPeXbc=; b=XxBh1U9dZAhOqzIrnecltyyT3KHn8/NN8fGtZLATc26ECGb8Ck63JvDMNoXuJ2EDKVye GYWr9xCgnH5fnNy+xCcgRGmfFC5ifSlPnni/XtpABEhKyf8nB3Ms22BOYSpM49t4iCC6 Ei6a0wvqG8iG2TmYFJOIDMrpzjKWEPW3sEg=
Received: from mail.thefacebook.com (mailout.thefacebook.com [199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2v8cg2juqy-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 27 Sep 2019 10:11:39 -0700
Received: from prn-mbx05.TheFacebook.com (2620:10d:c081:6::19) by prn-hub03.TheFacebook.com (2620:10d:c081:35::127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1713.5; Fri, 27 Sep 2019 10:11:39 -0700
Received: from prn-hub03.TheFacebook.com (2620:10d:c081:35::127) by prn-mbx05.TheFacebook.com (2620:10d:c081:6::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1713.5; Fri, 27 Sep 2019 10:11:38 -0700
Received: from NAM01-BN3-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1713.5 via Frontend Transport; Fri, 27 Sep 2019 10:11:38 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l2WHrWfaDXkJiHgnRMdX5ydRXc1E4+y7dPtrH6erMLa3IW6FCMFO/6fesXhhzYMTLcS9k+vkEvpDs/0hMfjTuqgpCRksOh8BUZiV+wtsNtnLiReEHsJ1PHn+dGfhYDuCefowr+6Hl9QYbFPrVVMc0jELnoSGVoybuUsiuNMZnZYQtkvEmuvhYFIY4vxQgOGJHiBVf2dLM8YB0bHQLwQt2O+7AGdzkoDInJm51+NlOpgaWOt3x8gp6tOKxMAXa87OsCAb8gxtjm30Ipq3Vc5X19U/jxzfZ7/BqQbSQmAy0dnAwhIXNVhDxyEbi7kRjuaNCQOi5joj5+Vb+4sqYFTeew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d1NWND9FiL9cMzXQ/diKYghb5MewC7/fGf4CARPeXbc=; b=AM2LtUVNS4/sEuuWEG5QNUJKdTnYmk7YiBQ72QNv14fUjZChhKT6O29VKMfMx7ywLg4hrSGrqri+my3tuGbBK+eh+Y9NZb3yRHM8g3NzDeMv1wsvUbUphOSVtqHgL9FSDA4909PSSMEGygnNwV/Xrs8vUsG1Q8kasPMYF+Pm3IyprzC1dMUEbBA6n7upw/EXNEF6nh+gTwigIxFyoNmk1J1rEG5j2iLfakCONoanw6JDIR/gNO169b/ObmDvlX2U7sz1cf2ZjSOsTLUhTsxNnrbH4jHmgQEAT8d9KTKv6iv4hXbpkuPvj19m/iCy3fQaPnZzjPxk7JH7qqw98EM5Uw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fb.com; dmarc=pass action=none header.from=fb.com; dkim=pass header.d=fb.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector2-fb-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d1NWND9FiL9cMzXQ/diKYghb5MewC7/fGf4CARPeXbc=; b=LNQVPks0L1frUhczEvoB5STTJl6hMen61GNMMo0De6qgVA8yhGZWT6pGHWJEhXCttmyV9NgOHu0CTm4kZNtON92PtImK2zC5XZq2Tj+RiaI0c1ym0LCi1P9sMoTabvTGoVqBGTtiWB6NF1qWzIBJ7kGzxnMugcEwOwugtCTR6Lo=
Received: from CY4PR15MB1542.namprd15.prod.outlook.com (10.172.160.9) by CY4PR15MB1351.namprd15.prod.outlook.com (10.172.158.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.20; Fri, 27 Sep 2019 17:11:37 +0000
Received: from CY4PR15MB1542.namprd15.prod.outlook.com ([fe80::a075:101e:5766:7e43]) by CY4PR15MB1542.namprd15.prod.outlook.com ([fe80::a075:101e:5766:7e43%5]) with mapi id 15.20.2305.017; Fri, 27 Sep 2019 17:11:36 +0000
From: Roberto Peon <fenix@fb.com>
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, Christian Huitema <huitema@huitema.net>, Nick Harper <nharper=40google.com@dmarc.ietf.org>
CC: IETF QUIC WG <quic@ietf.org>
Subject: Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS
Thread-Topic: Add application parameters to QUIC handshake and use it for H3 SETTINGS
Thread-Index: AQHVdM3PBXQIxVSM7kqKthpvjkHe5ac+0ceAgAAj6gCAABDqAIAAR6uA
Date: Fri, 27 Sep 2019 17:11:36 +0000
Message-ID: <B99CB7BB-44A4-430C-B8D8-0F399C1BA2C1@fb.com>
References: <CACdeXiLEnvmqmxSgXbvAwEo0rgm-F59RL2sk0Ugu6PNuiDkfsw@mail.gmail.com> <c22f8e1d-887e-1bef-799f-47e4f3151966@huitema.net> <CACdeXiJhC+gOKKj49CTh7JfOPFsy0=6fG69Fy=GH=280+aGdOw@mail.gmail.com> <CAN1APdc-qTH-E+GMhvGbamYMJhfg7UYpoBWqAVEvrSy2hfzAkg@mail.gmail.com>
In-Reply-To: <CAN1APdc-qTH-E+GMhvGbamYMJhfg7UYpoBWqAVEvrSy2hfzAkg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1b.0.190715
x-originating-ip: [98.234.190.115]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d4523eb4-a1ee-4323-98c9-08d7436dc147
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:CY4PR15MB1351;
x-ms-traffictypediagnostic: CY4PR15MB1351:
x-microsoft-antispam-prvs: <CY4PR15MB1351E569AB001661B72F98A0CD810@CY4PR15MB1351.namprd15.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0173C6D4D5
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(39860400002)(376002)(396003)(366004)(136003)(199004)(189003)(478600001)(8936002)(316002)(446003)(6116002)(3846002)(8676002)(110136005)(58126008)(64756008)(53546011)(71200400001)(486006)(66476007)(26005)(66556008)(66446008)(7736002)(36756003)(6506007)(186003)(11346002)(66946007)(2616005)(476003)(5660300002)(76116006)(81166006)(71190400001)(256004)(91956017)(6512007)(54896002)(4326008)(229853002)(6306002)(6486002)(25786009)(561944003)(76176011)(14454004)(2906002)(102836004)(99286004)(86362001)(66574012)(6246003)(33656002)(66066001)(236005)(81156014)(6436002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR15MB1351; H:CY4PR15MB1542.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: qANUbmcXI3hz7/nXT29mCbAmrJIH/Zt8SZpkS6KRodTvUr/SNrwnT6qwtOrGdobCDBu5+KjygR/j1qEHootEfeW51deN6OCZQm/nfh+CgnU5MSIOiO6pCG5NenmvDH7uir7M6v8yLN7FO/swGGWKQqfMVcZwwFoGq6OqjM9kYoQGMVt93e6d4wIrDDNtsm49oGwAWtNMrIOYtdClqx6ZRxyjBEwPZDeX9bCHb3QSLEhR/ZUCJN+wAgZaBUsFKqawjatWlO2HOkMzrWcdHTp4ddOO4S0Dmw4RnHRsJmhjaJy+7h2VTHBMsirZnb20LYfrbUtPbAeK1UH0lPuZe6JixmlEjJVKJL+eLoUwZOBmrCz7QUbQa47+SckPEcE8dXqkA/YtQkOhMuLBvHgDzEBBGOTMg4zH0dPLnCYvqO0Wrcc=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_B99CB7BB44A4430CB8D80F399C1BA2C1fbcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: d4523eb4-a1ee-4323-98c9-08d7436dc147
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Sep 2019 17:11:36.6916 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: MUV//sYXPJ/nPb6OPzV4u23BkBSGq5vDKQen5pgOuzSF9gfEZSgCNFmqPq0ld/Qv
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR15MB1351
X-OriginatorOrg: fb.com
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-09-27_08:2019-09-25,2019-09-27 signatures=0
X-Proofpoint-Spam-Details: rule=fb_default_notspam policy=fb_default score=0 clxscore=1011 adultscore=0 suspectscore=0 mlxlogscore=999 bulkscore=0 impostorscore=0 phishscore=0 malwarescore=0 lowpriorityscore=0 spamscore=0 mlxscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1909270147
X-FB-Internal: deliver
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/vaa-h-kZJDvNXpJDk0LvbSbXRDM>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Sep 2019 17:11:55 -0000

My preference would be to have a facility that would allow an application to ensure that some limited/constant-size data is in every packet that it sends until it gets an ACK.

This would allow control messages to be sent reliably, but avoid the HoL blocking issues.
The real issue that, I believe, we’re trying to solve here is to ensure that the first packet has everything in it that is needed for interpretation/settings, etc.

I also believe that this could be of use in a number of other HoL-prevention things.

It is my opinion that this is a QUICv2 feature, if it becomes something we’d want at all.
-=R

From: QUIC <quic-bounces@ietf.org> on behalf of Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Date: Thursday, September 26, 2019 at 10:55 PM
To: Christian Huitema <huitema@huitema.net>, Nick Harper <nharper=40google.com@dmarc.ietf.org>
Cc: IETF QUIC WG <quic@ietf.org>
Subject: Re: Add application parameters to QUIC handshake and use it for H3 SETTINGS

Not arguing against the usefulness of such a feature, and aside from already mentioned privacy issues:

It seems to be possible to facilitate a man-in-the-middle attack on application parameters unless the application takes counter-measures which would complicate matters and likely introduce delays anyway.

I also wonder how this would work with 0-RTT since it cannot be assumed that application parameters would be remembered across connenctions.



On 27 September 2019 at 06.55.02, Nick Harper (nharper=40google.com@dmarc.ietf.org<mailto:nharper=40google.com@dmarc.ietf.org>) wrote:
On Thu, Sep 26, 2019 at 7:48 PM Christian Huitema <huitema@huitema.net<mailto:huitema@huitema.net>> wrote:
>
> On 9/26/2019 2:51 PM, Nick Harper wrote:
>
> > I propose introducing application parameters to the QUIC handshake and
> > using this new mechanism for H3 SETTINGS instead of sending them as
> > the first thing in the control stream. Application parameters would
> > allow applications using QUIC to advertise or negotiate
> > application-specific parameters during the cryptographic and transport
> > handshake. It would guarantee that the client and server have
> > exchanged their application parameters once the handshake is complete.
> >
> > Specifically, I’m proposing a new “application_layer_parameters”
> > transport parameter, which when sent by the client is a series of ALPN
> > identifiers with an opaque blob of application parameters per
> > identifier, and when sent by the server is a single opaque blob of
> > application parameters for the application identified in the ALPN
> > extension.
>
>
> I am a tad concerned with the privacy aspects of this proposal, at least
> on the client side. Currently, the settings frame is sent encrypted in
> 0-RTT or 1-RTT packets. With your proposal, it would be sent in
> clear-text, allowing very easy fingerprinting of clients.
>
> -- Christian Huitema
>

Yes, this does provide a fingerprinting vector. Transport Parameters
also provide a fingerprinting vector with about 10 parameters that
could reasonably be used for fingerprinting, compared to the 3 we have
in H3. The nature of both of those sets of parameters is that they'd
likely fingerprint implementations but not individual clients.

In terms of the application parameters design, individual applications
can choose whether or not they want to use them in the client flight
or just the server flight. We could keep client SETTINGS in the
control stream and only put server SETTINGS in application parameters.

v2.23.0 | Report a Bug | By Email