IETF Logo Mail Archive

Re: Packet number encryption

Jana Iyengar <jri@google.com> Mon, 05 February 2018 04:34 UTC

Return-Path: <jri@google.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6402126DED for <quic@ietfa.amsl.com>; Sun, 4 Feb 2018 20:34:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ATajxbXVZDt5 for <quic@ietfa.amsl.com>; Sun, 4 Feb 2018 20:34:39 -0800 (PST)
Received: from mail-yw0-x22e.google.com (mail-yw0-x22e.google.com [IPv6:2607:f8b0:4002:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92D67126CD6 for <quic@ietf.org>; Sun, 4 Feb 2018 20:34:39 -0800 (PST)
Received: by mail-yw0-x22e.google.com with SMTP id v196so17511958ywc.6 for <quic@ietf.org>; Sun, 04 Feb 2018 20:34:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=C8dpgAAzCmeNNyjvNu9xVts1vYoXSx5sqddSagf1SWQ=; b=Nr5rNlIiOpQZks+iyGfDBD/W4WmtDfCYgVOLk+2WH8a8uKq3QLUnkTAsa2b5im/zGt 2YksNFEvoi6i/CuOC1IGGel42Fvw6Y1nhiRQ/knGGwvJB+bQ55L38hxG1hbbrvg6bcVU XdjAfGUNjduXmyitKIrPmMC4fsg+POv4+VhQSxO4r61j+PcWe9luKH/hgGu1C6q1/UIg RjIING6JGwxk0/105gLp+sTDIAmNYEsM1xw9ijWYriIALpANOOEnR9U04iZQepSAS37n iv2AA/D/MRtz91DhNPV7QREEJbOc5ZDYHnGlqdPEYfj36c3A8tBcRst5bJlsSDxKbFvY tf0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=C8dpgAAzCmeNNyjvNu9xVts1vYoXSx5sqddSagf1SWQ=; b=SuUX2bRRuEbgPFaZtWMxyE3RxZHl6uldtwsMjudhYUfbdmPgKufvU3B4N4p4p0RUJM oK6hRgg2WqwA28RT3x+rd3rGfjSm6Io+t/Nwlgg7GRg91fEe++8hTVbkbL7aOKoWNlE8 26w7/6MICbanHLB+rapZHSKLjN1gOzrWgAu+Q37Hjfkk7Lrw9TTw1+GAnRsi5nasxZiK g6gmrM7abW/CfdZic1NP3gQlVxusmJMCfZUq2aJ3zvUDdn1OU4mhO73SEQ6pXC7Ro0yt SzTpHFOEh8xzkVjMlapmahfX/3GGabXPcTEgReMk7HtEc8SciqCigi3y89nCP22iXypa zctw==
X-Gm-Message-State: AKwxytdw/FBrlNUCNO05mtITBR1Z2dIn6Q1/HurnmiyA9+LpWhaaOu6w o96T+kC6YF71E1RYA9Adi2THev/2+P54nxXiqi0CzQ==
X-Google-Smtp-Source: AH8x227ZZxByu86DhYBU+1u57XsTzF/Qeupad4SnQ/1yAx/yHwmsUKaw33MTykX6y+iIpb6RodW7LWgrW7fimuOEZYg=
X-Received: by 10.129.112.207 with SMTP id l198mr32084315ywc.139.1517805278251; Sun, 04 Feb 2018 20:34:38 -0800 (PST)
MIME-Version: 1.0
Received: by 10.37.135.77 with HTTP; Sun, 4 Feb 2018 20:34:37 -0800 (PST)
In-Reply-To: <2CD9DC43-D69B-43F0-8474-DFE798850A52@akamai.com>
References: <CABkgnnVyo3MmWtVULiV=FJTnR528qfY8-OmKGWAs0bCvri-a_g@mail.gmail.com> <1F7FB3B8-A94C-4354-9944-FB09FB8DB68B@trammell.ch> <CABcZeBMbwdwyC9TxxHBLYaZKfNB-FG2wCGjqUZ_mNR-A1R47FA@mail.gmail.com> <9096e5ec-581e-875a-b1dd-bff0b05206fd@huitema.net> <CABkgnnWRQSAufwPss+qf=xAzCwRYeNNH8XLPm3yFaHxOb+ba4g@mail.gmail.com> <BF80500A-6277-45DC-8525-9C3FE138B76D@tik.ee.ethz.ch> <5A7191E0.6010003@erg.abdn.ac.uk> <5214AD93-8376-4B25-922F-AF5551CC2E95@netapp.com> <F990E064-E6F8-41A3-B791-F776C9955E15@nokia.com> <CAGD1bZab0GaZFsHwC+nw3AxxC4VusxMJ6oDanzk3dSDdWKAXdw@mail.gmail.com> <2C515BE8694C6F4B9B6A578BCAC32E2F83BA1443@MBX021-W3-CA-2.exch021.domain.local> <BY2PR15MB07757473DB9788558B902EB5CDF80@BY2PR15MB0775.namprd15.prod.outlook.com> <6E58094ECC8D8344914996DAD28F1CCD861B7F@DGGEMM506-MBX.china.huawei.com> <e529144067624fcba636fc8c24ee3ff4@usma1ex-dag1mb5.msg.corp.akamai.com> <BY2PR15MB07754D83A1721F2BD742359BCDFE0@BY2PR15MB0775.namprd15.prod.outlook.com> <2CD9DC43-D69B-43F0-8474-DFE798850A52@akamai.com>
From: Jana Iyengar <jri@google.com>
Date: Sun, 04 Feb 2018 20:34:37 -0800
Message-ID: <CAGD1bZaUuNxqpDkn62B0wWcFD8=mCUWrAwWGG-rAOxH7Mf1=cQ@mail.gmail.com>
Subject: Re: Packet number encryption
To: "Salz, Rich" <rsalz@akamai.com>
Cc: Roberto Peon <fenix@fb.com>, "Lubashev, Igor" <ilubashe@akamai.com>, QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0b14847361ee05646f94ea"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/xtQXhw1KAf6hhiAVMFDBDTmBDsY>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Feb 2018 04:34:42 -0000

Privacy-protection can't be a user choice, for the reasons others have
noted on this thread.

That said, my primary argument is for encryption to avoid ossification. Not
that it matters now, but I'll note that much of GQUIC's original motivation
for encrypting headers was to avoid ossification.

I'll reiterate that fields we expose will get ossified and there are
long-term ecosystem effects to this. Let me illustrate this with precisely
the packet number field. Middleboxes commonly assume that a TCP flow can
only handle packets in-order. This assumption comes from the fact that TCP
implementations get poor performance when packets are reordered. This was
definitely true for implementations of TCP, but that is TCP's problem, not
the network's. However, almost all load-balancers I know of now will pin
all packets within a TCP flow to one path, leading to sub-optimal
performance in the network, and destroying incentives for the endpoints to
deploy reordering-resilient TCP implementations (even though there are
plenty of ways of doing this.)

Exposing QUIC's packet number field (as any field) is likely to have
similar consequences and a similar ecosystem arc.


On Sun, Feb 4, 2018 at 7:51 PM, Salz, Rich <rsalz@akamai.com> wrote:

> > Optional security tends to devolve to non-secure.
>
>
>
> That’s a great aphorism.  And sadly all too true.
>

v2.23.0 | Report a Bug | By Email