IETF Logo Mail Archive

Re: Getting to consensus on packet number encryption

Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Tue, 01 May 2018 15:47 UTC

Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB68212E8AE for <quic@ietfa.amsl.com>; Tue, 1 May 2018 08:47:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V2XE-VY0Jz4X for <quic@ietfa.amsl.com>; Tue, 1 May 2018 08:47:40 -0700 (PDT)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3980412DA70 for <quic@ietf.org>; Tue, 1 May 2018 08:47:40 -0700 (PDT)
Received: by mail-yw0-x231.google.com with SMTP id u83-v6so3653657ywc.4 for <quic@ietf.org>; Tue, 01 May 2018 08:47:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=NFz6QjGUF8b4FnTmChXGPpSiPm/ku9uMUI73nBMyqPo=; b=r5PrxJeItS+fWlz4BBP9fhhKb76aTcrRUOgtonyLCxvGXSPkHIVNEXAFF7XwSi4doR 0nWMG3ltsoyhvG7qg6HJyN/El/PJQvpiJFTshkM6Wyt65Se5pSQUYzWPO0eSTOJ05eq3 /FZ/Ef3a8TfKggG5zOIQPKfW/1Ssng4Noenz+sUERBhe2TpOF5UCtRgx+sMHj5Fj+Hbq BC+k0VXip40YeT/Z9W+nyyHPfnwe0hbJ6ZDJVMl4nuiCkKdmT5MvICCqP7VCF7DOUhNE eahzyZ5glx98JCfvdQ4trt8nKh1rESWIlE21WmXziJZn+LFxR2QILk+bwgCPLWy3PwUh vj8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=NFz6QjGUF8b4FnTmChXGPpSiPm/ku9uMUI73nBMyqPo=; b=irOoAeAQNex79tCYMb+LpWRmlH4OmuSz68hhNS1cXfyE4v60dqGg2puz5i94HCN8wG 6zaDnR5uk8Nqwt4puoU5xVw5PqNdWDedT4mL9dY9zwOtuaKaZL5n0LGy4Lcb+wkNE+rL ljpEfkZChJfXwapnFonoIf071FY78Ke59j/wte7afObOZ+yjXmE+ep8LZPktV0KSs9ar GLd2IbB4fOz+usvqTCNrK96LYE8LZxfJoEud+dY4JG6ZbxD+AMjMccwDt0OarK6YxJ8l AdMQ0wzYICiPrfVDFW1M/J4lauIy9OBE5B/WMTTBW7BUPKMHmS9BM5uYmFO6b1m26+jM YiFw==
X-Gm-Message-State: ALQs6tBm6X8Q6WYr1B2aPRqgpy3Z2CAiZv4YdcjN/H0sLUiVfgcDd2IM YAEyKCk/Qd65DF02x9M4U8ssA580ykbAh7nCZCkH9w==
X-Google-Smtp-Source: AB8JxZp5/CDUEpUFATOaCbcDHa76GTMElMsvGqSEnkU4rpS2PrY4I1e364EY7n22somLiLWDHLxVYlGn37+Jfx+BKFM=
X-Received: by 2002:a81:788b:: with SMTP id t133-v6mr8282942ywc.19.1525189659189; Tue, 01 May 2018 08:47:39 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a25:d014:0:0:0:0:0 with HTTP; Tue, 1 May 2018 08:47:38 -0700 (PDT)
In-Reply-To: <20180501121906.GA5742@akamai.com>
References: <CANatvzwCYrOZULG3iVmDFp97nr=M5=Gufo8TZjOGQVFUpsn0bQ@mail.gmail.com> <CAAedzxqDcPXJUE83KVnDiU23PvqDcTCrc6rRMw09FexjJA-Y6Q@mail.gmail.com> <CANatvzwjYE6EdvFtOXJMVQnutbVQ4YY+=XsQFzKwHzqWzZ4U+w@mail.gmail.com> <d32ade7b56bf4651952659307c08893b@usma1ex-dag1mb5.msg.corp.akamai.com> <CANatvzwHtCn8rLB8npf3i7PGyYZhVDRd2uojh5hv3uxtFPEsSA@mail.gmail.com> <58447D8E-782C-431C-8FC3-71124B10A047@trammell.ch> <CACpbDcdfF9w3qqrH1eB0sGU_4vheD9aMP5EXnp1o3Y19N19NUg@mail.gmail.com> <e8b4931a-3931-5b8d-8dad-3ca1939d5542@huitema.net> <CAKcm_gPaj3o-VTdA_0+Kk+nTcVJrYcs_BMyOiDGXKub3gB=GLg@mail.gmail.com> <MWHPR21MB063869878060E850137210FEB6820@MWHPR21MB0638.namprd21.prod.outlook.com> <20180501121906.GA5742@akamai.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Tue, 01 May 2018 10:47:38 -0500
Message-ID: <CAKKJt-dgPP8FbP0=tEpm5vf99C9qXKYRWN0PY3dzfphqdBGypw@mail.gmail.com>
Subject: Re: Getting to consensus on packet number encryption
To: Benjamin Kaduk <bkaduk=40akamai.com@dmarc.ietf.org>
Cc: Praveen Balasubramanian <pravb=40microsoft.com@dmarc.ietf.org>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d9e713056b26e36f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/xzZij3eekJ5d2ZDhqDbYA0Ct_Aw>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 May 2018 15:47:43 -0000

FWIW,

On Tue, May 1, 2018 at 7:19 AM, Benjamin Kaduk <
bkaduk=40akamai.com@dmarc.ietf.org> wrote:

> On Mon, Apr 30, 2018 at 09:55:31PM +0000, Praveen Balasubramanian wrote:
> > I disagree that we need any more data for not doing PNE in the
> datacenter. Why would we add an extra encrypt-decrypt step for no obvious
> benefit? The cost of this operation will keep magnifying as UDP performance
> improves. We have several optimizations planned for UDP, but short of
> hardware offload, none for crypto – this is an important trend to account
> for performance wise. For short packets like ACKs an extra encrypt decrypt
> step can become a large fraction of CPU cost over time.
>
> There is benefit in uniformity and simplicity of implementation; I concede
> that
> the claimed potential benefits about the middlebox ecosystem are
> speculative,
> but the simplicity seems clear to me.
>
> With respect to the cost of the crypto, yes we have some numbers, but
> AFAICT we
> don't have a great view for how they will fit into the broader picture as
> implementations mature, so to some extent the estimate of the magnitude of
> growing cost of crypto is also a speculative position.  (Also, who is the
> "we"
> that has several optimizations planned?)
>
> In other words, how do we know this is not premature optimization?
> Shouldn't
> we wait until we have actual performance numbers before doing lots of
> optimization?


I can't speak to whether this optimization is premature, but I do suspect
that if more people were looking at more actual performance numbers, this
conversation might converge more quickly ...


> I was under the impression that QUIC versions were going to be
> lightweight, so putting out v1 with mandatory PNE would not preclude
> quickly
> following with a V3 that adapts to any discovered performance concerns,
> whether
> for datacenter usage or otherwise.
>

Yeah, about that ...

I've been asking in a few places - most recently, at
https://datatracker.ietf.org/meeting/101/materials/minutes-101-quic-00.html
- about version appearance rates, and I haven't heard answers that sounded
like the working group had strong agreement that versions were going to
roll out pretty quickly. For example, from that conversation, I got

Spencer (as AD): *[deleted first three points, to get to] *4. (as Spencer)
don't have a good feeling about version negotiating and how much we might
roll them.

mnot: not going to wait 5 years for v2.


So, the chairs can correct me (and should, and they have before on other
topics), but I think I've heard a lot of "we don't have to get everything
perfect in QUICv1, because there will be other versions", and not a lot of
"and the other versions will appear pretty quickly".

I don't know what all the participants are thinking, but that's what the
people who are talking have been saying to me.

IMO, of course.

Spencer, as individual


> -Ben
>
>

v2.23.0 | Report a Bug | By Email