IETF Logo Mail Archive

Re: [saag] [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt

Tom Herbert <tom@herbertland.com> Tue, 05 November 2019 04:36 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EABDC12003F for <saag@ietfa.amsl.com>; Mon, 4 Nov 2019 20:36:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a2BEwDGw1Qlh for <saag@ietfa.amsl.com>; Mon, 4 Nov 2019 20:36:26 -0800 (PST)
Received: from mail-ed1-x533.google.com (mail-ed1-x533.google.com [IPv6:2a00:1450:4864:20::533]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A842312000F for <saag@ietf.org>; Mon, 4 Nov 2019 20:36:25 -0800 (PST)
Received: by mail-ed1-x533.google.com with SMTP id m13so8684155edv.9 for <saag@ietf.org>; Mon, 04 Nov 2019 20:36:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=yKtl12sE2aQzP7ZrfUsuEs1Dj7jhl+9kOCh0RfL8H1w=; b=thMNi9H51B0XCuqNvUcOGzAZN+OYJgq7VE6VIAEWSunZwh0HwyM6auSc/r9+kNpBjt eJZjuWyl0aTa7syXwBjVjbKrCbDovJW6e9G64O/zyii5g9PAp/ovgMxoQczqj4TbNJp9 JpE0IrvTbk2CE3PLE5jfkaasGHF1L7h8/kXIE/XZNagWv5Ipe8Hx8VsSpkGAXz8sOcKL 4PAa56zDf7HYCV4or3QNXsWw0CXkLEoLHZ6yExe/SsUtzvZ86+oNDDNSyyWIRAG8mia1 NNaMQ9KPMly5DjiFa/5wSSXrm1IJ7YJxQ8FyvNnHwMWmytVRzQMHDndZKDjTq9z5pE5G IkBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=yKtl12sE2aQzP7ZrfUsuEs1Dj7jhl+9kOCh0RfL8H1w=; b=gyC8xm4hlBC9TMS2ZtceFbKY/VgTxts1iTKea3/ZfwVxvOEFZ89KmjdM/tRa5m3jk8 /HfqJ0ZWKxgBm7UhMJPzXAGxOHNG5uhhqB6WdIeOQS/QF+TFpcKEQSahLRES6wjRD3md GrFisNYwVkTJgq4BP0QAl4inZJYG9a0Z6Bemmq0yec0Le24QGET3Rb0Wu/xMkINeHy+c Rh/e2rd3Xbnkc9P6ZZWjw7/cLjHMf4MbsQVPzbYgn0QD6XrYSMtToOn88Wdkj5hbrPTG 6VhpEPUTshLxMp+u/Rn39g5GiDEFKNHEWYx/xL4DnzWPbaPl+bbTuYLMCS+yyHv4k1uy KEQw==
X-Gm-Message-State: APjAAAWC6idcfe0AkgNY2DFtjkURddNu+2KTGg6TVvrJu1ZAoo8SQeTr 6M4EamldOSPdAxoyleZtjhHtM4dEvCuFBcB5l7QXeA==
X-Google-Smtp-Source: APXvYqxMfIMpufXgVSsxg0qMwqyZ3Ywo9JoQtqF6BkRyRkac0RXWzEXR2BJvLXuopNEsPMRbG2gFuhJea5nE/40xMQM=
X-Received: by 2002:a17:906:c801:: with SMTP id cx1mr28032724ejb.266.1572928583969; Mon, 04 Nov 2019 20:36:23 -0800 (PST)
MIME-Version: 1.0
References: <CABcZeBPajzuEdw8=M1g1i-TAniJ9O+H5dEMxv8c6N3tD=7mSvw@mail.gmail.com> <CALx6S35bSAa_zq=HsF-3e9qC-vRNFRu6dn+O4ak4Hi+c=Tmz5A@mail.gmail.com> <bbb870cd-033b-4a99-ba0c-fbd9c965660b@www.fastmail.com>
In-Reply-To: <bbb870cd-033b-4a99-ba0c-fbd9c965660b@www.fastmail.com>
From: Tom Herbert <tom@herbertland.com>
Date: Mon, 04 Nov 2019 20:36:12 -0800
Message-ID: <CALx6S36YQSX2yGaqpK7cVrGdKg1JqBpwuYPD9YxeDy3Dd_Gk8w@mail.gmail.com>
To: Martin Thomson <mt@lowentropy.net>
Cc: saag@ietf.org, tsvwg <tsvwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/gOp3QmSaYjRwg27dPloHpEaTFxQ>
Subject: Re: [saag] [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2019 04:36:28 -0000

On Sun, Nov 3, 2019 at 7:18 PM Martin Thomson <mt@lowentropy.net> wrote:
>
> On Mon, Nov 4, 2019, at 13:15, Tom Herbert wrote:
> > QUIC presents a problem in itself since the QUIC harders are inside
> > the UDP payload so intermediate devices end up needing to parse the
> > UDP transport payload. I believe the only way to identify a QUIC
> > packet is by matching port numbers, but per RFC7605 interpretation of
> > port numbers in the middle of the network is prone to
> > misinterpretation. Eventually, something that looks like a QUIC packet
> > based on port number will be misinterpreted. Looking at
> > draft-ietf-quic-transport-23, I don't see any discussion about this or
> > reference to RFC7605.
>
> Please refer to draft-ietf-quic-manageability for that discussion.
>
Martin,

I looked at that draft. While it does mention RFC7605, the explanation
for how non-QUIC packets that match port 443 aren't misinterpreted
isn't particularly satisfying. Other than assuming port number match
is sufficient, the recommended approach seems to be for middleboxes to
track flows by handshake. But, that then requires state to be
maintained and implies that packets for the flow must be consistently
be routed through the same device (a common problem for any stateful
device in the network). I don't think the QUIC spin bit serves as an
exemplar for reliably exposing transport layer information in a
transport protocol that is otherwise encrypted.

Tom

> Note that while there has been extensive discussion on what QUIC should expose in terms of loss and latency, I recall relatively little discussion about distinguishing QUIC from other protocols outside of the narrow context of ensuring that QUIC can be effectively multiplexed with certain other protocols.
>
> My sense is that some people are assuming that they can use port numbers, which are fraught for the reasons you identify.  Others might choose to infer the use of QUIC using the "QUIC bit": the 0x40 bit in QUIC version 1 is fixed.
>
> Personally, I think that endpoints are not obligated to signal which protocol they are using to the network.  Maybe the QUIC bit is that signal and I'm just in denial.  I guess we'll see whether I can send packets with a 0 value for that bit...
>
> > This can be contrasted to putting the information in HBH options which
> > can be correctly and unambiguously identified anywhere in the network.
>
> I happen to agree, though I don't think that this is as simple as you might be implying.  https://tools.ietf.org/html/rfc8558 makes a similar assertion, but identifies some of the underlying complexities.
>

v2.23.0 | Report a Bug | By Email