[Secdispatch] Multicast architectures for the web
Ben Schwartz <bemasc@google.com> Tue, 09 November 2021 16:01 UTC
Return-Path: <bemasc@google.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A6D53A0965 for <secdispatch@ietfa.amsl.com>; Tue, 9 Nov 2021 08:01:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.6
X-Spam-Level:
X-Spam-Status: No, score=-17.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 92Te3AL6FuEU for <secdispatch@ietfa.amsl.com>; Tue, 9 Nov 2021 08:01:07 -0800 (PST)
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A42003A0E4A for <secdispatch@ietf.org>; Tue, 9 Nov 2021 08:00:19 -0800 (PST)
Received: by mail-qv1-xf2a.google.com with SMTP id bu11so14557122qvb.0 for <secdispatch@ietf.org>; Tue, 09 Nov 2021 08:00:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:from:date:message-id:subject:to:cc; bh=oVdfEAEpdPzihjrmcySOD8qoOBPEw8p0nvrKY1QGsiM=; b=nxI698GaGxTDet+1M+mSgmKcOHv90/aGJ8i0NFUWnqcAbHv/nKlH4VtkVGlwSfoVWT x7osFJyuTTlBKHM+Ok0n6G0GaYlXv7qvUz6Hby+JS587PxpRMraZNSFcjYvNvf5r94LN WRcIfhUPl1FIb+6k0GYYcQjY87VqK9oe88la2yUF8FXU7uZMYfMEmcjum9ysDIPpCxLQ c0MhbQWyQXM/H19lzpis8rhi8dC0UpoTSH13zSBD7StmaSrKKUSWBTemb44hH9g2AW0S LMDLnXZm3GtZviZyh0YifS5BctfpuHHtVZnkkpuwbmFRqc6b1BjlqQgyjXzZ3yiP9HGa z32g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=oVdfEAEpdPzihjrmcySOD8qoOBPEw8p0nvrKY1QGsiM=; b=ucvHWs67HRqIKQtW4Ve0ngr6OY7eutqsraSLQbQZB/TIRqurQeiwm1xxpXCAv0SMIL 8TRGzcCZGhNbEiTSpRatGP4ylVHCV3FUNUAWuQuRHICTlOESd5Ielb+mP+CnVGS+e4aA PAKhUZKdzD9XIdVFqquMPSvb4x4ERaW/SblmnuUCykDRJQN5Sy6pvH1GeFh5qIBVuUyL wHLDgVbctS5SrepwUJPz76Ax2J163Ehycu+Opc7qvbkSMGACcWgWLabos2OVZCtTnCEz 8JJqmURn9Ms9zekOw3JcjQ/OeHtzIImPVTVAoNn9YDTlJGAQVzIZI8Gp+BDVLVjKf/pm zXEg==
X-Gm-Message-State: AOAM5313haol3lv3Sdrc/+iAQVDl69v0GFm2ZEvOt5R4FLZHS0cHySpJ 7opTdTM2vBnY4un3ypB4zldZ/hEVvk4+aPYIxHcosdhgfvHkdA==
X-Google-Smtp-Source: ABdhPJxSCmNE3I+RT9DaxvzwaXViF5HsijGZ8hkhWDxTXMuC0PgBpJ/miyT4WNQFesR/qWCcEfOlEbpuzrrDoJnOhk0=
X-Received: by 2002:a05:6214:21e1:: with SMTP id p1mr28376915qvj.9.1636473617502; Tue, 09 Nov 2021 08:00:17 -0800 (PST)
MIME-Version: 1.0
From: Ben Schwartz <bemasc@google.com>
Date: Tue, 09 Nov 2021 11:00:05 -0500
Message-ID: <CAHbrMsCRPyKfqChUF4wAT=9XgGBASS18x-2f92+MzwF5ypheQg@mail.gmail.com>
To: secdispatch@ietf.org
Cc: "Rose, Kyle" <krose@akamai.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000b2fb9505d05d342b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/IK57blEcP474TU4nVg2PaXVSXo4>
Subject: [Secdispatch] Multicast architectures for the web
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Nov 2021 16:01:11 -0000
Regarding draft-krose-multicast-security, I think the most productive step would be to start with an architecture that sits on top of WebTransport in unmodified browsers. WebTransport's support for unreliable datagrams opens up a lot of novel possibilities for application-layer multicast (e.g. holding less state at the splitter, backfiling lost segments directly from the origin), and raises some interesting questions about how to implement content security most naturally. This can all be done without browser changes. If a system like this can be clearly defined, deployed, and measured, I think that greatly increases the likelihood of some of this functionality being moved down into the web itself. There's a long history of page-layer innovations being moved into the browser (e.g. crypto in JS -> WebCrypto, asm.js -> WebAssembly), and experiments with solutions within the page can help us to identify the bottlenecks that really need to be alleviated. --Ben Schwartz
- [Secdispatch] Multicast architectures for the web Ben Schwartz
- Re: [Secdispatch] Multicast architectures for theā¦ Holland, Jake