IETF Logo Mail Archive

Re: [Spud] Whats missing in SPUD (was: Re: Multipath/Mobility (was Questions based on draft-trammell-spud-req-00))

Christian Huitema <huitema@microsoft.com> Mon, 10 August 2015 20:20 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EA1E1B3DB1 for <spud@ietfa.amsl.com>; Mon, 10 Aug 2015 13:20:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VDP1vm7bBGPR for <spud@ietfa.amsl.com>; Mon, 10 Aug 2015 13:20:40 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0797.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::797]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 605971B3B39 for <spud@ietf.org>; Mon, 10 Aug 2015 13:20:40 -0700 (PDT)
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (10.160.96.17) by DM2PR0301MB0655.namprd03.prod.outlook.com (10.160.96.17) with Microsoft SMTP Server (TLS) id 15.1.225.19; Mon, 10 Aug 2015 20:20:20 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) by DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) with mapi id 15.01.0225.018; Mon, 10 Aug 2015 20:20:20 +0000
From: Christian Huitema <huitema@microsoft.com>
To: Toerless Eckert <eckert@cisco.com>
Thread-Topic: Whats missing in SPUD (was: Re: [Spud] Multipath/Mobility (was Questions based on draft-trammell-spud-req-00))
Thread-Index: AQHQ05yizIZKWAQmRU21LnY3T8VoKp4Fp/DA
Date: Mon, 10 Aug 2015 20:20:19 +0000
Message-ID: <DM2PR0301MB06554EABDFD9845FD777AA8CA8700@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <20150810184444.GB16123@cisco.com>
In-Reply-To: <20150810184444.GB16123@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=huitema@microsoft.com;
x-originating-ip: [131.107.160.23]
x-microsoft-exchange-diagnostics: 1; DM2PR0301MB0655; 5:dbsIFVquoBCHqTMfdHnEfvQcm8gSCL9ryCvDnXSdMLtczwoYCRuzq+e4N5ErkDKz06YlOvNzXXl7UXW9QyB1NvuBCNVb3xrhE3oymDWoknQzkqbuEOtXmGKQSDscfc6sTfXw9sCD0Z0naqAOtrewVw==; 24:8ch3xgDTTbe9lumiFbyp9EzRv1S8U7RhLvNahKGPU/vnO4v8uFIl39KBUtPt01jOJcMKqpgz2yjn2My8IPJfezwaOrNqVz/UEp6jDRqa8TA=; 20:3bOzfyBB0kI1CiI2apQBKE5+KGjr8kDO9PJQjKBgpBD8Sdkw9gSthyv6ZhSV1ttX2v1Dtoo6kqKjOMNQsp1srg==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB0655;
x-o365ent-eop-header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
x-microsoft-antispam-prvs: <DM2PR0301MB0655DD4B31DE7B784C5504CBA8700@DM2PR0301MB0655.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:DM2PR0301MB0655; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0655;
x-forefront-prvs: 06640999CA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(24454002)(199003)(377454003)(189002)(5001860100001)(102836002)(81156007)(8990500004)(50986999)(54356999)(122556002)(5003600100002)(5001960100002)(189998001)(110136002)(5005710100001)(76176999)(77096005)(62966003)(10290500002)(64706001)(4001540100001)(101416001)(76576001)(5001830100001)(2950100001)(230783001)(97736004)(77156002)(5002640100001)(2900100001)(10400500002)(68736005)(33656002)(40100003)(105586002)(106356001)(87936001)(92566002)(66066001)(10090500001)(106116001)(86612001)(2656002)(99286002)(74316001)(46102003)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0655; H:DM2PR0301MB0655.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Aug 2015 20:20:20.0587 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0655
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/7xlQQR2PgIjovk0JqRHsm1LI_s8>
Cc: "spud@ietf.org" <spud@ietf.org>
Subject: Re: [Spud] Whats missing in SPUD (was: Re: Multipath/Mobility (was Questions based on draft-trammell-spud-req-00))
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>, <mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>, <mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2015 20:20:42 -0000

On Monday, August 10, 2015 11:45 AM, Toerless Eckert wrote:
> 
> [another resend due to spud mailin list setup, sorry]
> 
> As a generic side thought based on Christians concern about privacy (why would
> an app want to show a shared Tube-ID across multipath/mobile flows for
> example).
> 
> To me, the problem is best explained on the following workflow:
> 
> "Here is your new ID card".
> "Why would i want to have an ID card, everybody who checks ID cards is evil"
> "You do not have to show your ID card if you don't want to"
> "Lets go to the bar"
> "ID card please"
> "Booze or anonymity... that's the question"
> "Lets choose booze"
> 
> So, whats missing in SPUD (or any prior endpoint<->network) signaling is the
> signaling element "If you do not show ID card, you will not get booze" or "if you
> do not use a cross-subflow Tube-ID, your load-sharing, mobility or multipath
> performance will suck or not work".

That's exactly the kind of choice that I would not like the application to make. Take multipath as an example. The application can do it in two ways. It can use the same "tube ID" on both paths. Or, it can use two different IDs, and reassemble the packets in the end system. There are pros and cons in both architectures. 

If the application uses a single ID, the load balancers in front of the server farm can easily assign packets to the right context. If the application uses two identifiers, the servers need to somehow communicate to the load balancers that the two IDs should really map to the same context. That's more complex, but that's the main drawback of using two different IDs.

The other potential drawback of using two IDs is that the on-path elements cannot manage a single set of allocations for the two paths. But then, if the application is actively trying to use two different paths, it probably does not want those two paths to be managed as one, as that would defeat the purpose of multipath.

On the other hand, if the application uses the same ID, it discloses that two different IP addresses really belong to the same device, which is a great way to enable tracking. In the common case of cellular + Wi-Fi, this enable tying the Wi-Fi usage, typically randomized and anonymous, to the cellular usage, which is typically "managed." Note that applications doing that do not just put their own traffic at risk. By "leaking metadata," they are effectively breaking the privacy of other applications as well.

-- Christian Huitema

v2.8.7 | Report a Bug | By Email