Re: [tae] New draft: announcing the supported transports via DNS
Caitlin Bestler <cait@asomi.com> Fri, 18 September 2009 23:39 UTC
Return-Path: <cait@asomi.com>
X-Original-To: tae@core3.amsl.com
Delivered-To: tae@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 808C73A6875 for <tae@core3.amsl.com>; Fri, 18 Sep 2009 16:39:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.371
X-Spam-Level:
X-Spam-Status: No, score=-2.371 tagged_above=-999 required=5 tests=[AWL=-0.106, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NzyHM1LFUre1 for <tae@core3.amsl.com>; Fri, 18 Sep 2009 16:39:13 -0700 (PDT)
Received: from mail2.sea5.speakeasy.net (mail2.sea5.speakeasy.net [69.17.117.4]) by core3.amsl.com (Postfix) with ESMTP id 6C1233A6996 for <tae@ietf.org>; Fri, 18 Sep 2009 16:39:13 -0700 (PDT)
Received: (qmail 31567 invoked from network); 18 Sep 2009 23:40:08 -0000
Received: from imac.asomi.com (cait@asomi.com@[66.92.48.27]) (envelope-sender <cait@asomi.com>) by mail2.sea5.speakeasy.net (qmail-ldap-1.03) with AES128-SHA encrypted SMTP for <bryan.ford@yale.edu>; 18 Sep 2009 23:40:08 -0000
Mime-Version: 1.0 (Apple Message framework v1075.2)
Content-Type: text/plain; charset="us-ascii"; format="flowed"; delsp="yes"
From: Caitlin Bestler <cait@asomi.com>
In-Reply-To: <1D74A5FE-7959-44ED-BA65-02A1F507851D@yale.edu>
Date: Fri, 18 Sep 2009 16:40:07 -0700
Content-Transfer-Encoding: 7bit
Message-Id: <6E8D0A3F-E4D8-47B9-A6DC-AE4E0B10B5F0@asomi.com>
References: <Pine.LNX.4.64.0909180057060.5479@zippy.stdio.be> <77F0974F-62CD-411C-96D3-C29E6D872DEA@asomi.com> <4AB2E6AB.7020409@gmail.com><4AB3A33B.7080909@ifi.uio.no> <4AB3A5DE.1040708@isi.edu> <055001ca388b$163a0070$5da36b80@cisco.com> <4AB3CF61.5060208@isi.edu> <057601ca388e$d775e620$5da36b80@cisco.com> <4AB3D3ED.5010002@isi.edu> <058401ca3891$8b0e3d20$5da36b80@cisco.com> <4AB3D84E.3090408@isi.edu> <058b01ca3893$36cad190$5da36b80@cisco.com> <A202B88E-6EC9-4727-A6DD-187B4AB6A307@asomi.com> <1D74A5FE-7959-44ED-BA65-02A1F507851D@yale.edu>
To: Bryan Ford <bryan.ford@yale.edu>
X-Mailer: Apple Mail (2.1075.2)
Cc: tae@ietf.org, 'Joe Touch' <touch@ISI.EDU>
Subject: Re: [tae] New draft: announcing the supported transports via DNS
X-BeenThere: tae@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Transport Architecture Evolution <tae.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tae>, <mailto:tae-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tae>
List-Post: <mailto:tae@ietf.org>
List-Help: <mailto:tae-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tae>, <mailto:tae-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2009 23:39:14 -0000
On Sep 18, 2009, at 1:57 PM, Bryan Ford wrote: >> > > Directory-based solutions - or "out-of-band" solutions in general - > don't eliminate that risk, because as Dan just pointed out, in-band > probes are necessary anyway because a middlebox might (read: usually > will, on the IPv4 Internet) block the use of a new transport even if > the remote endpoint (truthfully) declares that it is supported. Out- > of-band communication simply cannot reliably provide the information > that is really needed on the Internet as it exists: out-of-band > information can at best serve as hints at which alternatives to try > (or to try first). > > Further, although the extra message is probably unavoidable in > certain scenarios, in others it could potentially avoided with a bit > of cooperation between the alternative transport protocols and the > negotiation mechanism. That was the basic gist of the paper I > mentioned earlier on this list, which will appear (probably in > slightly revised form) in this year's HotNets: > > "An Efficient Cross-Layer Negotiation Protocol" > http://bford.info/pub/net/nego.pdf This is an excellent reference for the discussion. However, I think your presentation under-evaluates the probability that the tail end on a n-step negotiation will have to be a conventional 3 or 4-way handshake with an existing protocol. A totally new "connection negotiation protocol" could indeed be used to convey some of the same information that the first steps of existing protocols exchange, but this would not be known to stateful middle-boxes or intrusion detection systems. > > Finally, one more point in favor of in-band over out-of-band > solution is that you only need _one_ in-band solution, whereas with > out-of-band solutions you need to define one for each directory > protocol you care about (maybe only DNS, but that's one), PLUS a > separate one for each other protocol that exchanges IP addresses for > the purpose of setting up transport connections (e.g., SIP, > FTP, ???). Do we really want to have to define and deploy N > different negotiation extensions, one for each protocol that > produces IP addresses in one way or another? > >> I think the following objectives need to be met for any probe-based >> solution: >> >> 1) Must add no additional messages when the default protocol is >> selected. >> 2) TCP must be a valid default protocol. >> 3) There may be a case for adding UDP to that set for RTTP. >> 4) It should be capable of learning when a given client/server pair >> is blocked >> from using Transport X by some middle-box. Note: this is >> something a >> directory-based solution probably cannot do., > > Yes, these seem reasonable to me, except generalize 2 and 3 with > something to the effect of: > > When negotiating a transport for a given application X, whatever > transport is normally the basic, "must-support" transport for > application X must be a valid default transport protocol. > > That means TCP must be a valid default protocol when negotiating a > transport for HTTP; UDP must be a valid default protocol when > negotiating a transport for RTTP; etc. > > Bryan > Agreed, that simplifies the rule and makes the intent clearer. -- Caitlin Bestler cait@asomi.com http://www.asomi.com/CaitlinBestlerResume.html
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- [tae] New draft: announcing the supported transpo… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Melinda Shore
- Re: [tae] New draft: announcing the supported tra… Michael Welzl
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Michael Welzl
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing