IETF Logo Mail Archive

Re: [Taps] Lars Eggert's Discuss on draft-ietf-taps-interface-22: (with DISCUSS and COMMENT)

Lars Eggert <lars@eggert.org> Tue, 12 December 2023 18:42 UTC

Return-Path: <lars@eggert.org>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BA99C14CF05; Tue, 12 Dec 2023 10:42:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=eggert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JrXrMq2HpAV9; Tue, 12 Dec 2023 10:42:40 -0800 (PST)
Received: from mail.eggert.org (mail.eggert.org [IPv6:2a00:ac00:4000:400::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB491C14CF09; Tue, 12 Dec 2023 10:42:39 -0800 (PST)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 6C1B8804F9; Tue, 12 Dec 2023 20:42:34 +0200 (EET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eggert.org; s=dkim; t=1702406556; h=from:subject:date:message-id:to:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:references; bh=IxYCWloZ3lgmPzQCIXjB37OdM88ftulXNsgxKPLz1MA=; b=Rpx+hr6uAw7NoBvwsNvZaqh+gCokHx2M+PvCQParjabSmBULU0M+rMXBVdsV/1wPn89aXu i4ZT1amVdzxy9peEVlOqKBV3ZdCsdRPLbBR/rSJ1+ozq9lt3WudO8U8bbO8a/NuUu/1CIS A+Q9ycLrD+fzSv28+1f+3JxisvsDFwFpB8RV+pVIDzMWO/qnvX4dwM2D19g7yK4uO1ZoWN eH+4bjJN6erDzTv8FmHxcoIfn88KPuLi9gQQRyZMGLEgPeaUPnI5kjSSXz1Qs8FrKc5/rf XwFUKIX3KWrztLH5QojgE7DrNfnfZfISoQQ7HkAV30iRMVJwaxmPFt/NDFBadg==
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.300.61.1.2\))
From: Lars Eggert <lars@eggert.org>
In-Reply-To: <2FF2518E-C6E6-4BFF-9521-05AB8FE036F0@apple.com>
Date: Tue, 12 Dec 2023 20:42:32 +0200
Cc: Brian Trammell <ietf@trammell.ch>, Michael Welzl <michawe@ifi.uio.no>, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>, The IESG <iesg@ietf.org>, draft-ietf-taps-interface@ietf.org, taps-chairs@ietf.org, taps@ietf.org, Anna Brunström <anna.brunstrom@kau.se>
Content-Transfer-Encoding: quoted-printable
Message-Id: <F16F27A0-AC25-498F-AE25-F04B9421712D@eggert.org>
References: <169408439315.13814.3746604129872399062@ietfa.amsl.com> <A1CF408B-C691-4003-A989-D0F3284B4E2F@apple.com> <181529E6-CFDC-4969-AABE-502E1C8A1325@eggert.org> <2FF2518E-C6E6-4BFF-9521-05AB8FE036F0@apple.com>
To: Tommy Pauly <tpauly@apple.com>
X-Last-TLS-Session-Version: TLSv1.2
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/IWgVM2TtiBSySve9Yd-MNfc6LNo>
Subject: Re: [Taps] Lars Eggert's Discuss on draft-ietf-taps-interface-22: (with DISCUSS and COMMENT)
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Dec 2023 18:42:44 -0000

Hi,

On Dec 12, 2023, at 19:48, Tommy Pauly <tpauly@apple.com> wrote:
>>>> ### Section 6.1.3, paragraph 6
>>>> ```
>>>>    In order to scope an alias to a specific transport protocol, an
>>>>    Endpoint can specify a protocol identifier.
>>>> 
>>>>    AlternateRemoteSpecifier.WithProtocol(QUIC)
>>>> ```
>>>> This is the first and only time protocol identifiers are used. What
>>>> are they defined to be?
>>>> 
>>>> 
>>>> ### Section 6.1.3, paragraph 9
>>>> ```
>>>>    The following example shows a case where example.com has a server
>>>>    running on port 443, with an alternate port of 8443 for QUIC.
>>>> 
>>>>    RemoteSpecifier := NewRemoteEndpoint()
>>>>    RemoteSpecifier.WithHostname("example.com")
>>>>    RemoteSpecifier.WithPort(443)
>>>> 
>>>>    QUICRemoteSpecifier := NewRemoteEndpoint()
>>>>    QUICRemoteSpecifier.WithHostname("example.com")
>>>>    QUICRemoteSpecifier.WithPort(8443)
>>>>    QUICRemoteSpecifier.WithProtocol(QUIC)
>>>> 
>>>>    RemoteSpecifier.AddAlias(QUICRemoteSpecifier)
>>>> ```
>>>> Why does the `RemoteSpecifier` definition not contain a `WithProtocol`
>>>> clause for TCP/TLS? And what would that look like, given that TCP/TLS
>>>> is a protocol combination?
>>> 
>>> These comments around protocol-specific endpoints are addressed with https://github.com/ietf-tapswg/api-drafts/pull/1408 and https://github.com/ietf-tapswg/api-drafts/pull/1451
>>> 
>>> The text now clarifies that the values for the protocol scoping here are implementation-provided enumerations.
>>> 
>>> "To scope an Endpoint to apply conditionally to a specific transport
>>> protocol (such as defining an alternate port to use when QUIC
>>> is selected, as opposed to TCP), an Endpoint can be
>>> associated with a protocol identifier. Protocol identifiers are
>>> objects or enumeration values provided by the Transport
>>> Services API, which will vary based on which protocols are
>>> implemented in a particular system."
>>> 
>>> The reason to show one protocol being specified with an override is to show how there’s a default endpoint that the connection should use, and it should conditionally load an alternate when using a particular protocol. This then doesn’t constrain the protocol stacks being used, but only customizes the endpoint in case a particular protocol is loaded.
>> 
>> How would a developer know what the default endpoint was?
> 
> The “default” endpoint is the one that the application developer themselves provided that didn’t include a protocol-specific binding. In the example above, that’s the port 443 endpoint, while there’s a protocol-bound endpoint that uses port 8443.

OK, but where in the example does it set that the default it TCP/TLS? The only thing specified for the "default" is port 443 - is something inferring TCP/TLS based on the port?

>> I'd argue that "safer" is in the eye of the beholder. I'll certainly agree that TAPS is trying to provide a more principled and more abstract interface to transport functions (also also that the socket API's platform-dependendness is terrible), but at least a developer with sufficient motivation can concretely implement their desired behavior. I remain unconvinced that an abstraction like TAPS will lead to a stable developer experience esp. over time and across platforms.
> 
> It’s certainly fair to have a different opinion on how the usefulness and stableness of various transport/socket options will play out over time.
> 
> Personally, I think the best philosophy for setting options on a connection / socket should be to set the minimum set required, so as to not unnecessarily constrain the behavior of the stack. If an application sets many options that can eventually only be satisfied by a set of existing protocols, and not some future as-yet-undesigned protocols, then indeed the connections will be constrained to use the existing protocols that work. But apps that only set the options they strictly need will allow for more variation.
> 
> Are there specific changes you are thinking of for the document?

I don't, and that was a comment (i.e., not part of the discuss), so I don't expect changes.

Thanks,
Lars

v2.23.0 | Report a Bug | By Email