Re: [Taps] Publication has been requested for draft-ietf-taps-minset-04
Michael Welzl <michawe@ifi.uio.no> Mon, 20 August 2018 08:57 UTC
Return-Path: <michawe@ifi.uio.no>
X-Original-To: taps@ietfa.amsl.com
Delivered-To: taps@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03947130F20; Mon, 20 Aug 2018 01:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0jQn_PPrb9ri; Mon, 20 Aug 2018 01:57:27 -0700 (PDT)
Received: from mail-out02.uio.no (mail-out02.uio.no [IPv6:2001:700:100:8210::71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93DDC130F1F; Mon, 20 Aug 2018 01:57:26 -0700 (PDT)
Received: from mail-mx12.uio.no ([129.240.10.84]) by mail-out02.uio.no with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <michawe@ifi.uio.no>) id 1frg02-000FmU-Hn; Mon, 20 Aug 2018 10:57:22 +0200
Received: from boomerang.ifi.uio.no ([129.240.68.135]) by mail-mx12.uio.no with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) user michawe (Exim 4.91) (envelope-from <michawe@ifi.uio.no>) id 1frfzx-000CwT-CT; Mon, 20 Aug 2018 10:57:22 +0200
From: Michael Welzl <michawe@ifi.uio.no>
Message-Id: <9D288441-913F-408F-9B1D-10CAEF4F5E6E@ifi.uio.no>
Content-Type: multipart/mixed; boundary="Apple-Mail=_3D38BCFA-80AD-4279-801D-6CB64EA53AA6"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Mon, 20 Aug 2018 10:57:13 +0200
In-Reply-To: <CAKKJt-dtcfTGBKmAvGdoRCav50WfBfhPRiWZAmJZgY2=tj3KCQ@mail.gmail.com>
Cc: draft-ietf-taps-minset@ietf.org, taps-chairs@ietf.org, theresa@inet.tu-berlin.de, taps WG <taps@ietf.org>
To: Spencer Dawkins <spencerdawkins.ietf@gmail.com>
References: <153202988904.10474.9175892480215474965.idtracker@ietfa.amsl.com> <CAKKJt-dtcfTGBKmAvGdoRCav50WfBfhPRiWZAmJZgY2=tj3KCQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.9.1)
X-UiO-SPF-Received: Received-SPF: neutral (mail-mx12.uio.no: 129.240.68.135 is neither permitted nor denied by domain of ifi.uio.no) client-ip=129.240.68.135; envelope-from=michawe@ifi.uio.no; helo=boomerang.ifi.uio.no;
X-UiO-Spam-info: not spam, SpamAssassin (score=-5.0, required=5.0, autolearn=disabled, UIO_MAIL_IS_INTERNAL=-5, uiobl=NO, uiouri=NO)
X-UiO-Scanned: D2DBBE9F485BF4A973DC5F752739C3EE0FB24BF5
Archived-At: <https://mailarchive.ietf.org/arch/msg/taps/wg9Cjltet4bOCEndDV-sYKoiJ2M>
Subject: Re: [Taps] Publication has been requested for draft-ietf-taps-minset-04
X-BeenThere: taps@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "IETF Transport Services \(TAPS\) Working Group" <taps.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/taps>, <mailto:taps-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/taps/>
List-Post: <mailto:taps@ietf.org>
List-Help: <mailto:taps-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/taps>, <mailto:taps-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Aug 2018 08:57:37 -0000
Hi Spencer! Thank you so much for your detailed work and all these comments! I'm commenting in line below, and marking my comments with "MW:". I'm terminating my responses with a "--". I'm attaching an update which incorporates the changes described in this email, but I'm delaying its submission until it's clear that this conversation has converged. Cheers, Michael --- Dear TAPsters, I've completed my AD review for this document, and have two high-level responses: This looks good, and I only have 8 pages of comments ... Please look these over, and ask for explanations if you need them. When we work through my comments, I'll request Last Call. And thanks for your work to date. Spencer I'm looking at this text Because the considered transport protocols conjointly cover a wide range of transport features, there is reason to hope that the resulting set (and the reasoning that led to it) will also apply to many aspects of other transport protocols. and wondering whether it's accurate to say "many aspects of other transport protocols that may be in use today, or may be designed in the future"? Part of my question is wrapped up in discussions about whether QUIC is a one-off new transport protocol, or whether QUIC is the first example of a new generation of transport protocols that are now worth designing because we know how to deploy them. MW: Done -- This text For example, it does not help an application that talks to a library which offers its own communication interface if only the underlying Berkeley Sockets API is extended to offer "unordered message delivery", but the library only exposes an ordered bytestream. read oddly to me - I think the first "only" could be removed, unless I'm missing your point, but please take a look at that sentence for clarity. MW: Done (first "only" removed) -- This text This "minimal set" can be implemented one-sided over TCP (or UDP, if certain limitations are put in place). This means that a sender-side transport system can talk to a standard TCP (or UDP) receiver, and a receiver-side transport system can talk to a standard TCP (or UDP) sender. was a bit difficult for me to read, and seems to mix explaining what "one-sided" means with the explanation that "one-sided" also applies to UDP, if certain limitations are put in place. I wonder if it is accurate to say This "minimal set" can be implemented "one-sided" over TCP. This means that a sender-side transport system can talk to a standard TCP receiver, and a receiver-side transport system can talk to a standard TCP sender. If certain limitations are put in place, the "minimal set" can also be implemented "one-sided" over UDP. MW: Done -- Is "ungrouped communication" in For ungrouped connections, early configuration is necessary because it allows the transport system to know which protocols it should try to use. a well-understood term? I can guess at the meaning, but I'd be guessing, and RFCs 8095 and 8304 don't define or use either term.(Further down, I also see "grouped communications", and I'm guessing what that means, too, and Section 3.2.1 is even called "Connection groups", but doesn't clearly define what that means) MW: Good catch, thanks! I added "Connection Group" to the terminology section; this text block also explains "grouped" and "ungrouped". -- I don't disagree with Note that this decision tree is not optimal for all cases. For example, if an application wants to use "Specify checksum coverage used by the sender", which is only offered by UDP-Lite, and "Configure priority or weight for a scheduler", which is only offered by SCTP, the above decision tree will always choose UDP-Lite, making it impossible to use SCTP's schedulers with priorities between grouped connections. The transport system must know which choice is ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ more important for the application in order to make the best ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ decision. We caution implementers to be aware of the full set of trade-offs, for which we recommend consulting the list in Appendix A.2.1 when deciding how to initialize a connection. but I'm not sure how a general-purpose transport system will know which choice is more important for any arbitrary application. I see the Is this advice transport system implementers can act on? MW: Agreed; I removed this sentence. -- This isn't a big deal, but This also means that the active opening side is assumed to be the first side sending data. seems really reasonable for the vast majority of (client-server) applications, but I wonder if peer-to-peer applications will trip over a problem here ("I open a connection to you, but you already had data queued for me since we last connected and you sent it immediately" could be a scenario for SMTP or DTN, I guess). But I'll let you folks think about that. MW: I added the following paragraph at the beginning of section 3 (as the second para) to address this issue: The arguments laid out in Appendix A.3 ("discussion") were used to make the final representation of the minimal set as short, simple and general as possible. There may be situations where these arguments do not apply -- e.g., implementers may have specific reasons to expose multi-streaming as a visible functionality to applications, or the restrictive open / close semantics may be problematic under some circumstances. In such cases, the representation in Appendix A.2 ("reduction") should be considered. -- This is a nit, but o A buffer limit (in bytes); when the sender has less then the ^^^^ than MW: Done -- In this text, o Reliability: this parameter is used to convey a choice of: fully reliable (!UDP), unreliable without congestion control, unreliable (!UDP), partially reliable (see [RFC3758] and [RFC7496] for details on how to specify partial reliability) (!UDP). it took me some re-reading to figure out that "unreliable (!UDP)" meant something besides JUST "unreliable" (because UDP is "unreliable without congestion control"). Could this be clearer? I wonder about "unreliable with congestion control (!UDP)", but I'm guessing that this is the distinction you're making. MW: Good catch, thanks! And yes, that's the distinction. I changed this to the following, to be explicit about congestion control for all choices: o Reliability: this parameter is used to convey a choice of: fully reliable with congestion control (!UDP), unreliable without congestion control, unreliable with congestion control (!UDP), partially reliable with congestion control (see [RFC3758] and [RFC7496] for details on how to specify partial reliability) (!UDP). -- This text in 7. Security Considerations Authentication, confidentiality protection, and integrity protection are identified as transport features by [RFC8095]. As currently deployed in the Internet, these features are generally provided by a protocol or layer on top of the transport protocol; no current full- featured standards-track transport protocol provides all of these transport features on its own. Therefore, these transport features are not considered in this document, with the exception of native authentication capabilities of TCP and SCTP for which the security considerations in [RFC5925] and [RFC4895] apply. The minimum security requirements for a transport system are discussed in a separate document [I-D.ietf-taps-transport-security]. confuses me, because I think at least two things are in play. First, I think the point you're probably making is that the underlying transport protocols remain unmodified, so the security considerations for each of those protocols apply unchanged, and this document isn't doing anything to create new security considerations. So, modulo SECDIR and SEC AD comments, I think that's all you need to say. Second, you guys are the experts, but I think a reference to [I-D.ietf-taps-transport-security] isn't actually needed for this document, because that document surveys security protocols, rather than specifying minimum security requirements. That document might someday discuss the minimum security requirements, in the way this document discusses the minimum set of transport services, but at least in https://tools.ietf.org/html/draft-ietf-taps-transport-security-02 that document is much more comparable to RFCs 8095 and 8304 than to this document. MW: I would agree about [I-D.ietf-taps-transport-security] if it didn't have section 5. I believe section 5 in this document is an effort to do the same as minset does, here; are you maybe asking for this section of [I-D.ietf-taps-transport-security] to use a more authoritative tone? Either way, as things stand now, the existence of [I-D.ietf-taps-transport-security] is used as a justification to not include the security related features of TCP and SCTP in the minimum set, and I think this citation is necessary. -- In Informative References, I see [RFC7305] Lear, E., Ed., "Report from the IAB Workshop on Internet Technology Adoption and Transition (ITAT)", RFC 7305, DOI 10.17487/RFC7305, July 2014, <https://www.rfc-editor.org/info/rfc7305>. which is awesome (I wish more IETF people referred to IAB workshop reports), but the only place I see it referred to is in A.3.1. Sending Messages, Receiving Bytes: For example, if an application requests to transfer fixed-size messages of 100 bytes with partial reliability, this needs the receiving application to be prepared to accept data in chunks of 100 bytes. If, then, some of these 100-byte messages are missing (e.g., if SCTP with Configurable Reliability is used), this is the expected application behavior. With TCP, no messages would be missing, but this is also correct for the application, and the possible retransmission delay is acceptable within the best effort service model [RFC7305]. Still, the receiving application would separate the byte stream into 100-byte chunks. I was at that workshop, and it was pretty wide-ranging, so you might want to provide a section number with this reference to give an inquiring reader a chance of finding what you're referring to (I'm guessing the section number is 3.5, but I'm guessing). MW: Done (and you guessed right). -- Just so you know - I did notice that Appendix A is two thirds of the page count for this document, and I agree that the material belongs in an appendix, and I think it's important for you to "show your work", in case anyone ever needs to update the minimal set in the future. So, I support what you're doing there. MW: Thanks :) -- You folks know what you actually did, but I'm hoping that 2. Reduction: a shorter list of transport features is derived from the categorization in the first step. This removes all transport features that do not require application-specific knowledge or cannot be implemented with TCP or UDP. was actually "cannot be implemented with TCP, SCTP, or UDP". Was that an omission in this text, or do we need to chat? MW: the point was that TCP and UDP can't work as a fall-back in case e.g. SCTP isn't available. As stated at the beginning of the document, the minset can be implemented "one-sided" over TCP. (and with some limitations, also UDP). For example: it's fine (within "best effort") to always send everything in order when an application allows out-of-order delivery - but there's simply no way to implement SCTP's out-of-band transmission of a number ("Indicate (and/or obtain upon completion) an Adaptation Layer via an adaptation code point") with TCP or UDP. If an application relies on that, TCP or UDP fall-backs become impossible. We were asked to avoid writing using the term "fall-back", for good reasons, but this particular sentence may have ended up being less clear as we simply replaced "fall-back" with "implemented with". I changed the sentence as follows, is it better? NEW: This removes all transport features that do not require application-specific knowledge or would result in semantically incorrect behavior if they were implemented over TCP or UDP. -- This text, Appendix A. Deriving the minimal set We approach the construction of a minimal set of transport features in the following way: 1. Categorization: the superset of transport features from [RFC8303] is presented, and transport features are categorized for later reduction. 2. Reduction: a shorter list of transport features is derived from the categorization in the first step. This removes all transport features that do not require application-specific knowledge or cannot be implemented with TCP or UDP. 3. Discussion: the resulting list shows a number of peculiarities that are discussed, to provide a basis for constructing the minimal set. 4. Construction: Based on the reduced set and the discussion of the transport features therein, a minimal set is constructed. The first three steps as well as the underlying rationale for constructing the minimal set are described in this appendix. The minimal set itself is described in Section 3. would have been clearer to me, if each step was labeled with the part of the document where this work appears (so, step 1 would be labeled "Section A.1", etc.), rather than providing the pointers at the end of the list. I couldn't tell whether you meant that these were the steps you took in the working group, or whether this was the organization of this appendix (plus Section 3), until I got to the paragraph at the end. MW: Done (and final paragraph removed) -- Does Finally, some transport features are aggregated and/or slightly changed in the description below. These transport features are marked as "ADDED". The corresponding transport features are automatable, and they are listed immediately below the "ADDED" transport feature. mean "aggregated and/or slightly change from [RFC8303]"? MW: Yes, done. New sentence: Finally, some transport features are aggregated and/or slightly changed from [RFC8303] in the description below. -- I have the same question with In this description, transport services are presented following the nomenclature "CATEGORY.[SUBCATEGORY].SERVICENAME.PROTOCOL", equivalent to "pass 2" in [RFC8303]. We also sketch how some of the transport features can be implemented by a transport system. For all transport features that are categorized as "functional" or "optimizing", and for which no matching TCP and/or UDP primitive exists in "pass 2" of [RFC8303], a brief discussion on how to implement them over TCP and/or UDP is included. as I did above - is SCTP intentionally omitted from this paragraph? MW: Yes, for the same reason I gave above. I now prefaced the last sentence with 'The "minimal set" derived in this document is meant to be implementable "one-sided" over TCP, and, with limitations, UDP. Hence, ...' -- (Somewhere about here, I started thinking about "automated" - I didn't see a clear definition of this in the document. I think I understand what you mean at a hand-waving level, but you might consider adding a definition earlier in the document, so that's clearer without relying on context clues. MW: "automated" doesn't appear in the draft - I'm sure you mean "automatable". It only appears in the appendix, where it's defined upon its first occurrence, in paragraph 5 of Appendix A.1, as follows: "The transport features of IETF transport protocols that do not require application-specific knowledge and could therefore be transparently utilized by a transport system are called "Automatable"." - maybe you just missed this? I believe it's in the most suitable place. I now made this sentence a bit clearer now, by changing it into: "The transport features of IETF transport protocols that do not require application-specific knowledge and could therefore be utilized by a transport system on its own without involving the application are called "Automatable"." -- I'm not going to list them off, but starting in Section A.1.1. CONNECTION Related Transport Features, I'm seeing a lot of analysis that includes some transport protocols and doesn't include others. I'm comparing o Indicate (and/or obtain upon completion) an Adaptation Layer via an adaptation code point Protocols: SCTP Functional because it allows to send extra data for the sake of identifying an adaptation layer, which by itself is application- specific. Implementation: via a parameter in CONNECT.SCTP. Implementation over TCP: not possible. Implementation over UDP: not possible. which includes TCP, SCTP, and UDP, to something like o Hand over a message to reliably transfer during connection establishment Protocols: SCTP Functional because this can only work if the message is limited in size, making it closely tied to properties of the data that an application sends or expects to receive. Implementation: via a parameter in CONNECT.SCTP. Implementation over UDP: not possible. which does not mention TCP. There are a bunch of examples with this kind of omission. Is it worth showing a complete set of "Implementation over $Transport: not possible"s for each feature? MW: Yes, done, for all the functional and optimizing features (as explained in the introductory text of Appendix A.1. -- If this next is too much trouble, do the right thing, but I notice that o Change timeout for aborting connection (using retransmit limit or time value) Protocols: TCP, SCTP Functional because this is closely related to potentially assumed reliable data delivery. Implementation: via CHANGE_TIMEOUT.TCP or CHANGE_TIMEOUT.SCTP. Implementation over UDP: not possible (UDP is unreliable and there is no connection timeout). includes a parenthetical explanation of why a function is not possible to implement on a specific transport protocol, but most "not possible" entries don't have such an explanation. I mention this now, both because it might reduce the number of conversations with reviewers and ADs that you have starting with Last Call, and because you folks are likely the best equipped to add these explanations now, rather than someone else trying to guess what you were thinking later. And, while I was thinking about that, I started thinking about entries like Implementation over UDP: Do nothing (this is irrelevant in case of UDP because there, reliable data delivery is not assumed). and wondered how many of the "not possible" entries in the appendix might be "do nothing". If you had parenthetical explanations for why something is "not possible", or why an implementation might "do nothing", that would probably sharpen the difference for the average reader … MW: Done everywhere -- And finally, at a high level, I don't understand why there are "Implementation over $Protocol" lines so often that name $Protocols that weren't listed in "Protocols:" at the beginning of each description. I have several guesses about what that might mean, but I bet all of them are wrong, so I have to ask. MW: maybe that's related to your confusion about the omission of SCTP, which I hope I have addressed (as explained above). So that's answered by text that appears just before we list the transport features, which now reads: "The "minimal set" derived in this document is meant to be implementable "one-sided" over TCP, and, with limitations, UDP. Hence, for all transport features that are categorized as "functional" or "optimizing", and for which no matching TCP and/or UDP primitive exists in "pass 2" of [RFC8303], a brief discussion on how to implement them over TCP and/or UDP is included." -- To the details ... Is this text o Reliably transfer a message, with congestion control Protocols: SCTP Functional because this is closely tied to properties of the data that an application sends or expects to receive. Implementation: via SEND.SCTP. Implementation over TCP: via SEND.TCP. With SEND.TCP, messages will not be identifiable by the receiver. Implementation over UDP: not possible. saying o Reliably transfer a message, with congestion control ... Implementation over TCP: via SEND.TCP. With SEND..TCP, message boundaries will not be identifiable by the receiver, because TCP provides a stream service. ... or something else? MW: It says what you suspect, and I updated the text as you propose (although saying "byte stream" instead of just "stream"). -- I have the same question about the next one o Unreliably transfer a message Protocols: SCTP, UDP(-Lite) Optimizing because only applications know about the time criticality of their communication, and reliably transfering a message is never incorrect for the receiver of a potentially unreliable data transfer, it is just slower. ADDED. This differs from the 2 automatable transport features below in that it leaves the choice of congestion control open. Implementation: via SEND.SCTP or SEND.UDP(-Lite). Implementation over TCP: use SEND.TCP. With SEND.TCP, messages will be sent reliably, and they will not be identifiable by the receiver. ("message boundaries"?) MW: same here - I replaced "they" with "message boundaries" in the last sentence. -- In section A.2, I have the same "is SCTP out or in?" question, especially around In the following list, we precede a transport feature with "T:" if an implementation over TCP is possible, "U:" if an implementation over UDP is possible, and "TU:" if an implementation over either TCP or UDP is possible. MW: I addressed this in the same way as the others above, by replacing it with: "The "minimal set" derived in this document is meant to be implementable "one-sided" over TCP, and, with limitations, UDP. In the following list, we therefore precede ..." -- I don't understand A.2.1. CONNECTION Related Transport Features ESTABLISHMENT: o T: Hand over a message to reliably transfer (possibly multiple times) before connection establishment Is this saying "possibly retransmitting multiple times to achieve reliability", or something else? MW: No, it means that a message is transferred reliably, and that it may arrive multiple times; that's a long-winded way of saying "idempotence" for TFO. I really don't want to change this text because it is a literal copy from RFC 8303 - these text snippets tie these documents together. And, even though I agree that the wording could be better, I think it's actually clear because this is describing a service to the application. Retransmissions to achieve reliability wouldn't be relevant to the application; "transferring multiple times" can therefore only mean that the message really is transferred from application A to application B multiple times, and this is what can happen with TFO. ----
- [Taps] Publication has been requested for draft-i… Aaron Falk
- Re: [Taps] Publication has been requested for dra… Spencer Dawkins at IETF
- Re: [Taps] Publication has been requested for dra… Michael Welzl
- Re: [Taps] Publication has been requested for dra… Spencer Dawkins at IETF
- Re: [Taps] Publication has been requested for dra… Michael Welzl
- Re: [Taps] Publication has been requested for dra… Spencer Dawkins at IETF
- Re: [Taps] Publication has been requested for dra… Michael Welzl
- Re: [Taps] Publication has been requested for dra… Aaron Falk
- Re: [Taps] Publication has been requested for dra… Spencer Dawkins at IETF
- Re: [Taps] Publication has been requested for dra… Michael Welzl
- Re: [Taps] Publication has been requested for dra… Spencer Dawkins at IETF
- Re: [Taps] Publication has been requested for dra… Michael Welzl
- Re: [Taps] Publication has been requested for dra… Spencer Dawkins at IETF