Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01

Eric Rescorla <> Fri, 28 August 2015 23:22 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 8301D1A8982 for <>; Fri, 28 Aug 2015 16:22:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qdrbCdZNo_Sm for <>; Fri, 28 Aug 2015 16:22:41 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6398D1A87C7 for <>; Fri, 28 Aug 2015 16:22:41 -0700 (PDT)
Received: by wicfv10 with SMTP id fv10so18934432wic.1 for <>; Fri, 28 Aug 2015 16:22:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Sx+YRbTJIsDPkftaHf9MK2hH3/6N+OpQBsbj1zo9Fz8=; b=ITXrC1CJhfm6pyBUo9OZo8Xt6TYohDNG40bC2Zkk+Jzy4wYSBHXgV1eDSGkGl3luKA 9kPoSt6LNo8j97Q+fx75XvJ6u3RwCmH72qIBoh5Dqhhme7XhCTETY10KsdufrL9yx/ms 3I/S/5mf4p7U8Jo3C5JlqImoXxbqhRtao04dnsvqbfn2bMMWGYGJCr9Wzk/vBlPi9Jc5 guKoqTPtESerBK3M5DQa4yTXoOI4rzCJIWB2wuRRnP7RowSgk0t8fklhujsv5/skVycI kKgp5l0fcfNDbqU0UQsbce7ADmaEkIBavjtflG0TNZEVAFH68pfG4NxgWCq44p1XiD3K DBaQ==
X-Gm-Message-State: ALoCoQn0TXKWeA1HyEMahvRQOAa22T4dSGPwhcqQ00B65e//GDODBcO1GdiA+7tTBcPJ3UqeGSdb
X-Received: by with SMTP id q9mr7360983wiy.68.1440804160134; Fri, 28 Aug 2015 16:22:40 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Fri, 28 Aug 2015 16:22:00 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Eric Rescorla <>
Date: Fri, 28 Aug 2015 16:22:00 -0700
Message-ID: <>
To: David Mazieres expires 2015-11-26 PST <>
Content-Type: multipart/alternative; boundary="f46d04440196281604051e675c28"
Archived-At: <>
Cc: tcpinc <>, Kyle Rose <>, Mirja Kühlewind <>
Subject: Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 28 Aug 2015 23:22:43 -0000

On Fri, Aug 28, 2015 at 11:56 AM, David Mazieres <> wrote:

> Eric Rescorla <> writes:
> >> With RFC6544, could the controlling/controlled roles be used to break
> >> ties?  E.g., with TCP-ENO, could the controlling peer just always set
> >> b=1?
> >
> >
> > The problem is that there are situations where each side thinks it is
> > controlling
> > ("role conflicts"). RFC 5245 has the tiebreaker field to resolve this.
> But isn't the tie broken before probing the candidate addresses?  I
> thought the tie breaker was something that went in an SDP message or
> something?

No. The tiebreaker goes in the STUN checks. The issue is that it's
possible to be in a situation where after the SDP exchange each
side thinks it is controlling.

>   With respect to figure 12 in RFC5245, I was assuming the tie
> breaker was sent in SDP1 or SDP2, which would occur before the TCP-SO.
> But I admit I'm not very knowledgeable about ICE.
> Anyway, it's entirely possible that ICE could make setting the b bit a
> pain, where a revised protocol could solve this problem (e.g., the
> controller that causes this role conflict in the first place could just
> assign the b bit).  But since as you say, ICE itself doesn't want
> TCPINC, this isn't a big deal.

I think we're finally getting to the place where we have been
each other. We have some mechanism in the signaling which attempts to
break the symmetry and assign one side as A and one as B. If that mechanism
works, then no signaling in TCP is necessary. However, if that mechanism
does not work, then you have three main choices:

1. Allow things to just fail.
2. Have a mechanism to detect failure and then fall back to ordinary TCP.
This is what the "b" bit primarily does. You could also do this by having
the negotiated security protocol detect that both sides thought they
were (A) or (B) and then discard the handshake and fall back to ordinary
3. Have a mechanism to resolve the conflict. This is what a larger
like the one in TCP-use-TLS or the one in ICE does.

Does that seem like a fair summary of the situation?


Really, the goal of the "b" bit was just that if an application cares
> enough to break the tie out of band, it should be able to use TCPINC
> with TCP-SO.  In this sense, TCP-ENO is shooting for a pretty minimal
> goal, but at a pretty minimal cost as well (namely one bit).  At a
> higher level, we both agree "don't worry too much about SO".
> David