Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
Eric Rescorla <ekr@rtfm.com> Fri, 28 August 2015 23:22 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8301D1A8982 for <tcpinc@ietfa.amsl.com>; Fri, 28 Aug 2015 16:22:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qdrbCdZNo_Sm for <tcpinc@ietfa.amsl.com>; Fri, 28 Aug 2015 16:22:41 -0700 (PDT)
Received: from mail-wi0-f169.google.com (mail-wi0-f169.google.com [209.85.212.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6398D1A87C7 for <tcpinc@ietf.org>; Fri, 28 Aug 2015 16:22:41 -0700 (PDT)
Received: by wicfv10 with SMTP id fv10so18934432wic.1 for <tcpinc@ietf.org>; Fri, 28 Aug 2015 16:22:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Sx+YRbTJIsDPkftaHf9MK2hH3/6N+OpQBsbj1zo9Fz8=; b=ITXrC1CJhfm6pyBUo9OZo8Xt6TYohDNG40bC2Zkk+Jzy4wYSBHXgV1eDSGkGl3luKA 9kPoSt6LNo8j97Q+fx75XvJ6u3RwCmH72qIBoh5Dqhhme7XhCTETY10KsdufrL9yx/ms 3I/S/5mf4p7U8Jo3C5JlqImoXxbqhRtao04dnsvqbfn2bMMWGYGJCr9Wzk/vBlPi9Jc5 guKoqTPtESerBK3M5DQa4yTXoOI4rzCJIWB2wuRRnP7RowSgk0t8fklhujsv5/skVycI kKgp5l0fcfNDbqU0UQsbce7ADmaEkIBavjtflG0TNZEVAFH68pfG4NxgWCq44p1XiD3K DBaQ==
X-Gm-Message-State: ALoCoQn0TXKWeA1HyEMahvRQOAa22T4dSGPwhcqQ00B65e//GDODBcO1GdiA+7tTBcPJ3UqeGSdb
X-Received: by 10.180.83.137 with SMTP id q9mr7360983wiy.68.1440804160134; Fri, 28 Aug 2015 16:22:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.27.179.221 with HTTP; Fri, 28 Aug 2015 16:22:00 -0700 (PDT)
In-Reply-To: <87h9nji6mp.fsf@ta.scs.stanford.edu>
References: <CABcZeBNEFVkDi38y3G-C2nQF=dzW2mGDsj5DVK_OKVkPwK=G0g@mail.gmail.com> <878u92oadf.fsf@ta.scs.stanford.edu> <CABcZeBMfk5C4-LF0fDLKpJktV3hJyzRUNfe0gO8RYDnzcs3yMA@mail.gmail.com> <87zj1inf7n.fsf@ta.scs.stanford.edu> <CABcZeBMZCjrwpTH+CkZS_p8TYGEFsXwxGn=KfPe28hY5f=2oXw@mail.gmail.com> <87oahuta7j.fsf@ta.scs.stanford.edu> <CABcZeBPiUxByxUVJ3cb5LaeH5T1LX3iZFetP4cXM3O9avzBkCA@mail.gmail.com> <87si75jo4s.fsf@ta.scs.stanford.edu> <BDF93B3E-9DE0-4FEA-A4A7-6E6A69E4169B@tik.ee.ethz.ch> <87h9nkkcqc.fsf@ta.scs.stanford.edu> <55DF25DC.2040001@tik.ee.ethz.ch> <87twrkhfpg.fsf@ta.scs.stanford.edu> <CAJU8_nWktUwni0=nywx-bbHg+j_K5GWFAZD8g3ZbKx7GLk4jpQ@mail.gmail.com> <877fogvdq7.fsf@ta.scs.stanford.edu> <CABcZeBPTGQvjdP7-6=+mN0S6wWOZC8PrsZhGu85NMkFQF-nMXg@mail.gmail.com> <8737z3kijy.fsf@ta.scs.stanford.edu> <CABcZeBPVhQ-nJw4zjELXeU8LwhkyMGxi3gEROaEa0iTsjt=y4g@mail.gmail.com> <87h9nji6mp.fsf@ta.scs.stanford.edu>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 28 Aug 2015 16:22:00 -0700
Message-ID: <CABcZeBNS_3w8moBJhGxPJs45x+2_Lu-4XZcQ02QOeNiAcTxADA@mail.gmail.com>
To: David Mazieres expires 2015-11-26 PST <mazieres-gtke622igq4ptstm76t3w75cjs@temporary-address.scs.stanford.edu>
Content-Type: multipart/alternative; boundary="f46d04440196281604051e675c28"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tcpinc/BtvqHJYpWKxHXaBlu3rwiUWSajY>
Cc: tcpinc <tcpinc@ietf.org>, Kyle Rose <krose@krose.org>, Mirja Kühlewind <mirja.kuehlewind@tik.ee.ethz.ch>
Subject: Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for adding encryption to TCP." <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2015 23:22:43 -0000
On Fri, Aug 28, 2015 at 11:56 AM, David Mazieres < dm-list-tcpcrypt@scs.stanford.edu> wrote: > Eric Rescorla <ekr@rtfm.com> writes: > > >> With RFC6544, could the controlling/controlled roles be used to break > >> ties? E.g., with TCP-ENO, could the controlling peer just always set > >> b=1? > > > > > > The problem is that there are situations where each side thinks it is > > controlling > > ("role conflicts"). RFC 5245 has the tiebreaker field to resolve this. > > But isn't the tie broken before probing the candidate addresses? I > thought the tie breaker was something that went in an SDP message or > something? No. The tiebreaker goes in the STUN checks. The issue is that it's possible to be in a situation where after the SDP exchange each side thinks it is controlling. > With respect to figure 12 in RFC5245, I was assuming the tie > breaker was sent in SDP1 or SDP2, which would occur before the TCP-SO. > But I admit I'm not very knowledgeable about ICE. > > Anyway, it's entirely possible that ICE could make setting the b bit a > pain, where a revised protocol could solve this problem (e.g., the > controller that causes this role conflict in the first place could just > assign the b bit). But since as you say, ICE itself doesn't want > TCPINC, this isn't a big deal. > I think we're finally getting to the place where we have been misunderstanding each other. We have some mechanism in the signaling which attempts to break the symmetry and assign one side as A and one as B. If that mechanism works, then no signaling in TCP is necessary. However, if that mechanism does not work, then you have three main choices: 1. Allow things to just fail. 2. Have a mechanism to detect failure and then fall back to ordinary TCP. This is what the "b" bit primarily does. You could also do this by having the negotiated security protocol detect that both sides thought they were (A) or (B) and then discard the handshake and fall back to ordinary TCP. 3. Have a mechanism to resolve the conflict. This is what a larger tiebreaker like the one in TCP-use-TLS or the one in ICE does. Does that seem like a fair summary of the situation? -Ekr Really, the goal of the "b" bit was just that if an application cares > enough to break the tie out of band, it should be able to use TCPINC > with TCP-SO. In this sense, TCP-ENO is shooting for a pretty minimal > goal, but at a pretty minimal cost as well (namely one bit). At a > higher level, we both agree "don't worry too much about SO". > > David >
- [tcpinc] Review of draft-bittau-tcpinc-tcpeno-01 Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Ilari Liusvaara
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Mark Handley
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Yoav Nir
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Kyle Rose
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Kent
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Martin Thomson
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Scharf, Michael (Michael)
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- [tcpinc] Simultaneous open tie breaking Tero Kivinen
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Kent
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Kent
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Kyle Rose
- Re: [tcpinc] Simultaneous open tie breaking David Mazieres
- Re: [tcpinc] Simultaneous open tie breaking Kyle Rose
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Watson Ladd
- Re: [tcpinc] Simultaneous open tie breaking David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… John Leslie
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Kyle Rose
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Kent
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… ianG
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Mirja Kühlewind
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… ianG
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… ianG
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… ianG
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Kyle Rose
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Kyle Rose
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… ianG
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… ianG
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Mirja Kühlewind
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Stephen Farrell
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Mirja Kühlewind
- Re: [tcpinc] Simultaneous open tie breaking Tero Kivinen
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Mirja Kühlewind
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Simultaneous open tie breaking dm-list-tcpcrypt
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… dm-list-tcpcrypt
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Kyle Rose
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… David Mazieres
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… Eric Rescorla
- Re: [tcpinc] Review of draft-bittau-tcpinc-tcpeno… dm-list-tcpcrypt