IETF Logo Mail Archive

Re: [TLS] Application-Layer Protocol Settings

Lucas Pardue <lucaspardue.24.7@gmail.com> Mon, 20 July 2020 19:10 UTC

Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9DC73A0E0C for <tls@ietfa.amsl.com>; Mon, 20 Jul 2020 12:10:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2kt7ic902aGo for <tls@ietfa.amsl.com>; Mon, 20 Jul 2020 12:10:32 -0700 (PDT)
Received: from mail-wm1-x330.google.com (mail-wm1-x330.google.com [IPv6:2a00:1450:4864:20::330]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F68F3A0E4A for <tls@ietf.org>; Mon, 20 Jul 2020 12:10:32 -0700 (PDT)
Received: by mail-wm1-x330.google.com with SMTP id 184so585236wmb.0 for <tls@ietf.org>; Mon, 20 Jul 2020 12:10:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=++97zvIBZkL7n9HJE9z7TuaAjo0jb6dWgbjarMJUHu0=; b=LuF2jZvmIZ84EPfSHQC3/p49PPx4di5p8FiC371JK8OGF3V3iPLE9NhPbeiynAAnOk 3YyiljJIBhapFJ9RiUdGjN57JHPSR+qAhQUqv9TqKzK3AxhWZBG4T85z6NjHh+3nl1K0 gFCYPQliRdaux2RUyc1F1UM5LD9IY3YSa7B25GvwWlCP/AEIrT7eOS4bbAFnti4Qp0q3 O8IS5i6EAYPCW4M4F45CCbZlAXQculokvHBqJaLg6Zexhhu/TC4ASOJZz/uH227u43Vk AAnYrTx42c3fQVvif+fTU5G9c9auc4pMqZEYDn/U+LIDUf6jgiRkJaM6E3LNNuhw3//I 6Sow==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=++97zvIBZkL7n9HJE9z7TuaAjo0jb6dWgbjarMJUHu0=; b=joD6QXf9uJz8reNVntTfGCLWEyQqsqJ3CECkvkJ/WZsrwm8fY7iCTFVsZkreQ7Dffi S6xJDCwsxbKDFYsptlg/prK85XTFE1TsJrzS6+O7hZYmzd+xlo6ecRt1LV0GF5LHQ+tD NYnrm8mKc1AodJpohE8ttx3enpX+nk59yD1gkik7tRFvZPZQTcXkOytFTjOaVnDyH07a gYZKuT1a1ms5jwpwrp1pE4jLnfqYEsjrY7rVkmKu9VFCX5OSQUUpv+wLF0Sa4DGEIzjs afxOQu3sKqQS/w+jM9mscG8zbq7+DXCcZdXdGFnOIZT33Bx1H3yxswHDrRg+IBI2HbM9 sMBQ==
X-Gm-Message-State: AOAM532Ce8dKNr85qVSoTGZzFsZ6AUmos33AG4T+w2a49e78OO/Th4yb FS/iEZEd55wxQmzMIr2m1NyLAvtMBqNqvn7YAwU=
X-Google-Smtp-Source: ABdhPJzOjXJLiWjHS0IhykqP3wPwuEW/m18LfLRcJv6jCEQ2IuLe0t5yRoNaHSor7X33lEG4KcXJ0JE/A4s2Hwm+NPs=
X-Received: by 2002:a1c:2dc6:: with SMTP id t189mr746180wmt.26.1595272230599; Mon, 20 Jul 2020 12:10:30 -0700 (PDT)
MIME-Version: 1.0
References: <CAAZdMaf2dKab0dJU8MLZc9JzEcVSvf8s9kgeZFo3tmsRtx2sNQ@mail.gmail.com> <374ebd02-c3f6-4124-a1e9-c2f4a17e6c54@www.fastmail.com> <CAAZdMacsDdcZCcS1yLSQwO3rbhnh8AVkgZHrt+A+KDKKaYWO7g@mail.gmail.com> <d9201e80-19b9-4854-9655-10935414143c@www.fastmail.com>
In-Reply-To: <d9201e80-19b9-4854-9655-10935414143c@www.fastmail.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Mon, 20 Jul 2020 20:10:19 +0100
Message-ID: <CALGR9obNTmDLKHrYMncKb7-aMSOnvS8H=Vu0Wjg1PgEk+U993A@mail.gmail.com>
To: Victor Vasiliev <vasilvv@google.com>
Cc: "tls@ietf.org" <tls@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="000000000000a0018b05aae44286"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OoZzc58M2Ber8qEOFXUKg_P7xYM>
Subject: Re: [TLS] Application-Layer Protocol Settings
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2020 19:10:38 -0000

Hi Victor,

It seems my brain skipped over "ALPS in HTTPS" [1] when you mentioned in
your original email. I was reading it in the context of David Benjamin's
thread on Client Hint Reliability [2]. There's a couple of things that
surprised me when reading both drafts:

1. ALPS in HTTPS actually supports more than just exchanging Settings
Parameters, it can actually hold a series of frames. It's just that ALPS
only defines SETTINGS to be allowed, and Client Hints Reliability wants to
add more in the shape of a new ACCEPT_CH frame. I'm not sure I like the
idea of supporting any old frame in the TLS handshake, SETTINGS are at
least reasoned about in terms of how they are remembered for the purposes
of 0-RTT.
2. ALPS in HTTPS makes it mandatory to support some settings to disable
static and Huffman header compression. That seems pretty onerous. If there
was interest in prototyping something like ACCEPT_CH-in-handhsake it
requires a modification of a QPACK dependency. On the other hand, if you
don't make these settings mandatory, then you won't achieve your objective
of removing the mandatory parts of HPACK/QPACK. To me this is a signal that
ALPN is a better option to negotiate a profile of H2/H3 that modifies
mandatory compression behaviour.

Cheers
Lucas


[1] https://tools.ietf.org/html/draft-vvv-httpbis-alps-00
[2] https://lists.w3.org/Archives/Public/ietf-http-wg/2020JulSep/0054.html

v2.23.0 | Report a Bug | By Email