Re: [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-06

Thomas Fossati <> Tue, 18 June 2019 22:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 84FA11202A1; Tue, 18 Jun 2019 15:52:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7cB0bYtIyK05; Tue, 18 Jun 2019 15:52:24 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4F2F8120226; Tue, 18 Jun 2019 15:52:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vtwW/S9dugVFTt6PHvcG9PWuyjcSE/3bxYcrTFROY88=; b=l/9KpHGJfSCHF823221CroKypw3fxNOkKyEgaeUAjnkR0gEkwoNQQaU0kngI2ZyVaiaqSZzfzLqJbZ+4jN8QKTQTOQ2nFSBg/I0m7etQPhCN5pptW1UfxDjKYAQfet9vDhu+ycqMDwq5taOxndDjQlRZIkcrrNIaUIpR8DJr7nE=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1987.12; Tue, 18 Jun 2019 22:52:21 +0000
Received: from ([fe80::3d83:d73e:b0ff:b8fd]) by ([fe80::3d83:d73e:b0ff:b8fd%5]) with mapi id 15.20.1987.014; Tue, 18 Jun 2019 22:52:21 +0000
From: Thomas Fossati <>
To: Tom Herbert <>
CC: "" <>, "" <>, Thomas Fossati <>
Thread-Topic: [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-06
Thread-Index: AQHVJSTdcQse4lv+RU+E6ztvfwE+S6ahfW4AgACaBAA=
Date: Tue, 18 Jun 2019 22:52:21 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: deca3509-e7ea-4b8b-fddf-08d6f43f9f79
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:AM6PR08MB4950;
x-ms-traffictypediagnostic: AM6PR08MB4950:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 007271867D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(366004)(136003)(346002)(376002)(396003)(199004)(189003)(40434004)(66556008)(71190400001)(966005)(2616005)(25786009)(5024004)(478600001)(476003)(486006)(81166006)(81156014)(14444005)(256004)(64756008)(6916009)(6116002)(73956011)(6512007)(3846002)(91956017)(8936002)(6306002)(66066001)(305945005)(7736002)(8676002)(5660300002)(66574012)(6246003)(53936002)(186003)(86362001)(6486002)(6436002)(68736007)(446003)(229853002)(76116006)(14454004)(6506007)(36756003)(72206003)(11346002)(66946007)(66476007)(76176011)(4326008)(102836004)(71200400001)(66446008)(316002)(99286004)(54906003)(2906002)(33656002)(26005); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB4950;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: fXHbGn9EVoO8IoGZmI0d2QINxWb3vDMiuvntqDsGu8Zn04BiikWaehFRAThL7evaZdUOleWx3pUr5xsD91s1qDlpAHJ6ftEP4Ek10mUU185wYycNVlIp3xaXd19d2hhpoSWHzBNc1F+2yGIDCiQ+6h0XZ8jWkKR9mar21tAeZlYxJ73Ihiqh+jxlZuoOmqFX/3ils9F8Wh/W/0y1MiiOZmrVzk3cZk9U9Zdg+mjEE+ae91Ovy2dOgQNs1sC1BYTg3jtH2igufBSYYYJ7ckYZJIYGtdd4oSHKBClUBtyZk8bRvwxenWdIc5+uvk+i6yQL8TaU1K3Ir7ioZQbbdZBQST5LXWI6XmCzi6Gpg0EynKb8jFot826u39KLFw61B2duauCM6jtVl57Yjv8QYClwSceguU45eAgjh61aZi7XYBA=
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: deca3509-e7ea-4b8b-fddf-08d6f43f9f79
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jun 2019 22:52:21.4083 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4950
Archived-At: <>
Subject: Re: [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-06
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 18 Jun 2019 22:52:28 -0000

Hi Tom,

> ML requires massive amounts of data to be most effect effective, but
> strong security mandates that we only expose the minimal amount of
> data we need to. So this is the tussle. If someone were to say we need
> uniform metrics exposed in transport protocols in the Internet, then
> the first question to be asked is "what information about transport
> protocols is _required_ to be exposed to the network?" Architecturally
> and from a position of security, the answer to this question in the
> Internet is none. A better question to ask might be what information
> would be useful and optional to expose and how can we limit the
> exposure to only trusted parties (for instance, I might trust my local
> network more than I trust the Internet, so I may be willing to expose
> data to the local network if there are sufficient mechanisms to scope
> it). That implies the need for a mechanism whereby hosts can signal
> the network with ancilary scoped information attached to packets. IMO
> the mechanism for this should be Hop-by-Hop options.

Sorry for the confusion. The thing I am suggesting is to standardise the
interface to the inference engine, not to force higher layers to leak

The (naive?) model I have in mind is one where the ML trainer not only
has the ability to measure passively but also to inject ad hoc
application flows itself - ideally from multiple vantage points.  These
can be then correlated with their blind counterparts both in the
training and check/reinforcement phases.

In principle, the application endpoints don't need to reveal anything,
apart from their network headers and whatever the transport already
exposes (e.g., spin-bit, connection id).  The onus of generating the
otherwise hidden data is on the ML engine owner and whoever chooses to
partner with it.  For example, a mobile network operator could partner
with customers that opt to participate in a crowdsourced measurement

To this end, the two log formats that are emerging around QUIC: qlog [1]
and QUIC trace [2] would act as the source of high fidelity
transport-specific information.

On top of those, there could be a bunch of standardised application
specific formats - e.g., time series of MOS scores for real-time A/V
apps, perceived video quality for HAS, $your_QoE_estimator of choice.

And maybe another level of tagging is a set of KPIs at the global scope,
provided by the network, (e.g., congestion levels, percent of rejected
flows) if the available samples are too sparse to reconstruct the big

This is effectively a hierarchy of standardised log data formats that
can be composed easily, for which pre-processing tools can be shared,
that would help with reproducibility plus all the other advantages that
come with a common, well defined format.

Of course, there's the inherent correlation/anonymity dichotomy that
needs addressing, but I think the IETF has the right expertise in house
to tackle this kind of stuff - the time we spent on making sure RFC7937
was shippable is a testament to that :-)

Cheers, t


IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.