IETF Logo Mail Archive

Re: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32

Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com> Tue, 30 April 2024 10:41 UTC

Return-Path: <zahed.sarker.ietf@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48522C14CE52; Tue, 30 Apr 2024 03:41:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vdhC-aqVTQlU; Tue, 30 Apr 2024 03:41:26 -0700 (PDT)
Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 77EC8C14CF18; Tue, 30 Apr 2024 03:41:26 -0700 (PDT)
Received: by mail-pg1-x52e.google.com with SMTP id 41be03b00d2f7-5d4d15ec7c5so4307741a12.1; Tue, 30 Apr 2024 03:41:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1714473686; x=1715078486; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=6zDMnblFE70SwxgwxB//MESaNEpZuhGW+sWiCz5bGwg=; b=W5OIU4LzV8N8F1RlLEoZATpAUI4O0gBK0GAIvb6eJ9qnhz6b0cq1jFGJpiDrn6yvex gKZfL4N8U6PUCZz7rnyjPJsgch71Zv/T71XUccj6L7qXPHasAkmHWqqypUwI3mgFQhEO rwK1xL/TrvoxzRSkVgfV7dgxFC4L19n48zy+BA29jTRZecOdPE0zHN0M5OMyvaOZUBG8 ratMA0EZedtDCAQTnR0RwOSKYpwT/ExBgeZHRnZEziFu2W5n1ifUolmHfuETv5BD0I0h +0d3fCo/9WAme6kmkTOXbxlcocWQ8Kgfg4Qpe7BgLxHw3G3ij/D3E7OKqumyHGxEXFxd J3Qw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714473686; x=1715078486; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=6zDMnblFE70SwxgwxB//MESaNEpZuhGW+sWiCz5bGwg=; b=kVB0uIVl8Sh8uo5MvpKco4UR4WBAUfkoT3cTbfgwgNQ3lorfh92R9QzFOoU7boVdSa QOTX6CZK6rvJPyYM/TqwQD12l3q76naEYgyU6/fnia7ttvQS1ndeLpVYa2NmGumeghu+ H51qKp1+7EQ69MhVpApGOa3TRzH9InxebxQXLIWq+2c4g+qjUXeRffev1lRj28wEKHVm 8G2+4rM89xiiqeyOxRtngmDuZ0jIq1zii6szkVY7CSSZm/IumdADkKrqZaeSyg7Tr0+2 i7PVfQBqNKUZ5tsKRzCCwTFTIopc6QbrfK+DPW49cN6wZHDSjGmL+TUJoc7RCTPtI2mr M38Q==
X-Forwarded-Encrypted: i=1; AJvYcCX6iPifjZ7A4uJaAWVYrfGF9tEfxYR/2DcOs7XeHmDyJ0wFWds1BNNAnALfrw1MDFbezPt/G05IKOW44sBqutb9rwQbTE+YT6U7eS/VL+4O5uLjBCooKf6+gkpCvQ1RRuKrsg4VYP06EDM=
X-Gm-Message-State: AOJu0Yz9Kp90oyvMUoARJfWLHnOY6EXE7G86xSma+xXUhEYwXropQsN3 bd6xBnQND+o3dZTKPeymfTtzexRant2gPqAxBSVPm3ugEwvAKXbT2oSBl7vnNHYnUgThYYHvI2O nN3hFm+Dzfd0iuJMrspsDkF4K+aU=
X-Google-Smtp-Source: AGHT+IH/n42jpvHMlFSBrHW1JbGxamkr2TL7f9PrBIFyMDAsS1qH4dAQ6skgl6ZJQaWm0c948qE2t9H0hBle8DCYSl8=
X-Received: by 2002:a17:90a:e50d:b0:2af:b977:363a with SMTP id t13-20020a17090ae50d00b002afb977363amr12607167pjy.43.1714473685554; Tue, 30 Apr 2024 03:41:25 -0700 (PDT)
MIME-Version: 1.0
References: <CAM4esxSpwRF5E3Xc_hotgvCSdKVe4BY_zRUKAzHvW48JEtWqTA@mail.gmail.com> <CACL_3VGOLkJU1m7pqSXRRouCKwdQ6yrbmaPwoa22Jr-N3FZNzA@mail.gmail.com> <fccb92b0-dbc8-4cb2-b49c-1f603297d721@huitema.net> <CAEh=tcd2FzQxgbSivuX2cEg2FpsnkoqdFw5gMhrx3pkT_JV88Q@mail.gmail.com> <F36164D6-8685-4AB2-AED3-147E4D6D8FF8@strayalpha.com> <CAEh=tce1nU4P2NZVn7NVsWKgmKLhtUzDpfbf3wzJRjgbryy9+w@mail.gmail.com> <CACL_3VGhwuEgHM=nSftYNJBUOm2yHyav+x=NUTZfWTfOeK4XcQ@mail.gmail.com>
In-Reply-To: <CACL_3VGhwuEgHM=nSftYNJBUOm2yHyav+x=NUTZfWTfOeK4XcQ@mail.gmail.com>
From: Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com>
Date: Tue, 30 Apr 2024 12:41:14 +0200
Message-ID: <CAEh=tccCjNq_boPKEmCuH7EKdQObgJV+VWgOrPvuZ72O4SnULA@mail.gmail.com>
To: "C. M. Heard" <heard@pobox.com>
Cc: Gorry Fairhurst <gorry@erg.abdn.ac.uk>, Joe Touch <touch@strayalpha.com>, tsvwg <tsvwg@ietf.org>, draft-ietf-tsvwg-udp-options.all@ietf.org
Content-Type: multipart/alternative; boundary="000000000000011eca06174e0376"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/53zlBB1iGy5rFrnP1o63bdxh4j8>
Subject: Re: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Apr 2024 10:41:27 -0000

On Mon, Apr 29, 2024 at 11:24 PM C. M. Heard <heard@pobox.com> wrote:

> On Thu, Apr 11, 2024 at 4:16 AM Zaheduzzaman Sarker <
> zahed.sarker.ietf@gmail.com> wrote:
>
>>
>>
>> On Tue, Apr 9, 2024 at 5:01 PM touch@strayalpha.com <touch@strayalpha.com>
>> wrote:
>>
>>> Hi, all,
>>>
>>> On Apr 9, 2024, at 3:31 AM, Zaheduzzaman Sarker <
>>> zahed.sarker.ietf@gmail.com> wrote:
>>>
>>> The questions I would like to get answer is  -
>>>
>>>       Is it OK for the endpoints to send information in UDP options
>>> which can be read (only) by the transit nodes and react to it? if NO,  then
>>> how to prevent that to happen?
>>>
>>> //Zahed
>>>
>>>
>>> We can prevent that if/when we proceed with the UDP encryption option or
>>> using IPsec.
>>>
>>
>> I wanted to make sure we have a consensus here that it is good enough to
>> do so.
>>
>>
>>>
>>> But all this talk about transport protocols and their vulnerability to
>>> on-path mods strikes me as hollow. We have had such protections for TCP for
>>> a generation (over 25 yrs) with TCP-MD5 and its successor TCP-AO. Neither
>>> one protects packets from on-path tampering with IP options, but we’ve had
>>> that for just as long too.
>>>
>>> What we don’t have is a widely enough deployed key infrastructure. Until
>>> that happens, it’s difficult to understand how raising these issues
>>> obligates protocol designers.
>>>
>>
>> (I am not sure why that is not widely deployed yet :-).)
>>
>> The obligation here is that we have thought about the possibilities,
>> understand the pros and cons, made the right choice, and well describe them
>> on what we published.  I am not AD reviewing the document now, but I would
>> not like wait till my AD review to express what I would be looking for. Now
>> you know and can just tell me yes we have done those thoughts and in
>> section XXX we have described it well.
>>
>
> This is now Issue #45
> <https://github.com/tsvwg/draft-ietf-tsvwg-udp-options/issues/45> in the
> github tracker.
>
> As was noted earlier in this thread, the issue was discussed previously on
> the TSVWG mailing list:
>
> On Fri, Apr 5, 2024 at 9:49 AM Martin Duke wrote:
>
>> On Thu, Apr 4, 2024 at 2:22 PM C. M. Heard  wrote:
>>
>>> TSVWG went over this ground, to some extent at least, during the initial
>>> discussions of the initial versions of draft-reddy-tsvwg-explcit-signal
>>> (now expired) and draft-kaippallimalil-tsvwg-media-hdr-wireless (still
>>> active). After several threads in which the merits of using UDP options for
>>> host-to-network signaling was discussed (see, e.g., Challenges for host
>>> to network signaling via UDP Options
>>> <https://mailarchive.ietf.org/arch/msg/tsvwg/SpcVd6EB1Zi6FUhhyn2-o6nxuq4/> and
>>> other messages in that thread), I think most in the WG came around to the
>>> position of *not* wanting to see UDP options used for host-to-network
>>> signaling, The chairs are, or course, the folks who can make authoritative
>>> statements, but that was my impression, at least. The current version of
>>> draft-kaippallimalil-tsvwg-media-hdr-wireless does propose to use UDP
>>> options for signaling, but as part of a tunnel encapsulation arrangement,
>>> which does not conflict with the desired E2E nature of UDP options.
>>>
>>
>> Thanks for the pointer. I'm glad that the WG has already done what I've
>> asked.
>>
>
> I cited only one of the relevant threads. Would it be helpful if I were to
> go back through the mailing list archives and add links to all of the
> relevant threads in a comment? That will be a fair amount of work, but I am
> willing to do it, *if* it will help the AD, the chairs, and the WG.
>
> Please let me know.
>

For me, I have the same understanding from the email discussions as you
described above, so you can save some energy for other great things. I
however, not aware of any consensus declared in the WG, may be the chairs
want to do that to close the loop.

//Zahed


>
> Mike Heard
>

v2.36.0 | Report a Bug | By Email | System Status