Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt

Colin Perkins <csp@csperkins.org> Wed, 06 November 2019 09:58 UTC

Return-Path: <csp@csperkins.org>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C456120813; Wed, 6 Nov 2019 01:58:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Toaxuk_KQrJt; Wed, 6 Nov 2019 01:58:53 -0800 (PST)
Received: from haggis.mythic-beasts.com (haggis.mythic-beasts.com [IPv6:2a00:1098:0:86:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 960F3120810; Wed, 6 Nov 2019 01:58:53 -0800 (PST)
Received: from [82.132.236.15] (port=44821 helo=[172.20.10.5]) by haggis.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <csp@csperkins.org>) id 1iSI5S-0007kd-Ic; Wed, 06 Nov 2019 09:58:50 +0000
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Colin Perkins <csp@csperkins.org>
In-Reply-To: <9EC2E60F-6044-4135-A802-1665028E6075@ericsson.com>
Date: Wed, 6 Nov 2019 09:58:39 +0000
Cc: Martin Thomson <mt@lowentropy.net>, tsvwg IETF list <tsvwg@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <54B33418-28D8-4176-A2EE-29FF27E5CE44@csperkins.org>
References: <67CE4313-A4C2-4CC7-972E-CB465D47B7FE@ericsson.com> <998B7C3E-54D8-40AC-BF91-901390CF70C5@strayalpha.com> <CAPDSy+5rvaXgEGZ7_V4pRdmBss7Hf1XmaGbiXGZceQu9hjjRTQ@mail.gmail.com> <118e630a-3f04-4aa9-8c1f-8083194865e4@www.fastmail.com> <9EC2E60F-6044-4135-A802-1665028E6075@ericsson.com>
To: Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3445.104.11)
X-BlackCat-Spam-Score: 4
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/DOS3K95BTFD2X4s7PfkYRdCiV8c>
Subject: Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 09:58:55 -0000

> On 6 Nov 2019, at 07:32, Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org> wrote:
> 
> Hi Martin,
> 
> Thanks for your more elaborated review. I don’t think there was an intention in the document to say that „listed practices are privileged and therefore deserving of protection“ but I can see how you could read it this way. I think the intention was to rather not make a judgement if these practices are „good“ or „bad“ because the assumption was that it would be even harder to find consensus on that but I agree that the document could at least explicitly state that these practices are not endorsed and not all of them are seen as worth supporting in future or any way desirable.

It certainly wasn’t my intent with this draft to say that all these practices should be kept; rather to stimulate the discussion about what should be preserved, what it’s necessary to find alternatives for; etc. If this doesn’t come across clearly in the draft. we should fix it. 

> However I still think it is important to document current practices and spell out implication that changes in the Transport Layer can have.  I also agree that the document got a bit redundant in the mean time and some of the „could“ and „might“ might actually go too far beyond the goal of documentation. 
> 
> The document was initially not intent to talk about potential solutions or future approaches to address desired implications that have been identified. However there was quite a bit of feedback that the document should go one step further. We could reconsider this approach but I actually think the document does a good job listing potential option to move forward. I hope this document can provide a common basis for understanding problems and therefore design work the ietf might do in future in this space. However the goal right now is really documentation and not making design decisions. 

Exactly.
Colin



> Mirja
> 
> 
>> Am 06.11.2019 um 05:10 schrieb Martin Thomson <mt@lowentropy.net>et>:
>> 
>> I just read this document.  tl;dr, I agree with David, but I'd like to provide rationale in long-form.
>> 
>> 
>> The introductory material is largely quite good.  Though I found it to be a little long-winded and a bit repetitious, the thesis it sets up is an oft-repeated theme of recent discussion: encryption has these benefits, but increased deployment of encryption affects certain existing practices.  Add text on ossification.  In the abstract, that's all non-controversial.  The risk that this is a repetition of RFC8404 is tempered by the prospect that this document might include a more detailed analysis of transport-level mechanisms.
>> 
>> However, the remainder of the document says something different.  In reading Ekr's review here, I thought that might be through implication, but I found that it was far more direct.  There is an assumption throughout that the listed practices are privileged and therefore deserving of protection.  No attempt is made to acknowledge that some of these practices are can be harmful in various ways.  No recognition is given to the possibility that involving endpoints might offer alternative methods toward the same ends.  This is perhaps exemplified in the conclusion, which states:
>> 
>>> An increased pace of evolution therefore needs to be accompanied by methods that can be successfully deployed and used across operational networks.
>> 
>> And:
>> 
>>> Protocols that change their transport header format (wire image) or their behaviour (e.g., algorithms that are needed to classify and characterise the protocol), will require new network tooling to be developed to catch-up with each change.  
>> 
>> The use of "needs" and "will" in these statements is emblematic of the theme that carries throughout this conclusion and - to a lesser extent - the preceding sections: the document clearly states that these goals are important and stresses the importance of finding replacements.  For instance, I don't think it is appropriate for an on-path box to reset a flow that doesn't conform to some ideal (S3.2.4).  If I were to state the requirement for a network operator it would be that it be possible to identify and isolate sources of traffic that are consuming disproportionate amounts of resources.  That might avoid any implication that the network operator be able to measure goodput (S3.1.2), for instance.
>> 
>> End-to-middle and middle-to-end signaling is something this organization has repeatedly attempted to tackle.  It's a hard problem.  Success has been patchy.  Though we might debate relative success, successful signals are few in number.  This document contains a direct and specific plea.
>> 
>> It is possible that this problem could be addressed by adding water until this skew is sufficiently diluted.  Sadly, the homeopathic approach we took with RFC 8404 failed.  The IETF ended up publishing an RFC in the absence of consensus.  I don't see that tactic being any more effective in this case.  The catalogue of techniques here is somewhat interesting, even if it is now outdated as Bernard suggests.  A document with the right framing might work, but that would omit any conclusion other than the one that says that these techniques are approaching extinction.  Though that might be a shame in some ways - the loss of the ability to conduct research in some ways is a loss - those are the facts on the ground.
>> 
>> As this is a document that intends to represent consensus, I have to oppose publication on the grounds that it includes an ask I disagree with.  I assert that it would be better to concentrate on building those signals, even if it is one hard-earned bit at a time.  For instance, let's see how ECN and spin work out in QUIC.
>> 
>> 
>>> On Wed, Nov 6, 2019, at 09:10, David Schinazi wrote:
>>> I also oppose publication of draft-ietf-tsvwg-transport-encrypt. This 
>>> document discourages transport header encryption and publishing it 
>>> could harm future protocol development.
>>> 
>>> David
>>> 
>>>> On Tue, Nov 5, 2019 at 1:04 PM Joe Touch <touch@strayalpha.com> wrote:
>>>> 
>>>> 
>>>>> On Nov 5, 2019, at 12:35 PM, Mirja Kuehlewind <mirja.kuehlewind=40ericsson.com@dmarc.ietf.org> wrote:
>>>>> 
>>>>> What I’m hearing is that 2-3 people think this is not aligned but don’t actually say why exactly they think that
>>>> 
>>>> That’s not what we’re saying. We gave reasons. 
>>>> 
>>>> Joe 
>>> _______________________________________________
>>> saag mailing list
>>> saag@ietf.org
>>> https://www.ietf.org/mailman/listinfo/saag
>>> 
>> 



-- 
Colin Perkins
https://csperkins.org/