[tsvwg] Re: NQB draft WGLC - incentives, security and traffic protection
"Black, David" <David.Black@dell.com> Thu, 25 July 2024 22:25 UTC
Return-Path: <prvs=1936d8d7d2=david.black@dell.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C265C16940B for <tsvwg@ietfa.amsl.com>; Thu, 25 Jul 2024 15:25:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.253
X-Spam-Level:
X-Spam-Status: No, score=-2.253 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dell.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kaUW9tfjrpHz for <tsvwg@ietfa.amsl.com>; Thu, 25 Jul 2024 15:25:48 -0700 (PDT)
Received: from mx0b-00154904.pphosted.com (mx0b-00154904.pphosted.com [148.163.137.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 558C4C14F6A5 for <tsvwg@ietf.org>; Thu, 25 Jul 2024 15:25:48 -0700 (PDT)
Received: from pps.filterd (m0170396.ppops.net [127.0.0.1]) by mx0b-00154904.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 46PL1x8G007583 for <tsvwg@ietf.org>; Thu, 25 Jul 2024 18:25:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dell.com; h=from :to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=smtpout1; bh=v2WfakFV79as/djR9/dHD yU9GjztHSX+NM9b971pl0A=; b=hbftgvpueJ8ek66disZw79BZ3PyK1YIDzckg/ rGVJB7AaSuNDUNFUY2fd295J5bKlZHWMyI6bxI+tPJgNcT4oZEHuKssnGtzsfDI3 IjbN8r/WfqwdfdD9DNp5yYqL0rRP81iHued/NFieqjSw8zXuXdCiHDvh6UYuLOCG lr36+pAR3LCnOdirraj9XmI/wvt+vb/xqXAavtb84zobq4qywYFiv9duK0HuamN5 Ge7V3NEuOZYo30SQy11wxGcz03QFiXBAOQ8afgqcq6c16rMw+R+K4wxNQkdVsSoZ M0VMci1pR4+gzoHWYluL2WtBIAlyp32yLX/FA9VqHY6ar4WkA==
Received: from mx0b-00154901.pphosted.com (mx0b-00154901.pphosted.com [67.231.157.37]) by mx0b-00154904.pphosted.com (PPS) with ESMTPS id 40kx91g7c0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tsvwg@ietf.org>; Thu, 25 Jul 2024 18:25:47 -0400 (EDT)
Received: from pps.filterd (m0144104.ppops.net [127.0.0.1]) by mx0b-00154901.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 46PLNsGP038244 for <tsvwg@ietf.org>; Thu, 25 Jul 2024 18:25:46 -0400
Received: from nam10-mw2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2049.outbound.protection.outlook.com [104.47.55.49]) by mx0b-00154901.pphosted.com (PPS) with ESMTPS id 40kw98sr4k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <tsvwg@ietf.org>; Thu, 25 Jul 2024 18:25:46 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=KV6PdNdCT7cOKCvLIh/Rwbtn/X+SvDT62nNRGAI35FjLZUL8zHxerRuL/g4N1ATEesbWzHqXGInSqmS1B1V9nxRUNBMNSmAGRjDvq1kXEC56G/Ybdo5oHBWRtTFlZM3TPqf3PD3cRESKw2VDa9gsPqOLbABP7hoCuX6JIAyd5XULykWgO+SGyv2SdRLSF6ZpqticwL7fZ6KzmoN+3b1ebn/CaYU/3Rs6Yqet9K8Yx4OwKeO+S55SUlYabPC24NUBYGbglajdLE3hSkbExuqYKNvcGjSQLLw+aov8XrtmkbvmkXGz91Hhaidbw4RN1TJf2bnaA7lCkNOoj0Rld5xRvg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=v2WfakFV79as/djR9/dHDyU9GjztHSX+NM9b971pl0A=; b=bBQsRiGgByfStQ3ipNoS6dvUL8NPuPLXqivXpc7/3gLK83zaBxAXMUBTTpdN+QGl9JmOfekVQVv1PMNGxrF5HVBHgaNhc7KAa5T+1sYjMrL+QqZe+kerHGTtD4ZnMhCfK+l73aBwhGUNxrS5trmIavXBdZDleMYyJ1FXWWyksnTminFeLTFaFWxFT72HugYB8il+m9ZdQ/7YM8Ryr8h7sKdNCdmzs5oWHGxof/wgKeHTO/Zc08ifLf5ieqt+QCfywfxQsJGnl4VKlSnNsMd+YHkeZadwJle91UYYMkZZz7OcRNnVwVuSQC5qCsGCg0ipfkMjVZnNXVoftabML5pQDw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=dell.com; dmarc=pass action=none header.from=dell.com; dkim=pass header.d=dell.com; arc=none
Received: from MN2PR19MB4045.namprd19.prod.outlook.com (2603:10b6:208:1e4::9) by PH7PR19MB8508.namprd19.prod.outlook.com (2603:10b6:510:307::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.29; Thu, 25 Jul 2024 22:25:42 +0000
Received: from MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::656e:ea92:20c8:471e]) by MN2PR19MB4045.namprd19.prod.outlook.com ([fe80::656e:ea92:20c8:471e%3]) with mapi id 15.20.7784.017; Thu, 25 Jul 2024 22:25:42 +0000
From: "Black, David" <David.Black@dell.com>
To: tsvwg IETF list <tsvwg@ietf.org>
Thread-Topic: NQB draft WGLC - incentives, security and traffic protection
Thread-Index: Adq6zR8jLNO5GMcNSjGM+j1FMrU36QkD7UzQ
Date: Thu, 25 Jul 2024 22:25:42 +0000
Message-ID: <MN2PR19MB4045880E3CE9EBCB04AEAE7183AB2@MN2PR19MB4045.namprd19.prod.outlook.com>
References: <MN2PR19MB40456281899C5F95B9A8A15983C62@MN2PR19MB4045.namprd19.prod.outlook.com>
In-Reply-To: <MN2PR19MB40456281899C5F95B9A8A15983C62@MN2PR19MB4045.namprd19.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_ActionId=38ca9afe-d8ee-4a0c-a419-00a3e3fb546f;MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_ContentBits=0;MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_Enabled=true;MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_Method=Privileged;MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_Name=Public No Visual Label;MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_SetDate=2024-07-25T22:04:26Z;MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR19MB4045:EE_|PH7PR19MB8508:EE_
x-ms-office365-filtering-correlation-id: c7d9d4ce-749d-4127-d715-08dcacf8b846
x-exotenant: 2khUwGVqB6N9v58KS13ncyUmMJd8q4
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|376014|1800799024|38070700018;
x-microsoft-antispam-message-info: cuNyF6r/JCtzLQgoXTFZ35FFjhEHEuYriAEuxX9YO0qDjj3MeO+Sja1qddpLXkDqyOqZIHDhCxAY63iMUjVEURPe5ZQRmlbRtvMXO4FexNAy8IZf+GJFbYIT7bXmsJbPV6IwxUxY4s5UPdmW2l9gsypNukRbjVvF0kxnjxFydggIwhcdSNTlTmeubGKEpbmEml8tQdUGWd22WfxaKfZMACCOV3Uutc+aj/hhYgG9kY6GW0MFHkWY8mu+lFsSg4fkPqRX4HD2nxoTK8jp86fwRrMCsfQdgLquRh9qTMo5zL6gsrQrLBg19r/V8NJZ/DsJ/xTg7AVFw8PkD9zHZ7E08qOXyGJKSCqK8RkLTJYslj4geAUavvkv9gKi84KR7aLEGF2oeJwSLZ82pb42ePEiU3TOIE6Ayhf6Vlg7EZss7ZZX9gcrQ/yzke7aNk7p3yT89SJIKMrTcunPTl6TaSUoIeoxd6Oy/O/jstNnngTf0cFcKgjqw7mlzBUAtG/n+f/QrV37+n/+0wKinc470NdG6I1cBw1+vGZn7yY2uaMPebude4eh/q4ujqb2TcNWJhLWe4VD1ARDfpZwGYZ8ecnbtRNtLA3AmpzPiB2DYqnU35vChMlXQ+KNpBrcvpSR/X5Dw4vbXVi0jX7nIju199WpzOfYefhQwax1kK5PwRknVqleIV56HVQbcrHYTOoGmcAulVS8mC1Jgtx5n63CAqX1ofYnv4pXZKSAwhlP3oOu2CX5P8RQJpDPy75UXazJoft3N6UzRUEbFzKkLdEtVMlvByCJWOqPrl3EFOHVVbTLLmAhs6UVPFNCbcYrxekep0R0acWd+ISomTglx81JL97bUk43uCjvvpL8Cr1naoJzRyrIxJtb3YpKBSV8SiNuoGBij2qzKE87W2fVCXb36KA9wE7J4tX2+tzvPa7esgKiPcPEdOHMl5VrrmXCxqx1BZB7lyiHF0hzQWkcLE5+aR8NU4Gv+D+mgSC+oSd1cwPU0a6nh9J4yClcofTEdUtJXcdQ0upqUwGyHmviGXSJY7QJBLeRuHFUtSTmd4ET/iKniKvueK8FbdPuHvDUsjdme2XBTyFrAaHZxzP5GAVolfvZ4iF2QEDb/1je2r/2yGPWrlrHgLGMX15Cq9L3xNIb/O0y9atFcVgeCVcPXhEFzHRDp8VlFfBzfnFN9dEmgocuiu8fVHmwRXc8SMnPhwrPnLpnFXkfyQX9j5+Vv0inN7d/FKZyfmMvD9uwVj5zj6vuHdErkZXeecQ/zaMhEi3IgKTDVNFk7A/rQogaaTFqKr65hnm3AypIdI7CvNoA+caGevcoJHYpobXJXiqaf+9LzZVbbqxIvqQrAiKFw3TNfH5tVH4ONSpzQbj+pxF01olGwak=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR19MB4045.namprd19.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: LsV9f4oZrofxV9pPm0bcpK18BC++c4Z0X83/VlZgBh5CBI5y8u3gXdtSuaqUrwdgFWErm+vArMP06sVaLo2Lky98JHJRUdmHSqLwjK985yWK6x0SpCPnihzIjtCxtKO6m5qgcq2HWDDMjRVTEV2V9cayFyuRB+NISaOChl3TgDGbyeitMss9dQCMOQ96/iIlSdkxq3dEXwIJma97ri7TgeXwxkC9bSc9HIsZMkVRZbRGdOSvPBysV0MmGXt4b0Cgn71k0vL0qAwpDBUa5lqpo7riF2TveZVBgqTJCB+udWfLzHbExZKZFOiH4cy9eHDu8lwsEIGZdLN+KnXsJNYAyg849XMx7nXgB4/uXhHWQQOvXHmAL+vGtMqTgOyehU6notinKVO3nVX/pWWrXtyx67Rq1xhVT5OE0NSxykqP8Cuoltm0qG7ET9S+jTg1PgX3c3YPKalgKYq5CjzHZaposdGOr1FN/SJLPOSec+w8qihWkValNUkL+GfTpnB2LW3jqig/Z7d9tiRBIK3PrsLItYTcGrciqc/amKoTsbQ+JlamMzjQHh0p1rRDLqeEIyLx7Sii0/bJkpFk+M5gzwMvVMtFuExV0AEvXfT61eAHSptnqEA6HtIJjTxnhA5HeQWSfpK9o9Fy75RuB08h8I0qym51Y0ygLrwfCopBAygDqfHJiJtSrUL/F5MYQozovN4fZbCdi9872S4HYzTgletsh6FZGWlgyt2A5AoZU/aXoIdAp51UdAyfcPQNEPLQBT0P2AWvOee0IWIWvSR6MvA6l27xTjFiO6LeuVCOV/3Sl6AQu1OYHYMpOp8IOb11DxidYy5ar8HVywFbSQhAfQh5oR0jBoJxfffgzDxhYcNYcNx03Kv50vaEmBjXAGhqPMFUyeJn75OyBZypOJf8hIPsb2EFr/TLtUKFyRq4gcm+flfSt6zn8THekJDx52zNgoqD4AjVdsWPtKB161/C5aCZoGlON3NwbNSAQ9i+v4oW67F+URbzM4sezKtf9nhZFIVX8yHvJoAq7M+dmUELQYJ71JAO2l0JrrgsX8ATjtiQdR5/TWb0OiR56HiGEpc3d0QC423dT+oEjJjCH0ebFlImlbHlNuuAip5FgFp7PYR9LChl5fL7IESnpRScMSwB3L30dI021nFgpMtstwEnJBMAMne+kX5RBEUBZchUmZXcpfuGT7VQ0paZyBiksbpxKohRKnfgm48J5Qr5wWBwHED/mY/RtAcubQkyWe9amQ8lAFgICkvYZN2mltjjRv1BYGeuYKzsmWUjzgnIJcmMLO9RJijfVmcmrsH0uwEL/+QQt/E7gQEpoIM6bf3MxqCeF9bhexlqkgml2ytvUxOvf6WyzVsduPawSBjtzTkjwVUdVWWs5WqnRFRKiI/oyYaqxHP5964YQB/qA40mwUYK0IL9OgZxWpho5o72QdOeiTi0l859JdFRd5JPu1ntP9f9U1mjm2Q85qFnjteBclILlIEO23Nt6FZ2eo5Yw3/RPEhDd5soI72jKePD5kwhZZ58WMc68Tt59MQ2xHJp12TOw9a9w1qvIfFidwPcV/fUSn9jm/yYRgsTYXlp0F7y5xUbDCkH
Content-Type: multipart/alternative; boundary="_000_MN2PR19MB4045880E3CE9EBCB04AEAE7183AB2MN2PR19MB4045namp_"
MIME-Version: 1.0
X-OriginatorOrg: Dell.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR19MB4045.namprd19.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c7d9d4ce-749d-4127-d715-08dcacf8b846
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jul 2024 22:25:42.2851 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 945c199a-83a2-4e80-9f8c-5a91be5752dd
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wxHD72+vjzFehd+dCcSb4PFjJutgmP/Nt0IUcLILqCm+hzHfDu/+cFoaVzijLwDzjtbwcVpqDet6F6C3C7JYvw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR19MB8508
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-25_24,2024-07-25_03,2024-05-17_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 bulkscore=0 lowpriorityscore=0 mlxlogscore=999 phishscore=0 clxscore=1015 priorityscore=1501 spamscore=0 adultscore=0 suspectscore=0 malwarescore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2407110000 definitions=main-2407250153
X-Proofpoint-ORIG-GUID: auovtsvPn14sw55BbWQPJWBjkrjDIT0C
X-Proofpoint-GUID: auovtsvPn14sw55BbWQPJWBjkrjDIT0C
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 phishscore=0 malwarescore=0 adultscore=0 mlxlogscore=999 suspectscore=0 priorityscore=1501 spamscore=0 impostorscore=0 lowpriorityscore=0 mlxscore=0 bulkscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2407110000 definitions=main-2407250153
Message-ID-Hash: QFSG7XNBUF626ZENG66CFNBBNYWFPQKI
X-Message-ID-Hash: QFSG7XNBUF626ZENG66CFNBBNYWFPQKI
X-MailFrom: prvs=1936d8d7d2=david.black@dell.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tsvwg.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Black, David" <David.Black@dell.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [tsvwg] Re: NQB draft WGLC - incentives, security and traffic protection
List-Id: Transport Area Working Group <tsvwg.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/RDmd5rtUqoBqrU-V-xmLqtJTSyI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Owner: <mailto:tsvwg-owner@ietf.org>
List-Post: <mailto:tsvwg@ietf.org>
List-Subscribe: <mailto:tsvwg-join@ietf.org>
List-Unsubscribe: <mailto:tsvwg-leave@ietf.org>
Going back to this review, this is my view of where the concerns raised by the review stand (original review is below): -- Incentives There's been a lot of inconclusive email discussion, which has led to three related proposed issue resolutions: 46<https://github.com/gwhiteCL/NQBdraft/issues/46>, 47<https://github.com/gwhiteCL/NQBdraft/issues/47>, and 48<https://github.com/gwhiteCL/NQBdraft/issues/48>. I'm not satisfied with the proposed resolutions. At a high-level, I think there are three options: 1. Traffic protection is mandatory to implement. 2. Detailed queue configuration specifics that ensure that QB traffic stays out of the NQB queue. 3. Remove most or all of the discussion of incentives for QB traffic to stay out of the NQB queue. Based on discussion, I currently lean towards c), in significant part because some degree of flexibility in how to configure new functionality to prevent/deter practical problems seems like a very good idea. In addition, tolerating some modest amount of QB traffic in the NQB queue isn't necessarily inconsistent with the low(er) latency intentions for that queue. -- Security In contrast, progress has been made here, much as it may be hard to discern from all the emails. Jason and Greg have identified a couple of classes of network equipment where traffic protection is not necessary wrt security concerns because the abuser can only do damage to themselves: * Single-user network equipment where interference among flows is not a concern. * ISP access network equipment that supports per-user/device/flow provisioning and enforces the resulting limits on traffic. It should be fine to specify traffic protection as "SHOULD implement" (for other reasons) for those two classes of network equipment, and likely more classes to be identified. Credit where credit is due to Jason and Greg for suggesting these. OTOH, existing WiFi is still a problem area - the review comments on that topic appear to have been largely ignored. In the absence of traffic protection (in the AP or elsewhere along the path), I don't know what to suggest. Thanks, --David From: Black, David <David.Black@dell.com> Sent: Sunday, June 9, 2024 9:43 PM To: tsvwg IETF list <tsvwg@ietf.org> Cc: Black, David <David.Black@dell.com> Subject: NQB draft WGLC - incentives, security and traffic protection Gorry asked me to be sure to review the NQB draft during WGLC. This message is devoted to the primary set of issues that I found concerning incentives, security, and traffic protection. -- Incentives I like the overall approach of providing incentives for appropriate classification traffic as Default vs. NQB. Unfortunately, I think the current draft falls short of providing a sufficient incentives framework. This sentence in section 3.2 summarizes the goal of the incentives framework. "The PHB is also designed to minimize any incentives for a sender to mismark its traffic, since neither higher priority nor reserved bandwidth are being offered." That sentence has at least two problems: [A] The incentives are not minimized because lower latency is clearly being offered to NQB traffic, which provides an incentive for traffic mismarking. Section 4.1 identifies traffic protection as the primary disincentive for mismarking queue-building traffic as NQB: "The consideration as to whether an application chooses to mark its traffic as NQB involves the risk of being subjected to a traffic protection algorithm (see Section 5.2) if it contributes to the formation of a queue in a node that supports the PHB." [B]The statement that "neither higher priority nor reserved bandwidth are being offered" appears to be incorrect for NQB use of UP 5 by contrast to UP 0 in existing WiFi networks (section 7.3.1). That statement would be closer to correct if all of the recommendations in Section 7.3.1 were followed, but this sentence in 7.3.1 strikes me as seriously unrealistic: "In order to preserve the incentives principle for NQB, Wi-Fi systems SHOULD be configured such that the EDCA parameters for the Video Access Category match those of the Best Effort Access Category." In the (common) presence of a lot of video traffic, I question whether operators or home users are actually going to do that to the potential detriment of video traffic. -- Security Section 5 states: "Malicious behavior is not necessarily based on rational self-interest, so incentive alignment is not a sufficient defense, but the large majority of users do not act out of malice. Protection against malicious attacks (and accidents) is addressed in Section 5.2 and summarized in Section 10." An important implication is that traffic protection is *the* countermeasure to malicious use, which is confirmed by section 10: "To preserve low latency performance for NQB traffic, networks that support the NQB PHB will need to ensure that mechanisms are in place to prevent malicious traffic marked with the NQB DSCP from causing excessive queue delays. Section 5.2 recommends the implementation of a traffic protection mechanism to achieve this goal but recognizes that other options might be more desirable in certain situations." To begin with, the words "might be more desirable" need to be removed from this draft and saved for possible use to update to section 9 of RFC 6919<https://datatracker.ietf.org/doc/html/rfc6919#section-9> (please take note of the 1 April publication date of RFC 6919). More importantly, the usually IETF requirement for crucial security countermeasures such as this (traffic protection) is that they be mandatory to implement so that they are available for use if/as needed. -- Traffic Protection Both the incentive framework and security of NQB have a fundamental dependency on traffic protection - absent "certain situations", neither works without traffic protections. Nonetheless, the requirement for traffic protection in the second paragraph of Section 5.2 is a SHOULD: "... network elements that support the NQB PHB SHOULD support a "traffic protection" function ...". That's completely inadequate - based on incentives framework and security considerations, the appropriate requirement is "... network elements that support the NQB PHB MUST support and SHOULD use a "traffic protection" function ..." . Turning to "certain situations" - these would initially be exceptions to "SHOULD use" and perhaps equipment that is only used in such exceptional situations could be an exception to "MUST support". Unfortunately, the paragraph in Section 5.2 on these exceptional situations is a serious hand-wave: "There are some situations where traffic protection is potentially not necessary. One example could be a network element designed for use in controlled environments (e.g., enterprise LAN) where a network administrator is expected to manage the usage of DSCPs. Another example could be highly aggregated links (links designed to carry a large number of simultaneous microflows), where individual microflow burstiness is averaged out and thus is unlikely to cause much actual delay." That's nowhere near good enough. For "SHOULD use", quoting from RFC 2119's definition of "SHOULD": "... there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course." The "full implications" that "must be understood and carefully weighed" in this case are the presence of incentives to mismark and the absence of protection against malicious use. Omission of these concerns is a major flaw in the Section 5.2 paragraph on exceptional situations. OTOH, there will be certainly be some situations in which network operators have effective controls outside of the NQB forwarding implementation that prevent mismarking and malicious use, and it would be good to describe at least one such situation - an extreme example would be an air-gapped network with complete controls on application deployment and network traffic origination, including traffic marking.. Exceptions to "MUST support" are a taller order, although one possibility could be implementations that are only usable in networks that have "valid reasons to ignore" the "SHOULD use" could be one possibility - in essence the implementer has to be certain that mismarking and malicious use are impossible in networks that use her implementation. In order to agree to any text describing exceptions to "MUST support", I want to first understand the specific network examples that motivate the exception(s), including their mechanisms for prevention of mismarking and malicious use, since traffic protection will not be available for those purposes. My understanding is that the DOCSIS-based cable modem implementations of NQB do include traffic protection - if that's correct, then they are not affected by the discussion in this message. Thanks, --David David L. Black, Sr. Distinguished Engineer, Technology & Standards Infrastructure Solutions Group, Dell Technologies mobile +1 978-394-7754 David.Black@dell.com<mailto:David.Black@dell.com>
- [tsvwg] NQB draft WGLC - incentives, security and… Black, David
- [tsvwg] Re: NQB draft WGLC - incentives, security… Gorry Fairhurst
- [tsvwg] Re: NQB draft WGLC - incentives, security… Black, David
- [tsvwg] Re: NQB draft WGLC - incentives, security… Black, David