Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt

Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> Mon, 04 November 2019 17:54 UTC

Return-Path: <mirja.kuehlewind@ericsson.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ABD9120843; Mon, 4 Nov 2019 09:54:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qrot8eUn7i1v; Mon, 4 Nov 2019 09:54:27 -0800 (PST)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-am5eur02on062b.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe07::62b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22121120BAE; Mon, 4 Nov 2019 09:54:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=h31aW0J5ASwe3fid083Mk260Dyx89z8Dw2T2LuPeZ1vagC9kIPPFw4ywNiEez/YrUg8suqPOkf9XNlCch3+T4n8C3wrVSlGEBeyiFWCQEXz7tPKQd4Go4eP/YoPtESu4+/duebpZb6YYPb0cpbnRurQaU+gVyohx6A9pop9AFtDGfR0i9cjIqipsq7eqW97iRMz4BSm8vNJzby4SPgw7lVwzGgy4hGudieo06Wfhmc4KfR0aa2TmmiwIvYgKJUNoevD0JTHpcP08CFRoFNfwEJlueXt6KmfTmYFc9ncsKx9haEeDEb4ejQnUgefUs/OOsBfvWmYxGWhjq47Q6xKvKw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LBNhyvRhgsk3GYopqGJqlD/r263k2vvbIfO602jPOlo=; b=ZZYA7gTIX4TrVbkDXsYWCqZGhX0GNDwRnW24rhIbRSgC4ssvPKnoUASFZoszPr/yvMhf8Lh0XIVTntQDsU6bfMStqgJn1BgTUEcBmNgZS98CZmHAvTo450NMv3RLFJRRANBnf9eFBvNwgCnpE4bpX7SvWRIL9aUQKeHesnnGxnbZ4q3gWss/QE8rgKX2pDDxhmJJG4mJkgFmWgteqYAW5nApH7/3CgfhRJ5jdiw9YWbvj5kuW6Ny3cfejYk3N9fWIzUB0rWQGiyMVd3hcTTnfjeNAht8LrNwYW+GLtqdiJN9qQymh+Wiv0XV5lRJrnzYgmC3EP3GiGui+TuKPaeKhA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LBNhyvRhgsk3GYopqGJqlD/r263k2vvbIfO602jPOlo=; b=gk3A56/gC8fjsVPuw3XC9sJTdpABXXXQ3TrZcxtf06Fhe6xsWR6gaO6Xe4YBFWJqWdKhK4KR4Mb62hRoDyjNTEcQwv7ULWe26e1IK1PPhXGj6yGl4F12FVgzGDNoEBkd3C4XztJxrlBCgwfcVaP59G24sSanJ4ekT2Vm9MDQVek=
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com (52.135.149.158) by AM0PR07MB6004.eurprd07.prod.outlook.com (20.178.114.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.16; Mon, 4 Nov 2019 17:54:24 +0000
Received: from AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::4189:4ef8:bfc1:ec58]) by AM0PR07MB4691.eurprd07.prod.outlook.com ([fe80::4189:4ef8:bfc1:ec58%7]) with mapi id 15.20.2430.013; Mon, 4 Nov 2019 17:54:24 +0000
From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
To: Christian Huitema <huitema@huitema.net>, Tom Herbert <tom@herbertland.com>
CC: tsvwg IETF list <tsvwg@ietf.org>, "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
Thread-Index: AQHVkpTuK59Ux5RWm0aKwFV5BLM7VKd6Ri6AgACF/4CAAD37gIAAImWAgAAEzQCAAAQnAIAAJ+CA
Date: Mon, 4 Nov 2019 17:54:24 +0000
Message-ID: <E497DF67-C6AB-4AF4-85E2-CDC381D86E64@ericsson.com>
References: <CABcZeBPajzuEdw8=M1g1i-TAniJ9O+H5dEMxv8c6N3tD=7mSvw@mail.gmail.com> <CALx6S35bSAa_zq=HsF-3e9qC-vRNFRu6dn+O4ak4Hi+c=Tmz5A@mail.gmail.com> <79E407F2-13D8-4F64-9A42-ED6BF6141DE9@ericsson.com> <CABcZeBPfT=B+fOXAkPuoEQQHAtJrefXSgnjOpPC7-4zC_myRsA@mail.gmail.com> <D36061F0-F872-4054-ACF0-C9A88FCEC572@ericsson.com> <CALx6S351cd3s5JDxLJHCkXu2CdbfeKX9+2xnLNeWiKnQyFAuwQ@mail.gmail.com> <77cf17ad-d7e7-6c67-1a4f-d3a60e7c63ec@huitema.net>
In-Reply-To: <77cf17ad-d7e7-6c67-1a4f-d3a60e7c63ec@huitema.net>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mirja.kuehlewind@ericsson.com;
x-originating-ip: [2003:eb:4700:cf00:3d57:7e7e:af67:8db2]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a36feeb8-a8ae-443b-a1ba-08d7615007a6
x-ms-traffictypediagnostic: AM0PR07MB6004:
x-microsoft-antispam-prvs: <AM0PR07MB600428D6445225C90D5C2F6BF47F0@AM0PR07MB6004.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0211965D06
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(376002)(39860400002)(366004)(396003)(346002)(136003)(199004)(189003)(5660300002)(8936002)(6506007)(81166006)(53546011)(81156014)(44832011)(46003)(486006)(99286004)(7736002)(2616005)(11346002)(446003)(476003)(8676002)(86362001)(76176011)(76116006)(14454004)(316002)(33656002)(102836004)(186003)(25786009)(2906002)(4326008)(6246003)(54896002)(6306002)(6512007)(6116002)(36756003)(71190400001)(478600001)(66946007)(66476007)(256004)(14444005)(71200400001)(66556008)(64756008)(66446008)(54906003)(6436002)(6486002)(110136005)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR07MB6004; H:AM0PR07MB4691.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: czMYS/VC/31UuLJGe/EpwD2dcC2DKoHHlowQFbAfyy8aDMtCiX5Fj4W4rpF60gGLfg0sSCmHSI1JB1qE59qq9jmk23tJIHMbAR/pmtzGZbCMIWSlXh3Dp6++IurAFcCN0JvA9dRs4E5nJP6lavfmS/FbxltdAYSUXf3awTmir194NF8KKbGif4IZAqT8Nr0QUBM4KDq2JvQW+yRuBQifaTPrMLYF+6HpoNF6bkJwOHXqL3HoQS5v4WKk8POqZp6DiDyOsAiqGfc3PsKeOAmRnoUn/Aai+FwZ62jSki44RXmKnHwzJkHvGXSxB9vFimDf6beBadcbAP9vBcI7KnHr+eO+AzadvsjFNqnNaeB+A+R0Ul/ucYrAqv79XZ+WDwvGnhYubDMQ5Svv7yqxe98E9v9GP+Dlr102ei161w817FQNtPPLmWyomnXMrAmJGSDs
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_E497DF67C6AB4AF485E2CDC381D86E64ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a36feeb8-a8ae-443b-a1ba-08d7615007a6
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Nov 2019 17:54:24.8554 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: I7rQmQZF0nDfm25oV5wADzlqMCUBypmxxFRH5V0qOJGUKyapXLzAgH/bPWePlCOQPYw3Cp/xm5sV6M3dvuLAEf1lSZV759k6CHOUYWdgO4E=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB6004
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/hXYBTEav2JNxYNVepOEdZ-7ggP8>
Subject: Re: [tsvwg] [saag] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Nov 2019 17:54:37 -0000

Hi Tom, hi Christian,

see below.

From: Christian Huitema <huitema@huitema.net>
Date: Monday, 4. November 2019 at 17:32
To: Tom Herbert <tom@herbertland.com>om>, Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
Cc: tsvwg IETF list <tsvwg@ietf.org>rg>, "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] [tsvwg] Comments on draft-ietf-tsvwg-transport-encrypt-08.txt



On 11/4/2019 8:16 AM, Tom Herbert wrote:

[MK] That’s not the intention here. But we also need to consider ways to interact with the network where this brings benefit to both the network and the performance of the end-to-end traffic. There are situation where this is the case. And I don’t think one makes sense without the other.

Mirja,



Yes, that is true. We need a way to allow hosts to signal the network.

But doing this in the transport layer is architecturally incorrect,

has led to protocol ossification, isn't robust like in the case of

QUIC, presents a security and privacy risk, and doesn't scale beyond

supporting one or maybe two transport protocols. Expliciting signaling

contained in the network layer headers that is under control of the

sending host is the correct alternative IMO.

+1.

We would be better off if we started work on this sooner rather than later.

I agree but in the end we have to be realistic what can be deployed. In case of the spin bit, this is information that is, by chance, measurable in TCP and therefore only a problem with QUIC traffic (for now as long as we don’t develop any new transports). Yes, having a transport-independent method would be even better but if we can get the spin bit deployed and it addresses the problem we have, I’m all for that!

Mirja







-- Christian Huitema