Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, -> logging

Joe Touch <> Sun, 13 October 2019 04:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 30556120059 for <>; Sat, 12 Oct 2019 21:00:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.426
X-Spam-Status: No, score=-0.426 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id gEyS06pVRu3o for <>; Sat, 12 Oct 2019 21:00:02 -0700 (PDT)
Received: from (unknown []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8E4E512004F for <>; Sat, 12 Oct 2019 21:00:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=YpUXyrQJThoEo0bZXouyfqbhCoCKhSJiSsU2cF2V7Fo=; b=WSzdFdUVWWAiHvEPxbixploKt O2qWMCmba9P33x8QLkKI0/hyoTOzqnD0giWHc4lw5r1vWuK8emy9Tma/qJRs1mpZVYDa4aOUIsyta 8fMM5qh575vjBoKahE+nL2UmszQcOdrGBJ2is3Niik99chNN1WjcWJBIqeJfUEKOgtC6ATO/TY5iC xqeOLrIX4un5pT0zTt4Q7fRGGLrnwin41F18iH6xuOWGpM6RSb1F/uWiHKeMFLlJnYPaUcT2Z9YYu dIeMbSPetRbuytDwy6NjRsIQMuLjbt6xngAqtnbCFk84gKbpCjHZTh9CMPDaGOiDIb6INmvGhagmu nkuezQqtw==;
Received: from ([]:53656 helo=[]) by with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92) (envelope-from <>) id 1iJV2y-002XFh-MO; Sun, 13 Oct 2019 00:00:01 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_20BC6AEA-5F9F-4573-AFA2-544B21877588"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Joe Touch <>
In-Reply-To: <>
Date: Sat, 12 Oct 2019 20:59:55 -0700
Cc: Christian Huitema <>, "" <>
Message-Id: <>
References: <> <> <>
X-Mailer: Apple Mail (2.3445.9.1)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: authenticated_id:
X-From-Rewrite: unmodified, already matched
Archived-At: <>
Subject: Re: [tsvwg] [saag] TSVWG WGLC: draft-ietf-tsvwg-transport-encrypt-08, -> logging
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 13 Oct 2019 04:00:05 -0000

Hi, Gorry,

> On Oct 12, 2019, at 12:48 AM, Gorry Fairhurst <> wrote:
> I'm intrigued by how far we can understand opportunities for open client logs to replace pcap dumps, and would like to delve a little deeper into what we understand - there seem many possible actors and that may be interesting to look at a few viewpoints:

> * a user of a transport protocol (e.g., understanding cost/benefit of feature choices);

There’s only one viewpoint that drives this conversation. It’s the user’s.

If the user wants to encrypt, that’s their prerogative. We should not be recommending or assuming otherwise, 

> * a protocol developer (e.g.,  debugging transport interactions end to end);

That’s fine for them to do ON THEIR TRAFFIC. Not everyone else’s.

> * a service provider (e.g., trying to understand performance impairments in the network);

They should never need to look at others’ transport headers to do this.

> * researchers/equipment developers seeking to correlate/tune transport timing with network policies (e.g., interactions between congestion control and link scheduling);

And if we’re part of their experiment, it needs to be by opt-in and with full understanding of what data they use and how they use it.

> * exploring traffic archives (e.g., trends in what is supported or determine when an anomoly appeared).

That’s just more reason to encrypt.

> I've taken all of these viewpoints at some time using pcap to look at TCP.
> Clearly when we use QUIC, there can be alternatives and there is now some experience with client (and server) logs, what do you think we can usefully say in addition to or instead of what the draft says about logging (currently mentioned only briefly in section 6.1) ?
> The text on spin-bit could indeed be developed a little (the present text predates the spin bit being incorporated as an optional part of the base spec). What do you think should be said (currently at the end of 6.4)?

The doc currently states, in that area (sec 6) largely as somewhat of a conclusion:

   The choice of whether future transport protocols encrypt their
   protocol headers needs to be taken based not solely on security and
   privacy considerations, but also taking into account the impact on
   operations, standards and research.

That, in a nutshell, is the problem. 

NO. Security does NOT need to “take into account” the impact on the supposed “rights” of others to make our traffic part of an experiment.


> Gorry
> On 09/10/2019, 15:32, Christian Huitema wrote:
>> As the draft mentions:
>>    The use of transport layer authentication and encryption exposes a
>>    tussle between middlebox vendors, operators, applications developers
>>    and users
>> Much of the draft reads like a lamentation of the horrible consequences of encrypting transport headers, which looks very much like embracing the point of view of the middlebox vendors. Expressing that point of view is of course fine, and it might be enough to change the title, abstract and introduction to reflect that this is an opinion piece. But as a transport working group document I would like something a bit more balanced. It should spend more time acknowledging the ossification and privacy issues. It should ideally lay the ground work for alternative management solutions, such as controlled exposure like the spin bit in QUIC, IP header information, or standardized logs like the QLOG effort.
>> -- Christian Huitema
>> On 10/8/2019 2:08 PM, Black, David wrote:
>>> FYI – some OPS area and SEC area eyes on this TSVWG draft now (during WGLC) would be a good thing ;-).
>>> Thanks, --David (TSVWG co-chair)
>>> *From:* Black, David <>
>>> *Sent:* Tuesday, October 8, 2019 5:06 PM
>>> *To:*
>>> *Cc:* Black, David
>>> *Subject:* WGLC: draft-ietf-tsvwg-transport-encrypt-08, closes 23 October 2019
>>> This email announces a TSVWG Working Group Last Call (WGLC) on:
>>> The Impact of Transport Header Confidentiality on Network Operation and
>>>                       Evolution of the Internet
>>>                 draft-ietf-tsvwg-transport-encrypt-08
>>> This draft is intended to become an Informational RFC.
>>> This WGLC will run through the end of the day on Wednesday, October 23.
>>> That should allow time before the Singapore draft submission cutoff for
>>> the authors to revise the draft with any changes that result from WGLC.
>>> Comments should be sent to the <> list, although purely
>>> editorial comments may be sent directly to the authors. Please cc: the
>>> WG chairs at <>  if you would like the chairs to
>>> track such editorial comments as part of the WGLC process.
>>> No IPR disclosures have been submitted directly on this draft.
>>> Thanks,
>>> David, Gorry and Wes
>>> (TSVWG Co-Chairs)
>>> _______________________________________________
>>> saag mailing list