[tsvwg] Re: [EXTERNAL] Re: [gwhiteCL/NQBdraft] Should traffic protection be mandatory to implement? (Issue #48)

"Livingood, Jason" <jason_livingood@comcast.com> Wed, 24 July 2024 15:24 UTC

Return-Path: <prvs=193583cc01=jason_livingood@comcast.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C21B3C23EAA7; Wed, 24 Jul 2024 08:24:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b="sb3vIiUo"; dkim=pass (1024-bit key) header.d=comcastcorp.onmicrosoft.com header.b="cAoRGjrk"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6N-nvde-HOZl; Wed, 24 Jul 2024 08:24:54 -0700 (PDT)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 479B0C23A840; Wed, 24 Jul 2024 08:24:30 -0700 (PDT)
Received: from pps.filterd (m0156893.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 46OFJmHx017317; Wed, 24 Jul 2024 11:24:27 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=20190412; bh=Fxdz0uq1QEr9rOrBKWWZR JmPLturpJn29tRGF0fvDlI=; b=sb3vIiUouuANxEW7OZSKDUp8h74hq4hUy+hYt d7MeaIi28lnUDEI38iNvIX9SgI3BUqFtHDFLwqC87AmzDNHHszKZZ5ixpYDaokhK 2R3HYfE3U+t8L0glTkZgsmyMZv4rHSJzxNsWmcM+xFDEtnFbJGtyAFjIpguQOqyM YfBzrCzAKOmSXdDXmRcjMfO6Siz0qNefM/8ymcGf68ghWiQ+yRiZZVHpCy+JJm5o fGJJHT2g1bZDIMqXRpyKBJIpkAQOdSfsV9uxdgCbXVTygH5dOlb6U0BQt1iqhr1Q xcih4yJm0mEW2nigPSkzQB1djU4MKjuW+Qsw8tA70ZSvwne9g==
Received: from nam11-dm6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2168.outbound.protection.outlook.com [104.47.57.168]) by mx0a-00143702.pphosted.com (PPS) with ESMTPS id 40hgavt3jd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 24 Jul 2024 11:24:26 -0400 (EDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=kGgjU74107A8cYfNldejLtI/GDcepNy3RJ6B6cV8898Kx1ENeM5ZT0Yt9+3ARnIPTMaSRGR9e9pjM4elzNu66gzuI8b26gafsLWg0duxMH44pyGTGeFzoSuVNn8rYhQruszKuR+iRNkoYfmqOZeXhm1tlfNPaPQM8K5qhAdkZJa3044IM09L3bPJAABlzkqM8bRFzO0h9OvgKtyrao+HUoBJqaufDDzszQGNchXWGIIxsuVAc2dDJ+cP0634Jb6lg+KiY03VpvjxfMupNnyTASQ30VwQem2gv6aqpJM32az4CTYsJdaU1+TEG6jrrFKfpO85MVnOxNP6+nUIH/GO2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Fxdz0uq1QEr9rOrBKWWZRJmPLturpJn29tRGF0fvDlI=; b=RnY9PudVCYMFbJcTtFtZaCDS8k7y/mHjHggAlTc/oZeCzjfviJRQnYoPhUFMU1XMkbsxCkU2/QFiHJ9K/ROhTBULVHmHZC53qmNow6v6rPJooNkJV2A94eGx8IjSYH156M3rfnCPgyDTCXPzofA0YXnWlN1OxiqxDo5CKrHSLx6hpC5DC2wlh0lFjhxFAfV4E7AIBpTdqwqHhks+FG6VE3wieERnSGf63IwI4Q/lByGq62ai7EMWL5pKZWGeWKf5U7pkg+IhqAMCRoI7Bd/15bTWZNznj3EXK77mCxi5CKE6z1PpbzQOvvKJGrXd/HlyJlG9Utoz7cFmM518j+bBIg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fxdz0uq1QEr9rOrBKWWZRJmPLturpJn29tRGF0fvDlI=; b=cAoRGjrkxiuu77u9PO1Pq1LpteKdDNbRmrB/+hum4/WvCK6A5NU/loxtTquaVXsVfIJDHwLj5CBJmOBsttwrtEimWoATW0jvwSevmVbgwytCYT6poZA/JB4h2s4P+VmcRygV+EmmmUApISX4r4OfCbaBygW4lFT+quvxr6cww4E=
Received: from MN2PR11MB3709.namprd11.prod.outlook.com (2603:10b6:208:f3::22) by CH0PR11MB5316.namprd11.prod.outlook.com (2603:10b6:610:bf::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.17; Wed, 24 Jul 2024 15:24:22 +0000
Received: from MN2PR11MB3709.namprd11.prod.outlook.com ([fe80::8ae6:3313:d9f8:20d7]) by MN2PR11MB3709.namprd11.prod.outlook.com ([fe80::8ae6:3313:d9f8:20d7%4]) with mapi id 15.20.7762.030; Wed, 24 Jul 2024 15:24:22 +0000
From: "Livingood, Jason" <jason_livingood@comcast.com>
To: "Black, David" <David.Black=40dell.com@dmarc.ietf.org>, "Overcash, Michael (CCI-Atlanta)" <michael.overcash@cox.com>, gwhiteCL/NQBdraft <reply+AB2VULW2XRH6MPK23ABRZQOEVLRFREVBNHHI5USV5Y@reply.github.com>, gwhiteCL/NQBdraft <NQBdraft@noreply.github.com>
Thread-Topic: [tsvwg] Re: [EXTERNAL] Re: [gwhiteCL/NQBdraft] Should traffic protection be mandatory to implement? (Issue #48)
Thread-Index: AQHa3JwfOJAPnnLUJEmQXstKT2fKJLIEXDAwgABbGACAAEtNcIAAifgA
Date: Wed, 24 Jul 2024 15:24:22 +0000
Message-ID: <6F90E433-3EC7-4A07-851B-8DEDE30061D7@comcast.com>
References: <gwhiteCL/NQBdraft/issues/48@github.com> <gwhiteCL/NQBdraft/issues/48/2244060936@github.com> <MN2PR19MB404591B9BAA1AEED7BBB900983A92@MN2PR19MB4045.namprd19.prod.outlook.com> <LV2PR01MB7622B7EA53C95951987C9B0B9FA92@LV2PR01MB7622.prod.exchangelabs.com> <MN2PR19MB4045E01E9923873F4A0BBD4883AA2@MN2PR19MB4045.namprd19.prod.outlook.com>
In-Reply-To: <MN2PR19MB4045E01E9923873F4A0BBD4883AA2@MN2PR19MB4045.namprd19.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_ActionId=dc085fbd-ef1b-4368-adba-a856a5ad6fe3; MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_ContentBits=0; MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_Enabled=true; MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_Method=Privileged; MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_Name=Public No Visual Label; MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_SetDate=2024-07-24T00:19:09Z; MSIP_Label_dad3be33-4108-4738-9e07-d8656a181486_SiteId=945c199a-83a2-4e80-9f8c-5a91be5752dd;
user-agent: Microsoft-MacOutlook/16.87.24071426
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR11MB3709:EE_|CH0PR11MB5316:EE_
x-ms-office365-filtering-correlation-id: 332cf597-ab92-4788-a490-08dcabf4b217
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|7093399012|376014|1800799024|366016|38070700018;
x-microsoft-antispam-message-info: HiM1h2wfMIFX409Z21rGf3zC+1l3gpzEG4wnbMNaViwpOgiE5rUweYdber4oYde7i/XC7BAWpGMwQTCqHm+dFaviHp7fmxLZzktxTrtT11dGp9KeoCNirkdfIp5s+IFSBAV3pnDKVjHeBF7xlnf9E9QSTSzMaKJoVPVXPxilB9JRKciDZB9N8tupg8QUTXurTFGHVfeGg2/jlhx0UaOkfWhB9aVdVNs/ipN1gV8x1EmAGl/fCozaOzZcMmO8ZaCXxg/G/xmybIH9nE6gebkLC3fNLc3Es0OSeEz0sEupdMQjPvw2J9vVUfmogieU6xHGQtjUcf+iQQW/VQgCKGqU6vFNfms253rvNiiADYAl9ENsbX48EU5TnmEBf2zg7i+o+aaYJU73WQg6TdWnb5oqWMQoncPM43xhW3VUopiJOavM049hYo8f2G49+/4Q8ug8L7d/nhAtjNtYRh19W3aKEp3sQuxCZn9bUm1GMegZJxESLhalYSnv3Hhhf3QMhy18OlcGprNbwBVusDKtbF1bzhjZYFuUgUjLljI8Ihdy6gU8GhDKRlNmXB6IfM0TXXKF3LVVQqy2zWbz8TkBr2Ezmrg8ptrtG3B8XDVqxi6wh+xUSDg+XQQJNRX/5MLakKgQWTrD/VD/DO4cI24OFCJ1ZEjs3uT2IXhRrUqzym6m1HNzK6+goVpCNzeBv/XWIJfVgdLvSIGge4ZPm+2Djta/UUVXHBilKFlBtT1O1DKO6MiO1rRzL4aUi/n7e0JbRicbYCqB2a6GLe4L5FOaXsKr0SY8Y+sxCJFwrdT8oH+4YtZtYrmbjPIt/Ab6mjTaGPZic+RmVM/Y4GZdESt0jOnuGtpPu8PfAhk3Fk0pcXAvW6RKi0u1nVQXAyqyiOmOArSBU+pIyLTmXmEmkMl4W9K9gR4UScd4jlMRQpAxQowChOF+XgYpnnzsaJbEGi0HMEB1BkTZoAgjhcKt/EHmzdB4bErZke4nLX/s0iIzBDCtAZ2n7p+WT7BRqOnstF/CgSGK9wuCky4Elym/VN5hMeOF1IrNhicJ9Ry4+LnulTn0TRoLF99AROMl+UzXRs6+lhfUyQuc3smpbVe7hw1/LxYBoL5g/EpUvxvOyvvyFx5DJEM9Nf7azItTxdFLoOumCrjKbLnxNgPAT3L3MIu3eKElNp5FTyMP1/5FvpzA40nMa7zVUSFgruw5vkoqwA4FrBYE2lvnEiEbrEkPEiRmPsuHaEJyVJmgYEtJgZDvBospsgoicV/oRv10yXHZjDwIZsCT0uyfE3PwQCJ2lW13teIO/goY2ct02GCX4CPUwst6DPxLlyHCThrPsmGuw204T2uJu+MMajE4aWbT7XZXIzYm6AUmm7HJyf9fo+MgoSEYQgIb9dObvfgXaRmHB8vOcKLb1rR+Y3iQIy98T/XQsnpZ/rpULsuhVwpuncCWb7Wd+UI=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR11MB3709.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(7093399012)(376014)(1800799024)(366016)(38070700018);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: dD7fmeBE2PTqwrgqeAVYk8AQZ+emvRBYPcVkTeGBAtSmWDa1yamy+2/bPt8JrNBIRYwHBed6xW9Vt1YYJ8Bonhqa5oPdYqz/BU33rwMhFZos0AYh4YBqht+q5ydgQOcRHUNpZUz1+Z8D3FEC1+T1E53rBu8lBeQjaHUoaf4qM4+wKg7kMtLsT8nyQWZFBE/6FWA11A8/e/T5GxHX7HJ9CIHl5AdKB5dvsB1G2LLvECcLEVBt1KB0Ij6WrVmaM/QIxJh6r0lYCSAlfzOz8XKK9eww/fnV9LHFRWqKPV8osNz2IPmzyhkigC3rv3O9U4idQGLk+VGsLr44VKELEgxLdJ8RFZVJIQmSgwr9vZj/yKc+vlEua/7JHEUBA4csqJLXwzNa/HDZC+S/yC5ySbutx1HBA7cgOS6NDszxh75ftT+sIFjh3MpkJ49OEvcfi9Su5BgXUH44OJAgK7q3OPNlblVKFKY39HJ7YtP/UTG2hvdPrYye5oFlvntDmRVieMns9izAD2RCUE7hsgNPVRuPv946/q1rahcKW6eBlhx/6q58Iqk5Tfy5eqDXEOTR5SR2itQGFywuGPhFNrE/h0f/wa9NlRnxPSfxD4OQfZD/fyDAL9F+9yTfvhQRCmy7nH6SKRRP8Z3Zo9jqpI+v5fbswnw7bQ0bdm+piHAMBX1CqlJ4Rpfbk4v1qxYuEmT4DpFwBLBS7Qdr/6NLvVOugpiPK1aAw3pvVxf/2eAoR3jdKRuipRWFL6e92iAuwvjpCuKTv0VOJLjpf6LHRKdebcScxaEuy+5oUUf6fP5u6eLP06sUC6VcrkPP25E62pOvnxTvxQlf2nJHgMyUQMzbLF2Yaegi2awoIYTdmBR2ki8srT5CFFi5gQ2v+m79lFRftP0G8Clzh6hY7Tq1kFOvsdMes0vKKB/JFS01hz4ervKW2m4p/YQPq2KB3Z+GJPPPZY+5qhoj45GzMtfvZJAVXBtRe6HesvmHm35hV+TS47wSmCm6GWXBzimJyY8WQIyy0sxo785x7ZqOcxAIOUqgQZwKSVsi7Pl40V2Vr2BvzLwu2mAYTtCN0o0tMKG+cOqv5Q9bJm0TD+P1dLnbtWlAhN6uGCG9UNLbW8lhTziG75uDE0P5G6f6JBE5Ua6FcsBdNut7jQKmmUgVC+ZgvZ2ZotwZctCmCNlspqQ577nXJqghyjRErqFvEgWVv4z0CctUkrxVEaWIBWGRqFD19GhB0jO5aqZUmCEovquewiT3lf8cbM4ME/etzDqTWjLKPIey5KzH1E/Gs4gnsPPGLpEBoGHp3h3a39X3w8gA0FgZon/jahtbSGg1t7KQ4cNH3mU/5U5+40qFjMGg11bGJ/FCF3SbyGtvucAHjfF0C0NI0UkpcuOxg2I8J5ZOEBmXs9ogV7Rz+Ydocn1C5LxIFb922BE/z0RMi8IYMy5jXCaXH0rkFjiWMwAymryeVKFdtTpAjEJq5sh0jfdWFHBBR5veijdmpZRzb4Kgq7iRlWqKPd5zbFW1C82OSpHk3/zzqdP9KvFPYqEWkj/xmzdjGiq4JHufoawiwSjrFIRwcq3hqgosYjG68G6pAmbdE5tSW3B5rQ/QBPJ0P8h9aQt5JMBq4uEyVg==
Content-Type: multipart/alternative; boundary="_000_6F90E4333EC74A07851B8DEDE30061D7comcastcom_"
MIME-Version: 1.0
X-OriginatorOrg: comcast.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR11MB3709.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 332cf597-ab92-4788-a490-08dcabf4b217
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2024 15:24:22.7450 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: u7cdmcuJD51vzqk8RK6IdSQ3upp/U09GlRChBKk9SbENvwOP1pTkuKo1BL/FcdUVdQax8STWOdELKW6OyQUsSg17HnYna1DPuhjay5AQdsM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR11MB5316
X-Proofpoint-ORIG-GUID: vaSxGfopKDTgl-PGEoqlXDq171e2JqVD
X-Proofpoint-GUID: vaSxGfopKDTgl-PGEoqlXDq171e2JqVD
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-24_15,2024-07-24_01,2024-05-17_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 mlxlogscore=999 bulkscore=0 phishscore=0 spamscore=0 lowpriorityscore=0 mlxscore=0 priorityscore=1501 adultscore=0 clxscore=1011 malwarescore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2407110000 definitions=main-2407240111
Message-ID-Hash: PGLWV35NVK65OOPJUOOWGBXLFNQHVV2T
X-Message-ID-Hash: PGLWV35NVK65OOPJUOOWGBXLFNQHVV2T
X-MailFrom: prvs=193583cc01=jason_livingood@comcast.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tsvwg.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tsvwg IETF list <tsvwg@ietf.org>, "Black, David" <David.Black@dell.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [tsvwg] Re: [EXTERNAL] Re: [gwhiteCL/NQBdraft] Should traffic protection be mandatory to implement? (Issue #48)
List-Id: Transport Area Working Group <tsvwg.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/mnvKaLTWeanJXNrkybsEW0l20Qc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Owner: <mailto:tsvwg-owner@ietf.org>
List-Post: <mailto:tsvwg@ietf.org>
List-Subscribe: <mailto:tsvwg-join@ietf.org>
List-Unsubscribe: <mailto:tsvwg-leave@ietf.org>

>> I also don’t think it is necessary or helpful to try to solve for malicious actors here. Any malicious actor can fill up queues and crowd out other traffic simply by sending high rate UDP.
>> Shallow buffers are not uniquely vulnerable here.

> That's the wrong class of malicious actor.  Theft of service is a different attack (with different malicious actor behavior) from denial of service.  The draft's incentives framework is making strong claims that theft of service attempts are sufficiently counterproductive for the thief so as to make other countermeasures (e.g., traffic protection) unnecessary.  The fact that all the buffers, e.g., both best effort and NQB, can be overwhelmed by a sufficiently large denial of service attack has almost no relevance to that theft of service concern.

[JL] So “theft of service” in this use case would be some software on the home network trying to achieve high throughput on an upstream (outbound) basis to the internet? There are already ways that users can sort of do similar things – such as using their own home router and using QoS prioritization to advantage certain LAN clients (e.g., game console) and to give certain devices or users more bandwidth than others. This is the user making decisions for how to use their connection.

[JL] So ISTM there are parallels in this use case to what many customers do today. They are provided a certain bandwidth (and may have volumetric usage policies) – shouldn’t it be up the the user to decide how to use that? Wouldn’t the user just  be ‘stealing’ from themselves?