Re: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32
Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com> Thu, 11 April 2024 11:20 UTC
Return-Path: <zahed.sarker.ietf@gmail.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A85EC14F5EE; Thu, 11 Apr 2024 04:20:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bisu1zCG9kr7; Thu, 11 Apr 2024 04:20:17 -0700 (PDT)
Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2737C14F5EA; Thu, 11 Apr 2024 04:20:16 -0700 (PDT)
Received: by mail-pl1-x633.google.com with SMTP id d9443c01a7336-1e40042c13eso30865845ad.2; Thu, 11 Apr 2024 04:20:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712834416; x=1713439216; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=TEa2b9EhryAaNf5dUVoeY1CJi9plUxw6U9Fw6kJGZTo=; b=NHeIlv88rXsmHEe1KzhPr2/NAIvlHpdpQx3UaeqqnxSzZXwCqjVNz5R7w+k39Xjqxn /4b2MweAesksyW1HsPJMXM3VO7ISRKDSYiVIy45xk3d0r+/FJdvnccInTbjvuR9ZxSxD NB098u2ranXQNotfPzW9r/aBJMl/ksJpZ4MgDmeLDpZGFY/Xxd8bmHnyOUdwWD4JPkw0 8FocVY4aRV9rxjAx+FtUe/cF250MVDlkZbpq+mLtvAdW8pKiiPBlkx3yl36iDUX80qVG nlEGfDDhbEut3CM8/0laQpGUrwEAjccctWp35wRfuehlsGSX5/QZR9X0oO8hpm1zWhqv kraQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712834416; x=1713439216; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TEa2b9EhryAaNf5dUVoeY1CJi9plUxw6U9Fw6kJGZTo=; b=kcgUDW/SLZQ8JQG+qGkQIcA2GmeDUubXERthvnLwTHPIZB40TpDjaXADGXRwV+xN3t 5EULEjEBJT32S9hVZ76WXsy/+gxDBsrBA/G149jRCJexCHeJcm4hW5QvgcLM4DGsyZWe pzX9AnhV7hv9sPGqOgqXet+PVyrcCTIx8bjuwrq6kuGdGyBTpBerNgTxIj8cUh6LLdqk ESsSmuPGtBtxI9175qqI5KRy0x++xErm4NW+VugmHcqvNS3Crv6mekiDh5vp4EbVG+N1 ZVkXmWwzF4hdQRawDoqM0q6jJngMBAV3CmpSG4ZQScNFZc/iMwiYkD523HIYCj31XX36 bGew==
X-Forwarded-Encrypted: i=1; AJvYcCUhUZzz2TWMb8NQ5j33dyZVFz2YHnJY/nPwk8Z3cQCnEx5w3ymsb5nKSrL82G2QVrK/4QN6zEzqBwRWlj4n8DycK5RsCjnvQHzyxp3e4uYkt4EZuSj8B6TBHdNY90DVCyUx7GxOAOZYid0=
X-Gm-Message-State: AOJu0Yzck+n6MB24PrPhra8vls1e3zqEpM93ePuNpQQUMuxrK/vF6OI+ XipoyZ/TBiPTSrgVY14cp/t3L7gFw+aaz1jComlcD/dgNa7mIJPJMAgyKyAe6C0o6fqyEaes4vf Jlw9/Oo6C7JLF38e8sgKd8dVjur0=
X-Google-Smtp-Source: AGHT+IEtPSrworptLmgpVJIvAmFngLQOpPBfX67WQCx9+yHS96x1p6EyaBgaSGLxRGNvoXYyfqTaN4oNdmULMhBfU90=
X-Received: by 2002:a17:90b:8d1:b0:2a2:16db:a425 with SMTP id ds17-20020a17090b08d100b002a216dba425mr5872638pjb.26.1712834416228; Thu, 11 Apr 2024 04:20:16 -0700 (PDT)
MIME-Version: 1.0
References: <CAEh=tcd2FzQxgbSivuX2cEg2FpsnkoqdFw5gMhrx3pkT_JV88Q@mail.gmail.com> <2BEB5CC3-BB54-4119-A20F-8497ED4B5AE2@erg.abdn.ac.uk> <CAEh=tccKg7YHYkwKZ978uaXmTkBu3zyA+WBAW=eBMKAh2PSVDw@mail.gmail.com> <CACL_3VG6k9Rg4316dZUd5ksQ2pLZHxzDc2dZqVD0Z9yPQBo3Yw@mail.gmail.com>
In-Reply-To: <CACL_3VG6k9Rg4316dZUd5ksQ2pLZHxzDc2dZqVD0Z9yPQBo3Yw@mail.gmail.com>
From: Zaheduzzaman Sarker <zahed.sarker.ietf@gmail.com>
Date: Thu, 11 Apr 2024 13:20:05 +0200
Message-ID: <CAEh=tcc7xvi5rNtYXChr84_zp3Sq8bJE4684V4qhL580RZeE9Q@mail.gmail.com>
To: "C. M. Heard" <heard@pobox.com>
Cc: Christian Huitema <huitema@huitema.net>, "Gorry (erg)" <gorry@erg.abdn.ac.uk>, Martin Duke <martin.h.duke@gmail.com>, tsvwg <tsvwg@ietf.org>, draft-ietf-tsvwg-udp-options.all@ietf.org
Content-Type: multipart/alternative; boundary="000000000000f041c50615d0568d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/xC4M6R0nAmSLgjC-2yGgffk37YI>
Subject: Re: [tsvwg] Review of draft-ietf-tsvwg-udp-options-32
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Apr 2024 11:20:17 -0000
On Tue, Apr 9, 2024 at 8:26 PM C. M. Heard <heard@pobox.com> wrote: > On Tue, Apr 9, 2024 at 6:09 AM Zaheduzzaman Sarker < > zahed.sarker.ietf@gmail.com> wrote: > >> On Tue, Apr 9, 2024 at 12:48 PM Gorry (erg) <gorry@erg.abdn.ac.uk> wrote: >> > [ ... ] > >> So. I think given this, it is OK for the endpoints to send information >>> in UDP options which can be read (only) by the transit nodes and they can >>> indeed react to this. That has always been possible with tunnels, extension >>> headers, and transports - at least those not using transport encryption. >>> This comes with positive and negative impacts. >>> >>> In today’s world, a designer can choose to protect all of the transport >>> eg using QUIC - and many designs will follow that path. Although, there is >>> a large body of work in the IETF that still directly uses UDP. That to me >>> is OK if that best fits the use. >>> >> >> Yes, UDP should be considered as transport protocol. It would be good to >> have a view on how many of those large body of work uses or envision to use >> UDP options in clear. This would boost the motivation for this work and >> back up the need of UDP options. >> > > > It was recognized early in the development of the UDP options that they > would be useful for DPLPMTUD. This use case is documented > in draft-ietf-tsvwg-udp-options-dplpmtud, which has actually been ready for > publication for quite some time. > > Another potentially attractive use case was use of UDP options to allow > UDP-based request/response protocols such as DNS to send large responses > without relying on IP fragmentation (especially IPv6 fragmentation). Here's > how this would work: client includes the MRDS option in the request; > responder ignores said option unless it is option aware and has UDP options > enabled, in which case it can use the option to determine how to send a > large response using UDP fragmentation. This is incrementally deployable as > long as legacy applications ignore the UDP surplus area. We don't have an > I-D describing this use case. but one could be written if it would help to > back up the need for UDP options. > I agree it would useful to record this usecase. > > > >> The backwards compatibility with UDP was considered important in the >>> development of this Spec. >>> >> >> This point is absent, AFAIK in Section 16 of the draft now. >> > > > Adding such a discussion is a reasonable request; IMO the best place would > be Section 6 (Design Principles). > Please add it. > > > On Tue, Apr 9, 2024 at 10:16 AM Christian Huitema wrote: > >> On 4/9/2024 9:09 AM, Tom Herbert wrote: >> > I believe that processing of the options is already opt-in. Accepting >> > UDP surplus area (at least ignoring it and not dropping packet) and the >> > checksum processing I described are currently mandatory. >> >> And that's probably what need to change before this draft is published. >> Using the surplus area without the explicit consent of the application >> is an attack. The proper way to stop such attacks is to drop the whole >> packet, because only that inflicts a cost to the attacker. > > > > I disagree that use of the surplus area without the explicit consent of > the receiver automatically constitutes an attack, as long as the surplus > area is ignored by default. > > The attitude of dropping whatever you don't have a predetermined use for > is exactly what has made IPv4 options and IPv6 extension headers > essentially unusable in the open internet. > > Mike Heard >
- [tsvwg] Review of draft-ietf-tsvwg-udp-options-32 Martin Duke
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… touch@strayalpha.com
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Christian Huitema
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Martin Duke
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Martin Duke
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Zaheduzzaman Sarker
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Gorry (erg)
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Zaheduzzaman Sarker
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Christian Huitema
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Tom Herbert
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Christian Huitema
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Tom Herbert
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Christian Huitema
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Joe Touch
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… touch@strayalpha.com
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Sebastian Moeller
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… touch@strayalpha.com
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Zaheduzzaman Sarker
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Zaheduzzaman Sarker
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… touch@strayalpha.com
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Martin Duke
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Christian Huitema
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Christian Huitema
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Erik Auerswald
- [tsvwg] Discarding the UDP surplus area when prot… C. M. Heard
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… C. M. Heard
- Re: [tsvwg] Discarding the UDP surplus area when … Tom Herbert
- [tsvwg] github issue long term archiving[ wa… Sebastian Moeller
- Re: [tsvwg] Discarding the UDP surplus area when … Gorry Fairhurst
- Re: [tsvwg] Review of draft-ietf-tsvwg-udp-option… Zaheduzzaman Sarker