Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-23.txt
Joe Touch <touch@strayalpha.com> Tue, 26 September 2023 17:10 UTC
Return-Path: <touch@strayalpha.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8751CC14CE38 for <tsvwg@ietfa.amsl.com>; Tue, 26 Sep 2023 10:10:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.433
X-Spam-Level:
X-Spam-Status: No, score=-0.433 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, MIME_HTML_ONLY_MULTI=0.001, MIME_QP_LONG_LINE=0.001, MPART_ALT_DIFF=0.79, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RUUCAYqrlcxq for <tsvwg@ietfa.amsl.com>; Tue, 26 Sep 2023 10:10:27 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A220C1522C6 for <tsvwg@ietf.org>; Tue, 26 Sep 2023 10:10:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Transfer-Encoding:Content-Type:Sender: Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender :Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=n5GrrCQBqCIluclro4bMR6f9V1BRt3fj9S2PPSS+oDQ=; b=2CdfTXmn/0Pizc61hRlCdLCOEU nrz1qfKcR7c8T6kuJkXKSLgspk/k7kjkSXgkZvDT+YBF6W+73MYJIq3WuzxEyVb+t+uxIMKEgZZ0k XE1ZXkGSnNg2XZTMMZYqbey2t/a9W/4ZZSzGRMY533+hB+UvstxYjskW0HoxF8s2E5cZqJW+pTA41 TCGSoJEBvb/1fu18qg5JSQl3aW1cHdQebyKpWFVa3asISpyYmt10n6WKV/guTwV5JedZSDHKutYcJ h2d1LV7rHfSauTJKZxxfYBa8iN49Hc9OXrmE0fhgAMU3jPwi4TbCZ/91yidV5R2QE2+oEBQqKslD0 UOf94vwQ==;
Received: from [172.58.209.95] (port=11631 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from <touch@strayalpha.com>) id 1qlBZg-00Gslk-0z; Tue, 26 Sep 2023 13:10:21 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail-8BE6B6FA-1C86-4E0B-BBF4-6A903FCC90DC"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (1.0)
From: Joe Touch <touch@strayalpha.com>
In-Reply-To: <68685502-E308-46B0-A1C9-EB1D0EA9D31B@strayalpha.com>
Date: Tue, 26 Sep 2023 10:10:04 -0700
Cc: Tom Herbert <tom=40herbertland.com@dmarc.ietf.org>, TSVWG <tsvwg@ietf.org>
Message-Id: <46DB3108-6D66-4892-9623-0FB68F57AB20@strayalpha.com>
References: <68685502-E308-46B0-A1C9-EB1D0EA9D31B@strayalpha.com>
To: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
X-Mailer: iPad Mail (21A340)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/yLMvEyoeOavS8gZCAHTndVDN40Y>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-23.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Sep 2023 17:10:31 -0000
On Sep 26, 2023, at 10:08 AM, Joe Touch <touch@strayalpha.com> wrote:
Changing that behavior would be inconsistent with the design of the options overall.The definition of a safe option is just that. Of you make APS unsafe, Teheran it cannot interoperate with legacy endpoints at all.JoeOn Sep 26, 2023, at 9:11 AM, Gorry Fairhurst <gorry@erg.abdn.ac.uk> wrote:On 26/09/2023 16:46, Joe Touch wrote:
Gorry,
Your view of APC doesn’t align with the text, which had been stable for a while now.
The current text also explains why the current behavior is needed.
JoeYes, I see, I seem to have overlooked this change when it was added in -09, it wasn't what I expected to read. Can we change this behaviour?
As stated, it isn't an alternative to a UDP Checksum: it adds bytes that a receiver may or may not ignore, so therfore a sender still needs to add a checksum, and I am not sure how this helps a sender whoi can anyway include a CRC within the data it sends, to me this just seems weird?
Gorry
On Sep 25, 2023, at 11:58 PM, Gorry Fairhurst <gorry@erg.abdn.ac.uk> wrote:
On Sep 25, 2023, at 7:36 PM, Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> wrote:
See below.
—Dr. Joe Touch, temporal epistemologisthttp://www.strayalpha.com/" rel="noreferrer noreferrer noreferrer nofollow" target="_blank">www.strayalpha.com
On Sep 25, 2023, at 5:21 PM, Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> wrote:
On Mon, Sep 25, 2023 at 5:08 PM touch@strayalpha.com
<touch@strayalpha.com> wrote:
On Sep 25, 2023, at 4:14 PM, Tom Herbert <tom=40herbertland.com@dmarc.ietf.org> wrote:
On Mon, Sep 25, 2023, 3:55 PM touch@strayalpha.com <touch@strayalpha.com> wrote:
FWIW, you can also “require ACS” at the receiver, if you want. That would ensure that ACS was both present and valid.
UDP options are based on the core rule that senders decide what to offer and receivers decide what’s required.
Joe,
For something like CRC, the sender is in a much better position to decide if it's needed.
Whether it is or is not, that’s not something UDP options supports - what UDP supports is based on a bunch of principles, including the need to support legacy receivers. So if something is “required”, the receiver has to demand and check for it.
For example, if two hosts were communicating over a rack switch, the ACS is probably pointless since Ethernet CRC is sufficient. But, if the hosts were communicating over an unreliable satellite link then ACS might be critical.
Or the link/phy layer might have its own checks anyway, e.g., block checksums. End to end errors happen during reassembly or in memory, not all that often on links that aren’t checked, AFAIR.
In both those cases, it's the sender that has the best view as to what's required because it may require knowledge of the path to the destination. So, if the sender computes the ACS, then the receiver should honor that and verify it.
In some other protocol where those semantics can be demanded, perhaps. But remember that anything the sender “demands”, except for encryption, is at best a “request”; receivers always get to decide what they enforce anyway.
Joe,
I believe the general consensus in IETF is that checksum or CRCs may
be optional to send, but not optional to validate when received. The
precedent was established in RFC1122: "If a UDP datagram is received
with a checksum that is non-zero and invalid, UDP MUST silently
discard the datagram."
That’s for checksums you know are coming. A legacy receiver won’t know or care.
UDP option-aware receivers work like legacy receivers UNTIL they are explicitly told otherwise. That’s the basic operational principle.
So you can tell your receiver to care about ACS if it shows up all the time. Or not.
Here’s the current text, which follows these principles:>> UDP packets with incorrect APC checksums MUST be passed to the application by default, e.g., with a flag indicating APC failure. Like all SAFE UDP options, APC needs to be silently ignored when failing by default, unless the receiver has been configured to do otherwise. Although all UDP option-aware endpoints support APC (being in the required set), this silently-ignored behavior ensures that option-aware receivers operate the same as legacy receivers unless overridden.For user perspective, if I set the ACS in my packets but the receiver
may or may not validate it then it doesn't seem very useful as a check
for corruption of the sender's data.
It is useful when the receiver agrees it is useful.
I'd probably put a CRC in the UDP
payload instead that I can assure it is always verified by the
receiving application.
You can do that if you want, but then it means that it cannot be silently ignored by a legacy receiver.
Right, that's exactly the desired non-deterministic
Deterministic I meant
behavior that we want with regards to a CRC. Silently ignoring the CRC also means that data corruption would also be silently ignored.
So you have two choices:
1. Use UDP options with ACS (which is now APC)a cooperating receiver would know to set APC as required and would drop packets if APC fails
2. Create a new application that knows to require APCso that the application can enforce CRC in the payload
But if you can do (2), why not do (1) and have the application enforce APC-required?
JoeI'm reading this with some doubt now.
I think option the above option 2 needs to be strongly discouraged: it provides a place to send an integrity check, but it doesn't protect the parsing of the other options nor their data, which would leave all other fields unprotected. That check would better be provided within the application data, and we ought to remove this option if that is all it does.
Here is what I thought had been designed:
I expect a sender chooses whether to add an APC option.
If a receiver receives the APC option, the receiver must to either:
- discard all datagrams that contain an APC that it decides not to check, or when the APC fails.
- forward datagrams that contain an APC that passes. (It MIGHT be configured to always expect an APC: which I think is the ONLY receiver decision).
... This differs from the benign "use or ignore" processing that applies to most options, but it is exactly the required logic that I would expect and I thought we previously discussed.
Gorry
- [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-… internet-drafts
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Alex Burr
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Lloyd W
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Rodney W. Grimes
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Michael Welzl
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Gorry Fairhurst
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Tom Herbert
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Erik Auerswald
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Erik Auerswald
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Joe Touch
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Erik Auerswald
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… touch@strayalpha.com
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… C. M. Heard
- Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-opti… Sebastian Moeller