IETF Logo Mail Archive

Re: [tsvwg] signaling packet importance [was Re: New Version Notification for draft-herbert-fast]

Kaippallimalil John <john.kaippallimalil@futurewei.com> Mon, 14 August 2023 14:35 UTC

Return-Path: <john.kaippallimalil@futurewei.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BD91C1519AF for <tsvwg@ietfa.amsl.com>; Mon, 14 Aug 2023 07:35:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CNq07YSO7h1c for <tsvwg@ietfa.amsl.com>; Mon, 14 Aug 2023 07:35:44 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2116.outbound.protection.outlook.com [40.107.96.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A27CCC15198D for <tsvwg@ietf.org>; Mon, 14 Aug 2023 07:35:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AsT2wKbVMHpu/BiqGefp11JTolADBNL7c4vlzGwgq4YN4FKt1WnzBsIkiA9VvuQ80X3mfVNcGfmzaPjbDh53LsVnru1jv2XRYMmvloDCmeLkZbDHAvRtiEd5/6zXi9nFCg/5A4+p4Q5FuMPsYW1f+LDni7Fk3gQ9DCMbOc5IgLYuxXCX5dF5OKShvtqKgDztpJdsk2yaURvCqETlyenkvxM9BBX5KSpYrW0xR7wEfSnclPxmmvznbXO5DQzJa+hb1mZSdFPFyN3Q+wwlAdI6rGyW+CfF5ZeOGmot/7tNtKi73jle8LOX6IcsRDdzdn7CU/SWjM73dpjRZzzgW0/FcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=28DgYFPUfBCGTOhQ1iGilh6Urxw8CkxbIN2wjppQ/04=; b=aesYPPdTtKNlmLKm+YKUnsIwsaJ2YckhuuzU8iLQ/nvIF+qqQct1KhLvIBsnlgC9syRHkHrv73TlzxzrALQQbVguv5SdQDdnxm1qzQFB76Wd37rVOgbgGGfzA10t621gRNGh6Fq2OyxBo5/TLdSnJmW7ybKTXbZwJH0LlhUXiMjS7zx8U4pgfUS8YS9s9aX3YQnemAHpLgWOsZ/S1Sd0aOOIDr5U7NXeFRyBXLRMcEe4AAM8VS/JkH3HpOVBn3bbeBv8B5IHb2/Vxhe+wTG+/srvf8YupMm+TSj0J3HOpIK0b+vZ3lUVkfAkEM3/h8Q8BHKlh8Pvf9x7ELoNlWW6CA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=28DgYFPUfBCGTOhQ1iGilh6Urxw8CkxbIN2wjppQ/04=; b=VjXXX6diKb2wlguED4SHyndtz1PVZfJ5kH9FT2N+LO7YVw6OrXG0sRq5J+CCYT3I438dIj30b50sHA4amdw4SN5IfeuOtPEeq2GW1A0Yt3VHFzPp6mMY19b88cV9LXMuIsuQfJFp+n5/eYTHNeeVQOGFD+l3F6nrM5qIC/odzWU=
Received: from SN4PR13MB5311.namprd13.prod.outlook.com (2603:10b6:806:20a::7) by PH0PR13MB5518.namprd13.prod.outlook.com (2603:10b6:510:128::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6678.24; Mon, 14 Aug 2023 14:35:09 +0000
Received: from SN4PR13MB5311.namprd13.prod.outlook.com ([fe80::5483:9e90:a2ae:a415]) by SN4PR13MB5311.namprd13.prod.outlook.com ([fe80::5483:9e90:a2ae:a415%5]) with mapi id 15.20.6678.022; Mon, 14 Aug 2023 14:35:09 +0000
From: Kaippallimalil John <john.kaippallimalil@futurewei.com>
To: Sebastian Moeller <moeller0@gmx.de>
CC: "touch@strayalpha.com" <touch@strayalpha.com>, "C. M. Heard" <heard@pobox.com>, TSVWG <tsvwg@ietf.org>, Sri Gundavelli <sgundave@cisco.com>
Thread-Topic: [tsvwg] signaling packet importance [was Re: New Version Notification for draft-herbert-fast]
Thread-Index: AQHZyu6E0qPKBsQ2yk+WCZbm00c18a/inqWAgAE7igCAAclIgIAAVWQAgAF4VYCAAOijgIAAAyIQgABJ9QCAAABtQIAA3M0AgABOw/A=
Date: Mon, 14 Aug 2023 14:35:08 +0000
Message-ID: <SN4PR13MB531189ECB231455F7A0641F7E817A@SN4PR13MB5311.namprd13.prod.outlook.com>
References: <5014A95B-C4CC-40DE-8CC7-4503D438E7F4@gmail.com> <CALx6S340SWJNOgj17aYF7_ij1ygj3szv6TGnSAe+GU3aqOLT6g@mail.gmail.com> <EDC4FB06-2F31-403C-96CE-1DC3F69CDCB1@gmail.com> <CACL_3VHNu7W=8TnatkApjy2BcaSzhpp9Aq++1W+fvKH0=EJtPQ@mail.gmail.com> <1A0F0DC9-8E0B-461A-9FD1-32C4BF78BD29@strayalpha.com> <CACL_3VEycg263=MMYOdPSGav1obOaY7567uVmNRDzhgn60z97Q@mail.gmail.com> <8E3CC770-E94B-4CA8-9FBD-CE59B5AD68D7@strayalpha.com> <SN4PR13MB5311AC6D43344330601DB0A0E816A@SN4PR13MB5311.namprd13.prod.outlook.com> <53022E94-30DA-4D85-B42C-6AD57AE225FE@gmx.de> <SN4PR13MB5311ECEBF7141AC37D782047E816A@SN4PR13MB5311.namprd13.prod.outlook.com> <B2B6438D-96FC-4FBE-8361-70824CCBAAFC@gmx.de>
In-Reply-To: <B2B6438D-96FC-4FBE-8361-70824CCBAAFC@gmx.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=futurewei.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SN4PR13MB5311:EE_|PH0PR13MB5518:EE_
x-ms-office365-filtering-correlation-id: fe7be78e-dbc3-45c4-7f0f-08db9cd3a8fb
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JhEcXXEjc26BcZIzRot3vaAP4aE1oBs1qfhecUmUqSwbrL71NbZLn83KPc6RKtXdddfK8KYSnWJ8y2+pNEW6CwqHQtMkWo25u540qDGILT4K2rZC2nNweN9VQmOeoNx6EjiYI2wLXf2qANCGWXgoX76GI7r4Se2u3jsjRyrTKuc/gJV3YhMsXc09hak0czT3rH1nYRf+4pPkiM+1Kz7EB4+77TxONW7XQYeOSrOZMvMCfpolPnENSVbYCClYz6x/sKlszMwVurM3UVmUCPbZ4LMrEEKDd88dHO/QkHVwIrErxRFF/qzRM+APSzJW3+Fd05O4JDB+zTd4FLX/HzLF2Xj1+CUDkn2gqLQF/4lELecUl1XvMi6NmBkChpBNGObQpmURlbit2x2leb+yhzzvvmppUymbGUkj1uSYqiAWsCb3wU+Mu9ODvzDBwYX3DEHL4z6mDDL5felTXjKkYfb/NOKpbteCW0PPJvbv+C1h2e/jyKdrR3c0rOwsq2nJa7zYjJ28KBV0ctuKpfH9+4ZrM1Q5rVF2qDcsmeHBnCZ9LHVL1h97Xfx4vfwMlreT2slt++xx0ywgHFYjMQmGtyv8p7F0/5nIkbOg2LrJXDF85aSkD0BS2ON04wYLAkn7lfuyDoh67bbPXZInrBbq5zCJvBv96+6MQiIf//Bwg5HzKMA=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN4PR13MB5311.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(136003)(396003)(376002)(346002)(39830400003)(366004)(186006)(1800799006)(451199021)(55016003)(66899021)(478600001)(966005)(122000001)(71200400001)(45080400002)(8676002)(8936002)(4326008)(66556008)(64756008)(66446008)(6916009)(41300700001)(316002)(38070700005)(76116006)(66946007)(66476007)(38100700002)(54906003)(83380400001)(66574015)(6506007)(7696005)(53546011)(26005)(9686003)(86362001)(30864003)(2906002)(15650500001)(5660300002)(52536014)(33656002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 2ZLjMpnHboLaCU4hVZGZU0lZC0F5aTNzRLRTNhw3xb0rNxby+hiC2rjvyt6UpGsCSwg4eecGHuxp22OQCO8csiAZtxc+eZmHQ7v6cP65Axd3KJyyHUjjuS5rYoM4TAwbDvefyZxXvBXl8nr9Ejflzd8Y0Brpa2q4iWS3eWN9TCXoe9UPIyutsUC64rovhN0SBOh/yHmXpOu9KtSnSN/VOEOfTsr4b7KeaMJhwkXURsl1WuvXeD7RfZP/+C3PxsQ7vvaKPlniJEPmzecJKZGZvWvyGqvbz+5eXi6s3IG1WZMMYwAB/rIkc1Ik7EMSiYQBS/x/ehH2KpStDXG/XikHbZ23upLwTwtDYIcbe7F2Y0Mu4rVWqe66mP5H6tSVr38iGJELoz5z5k8zaAg9hNgScUXDmxxD9Arb0XiGvU7fLLpxg/wza3tmZ6cimdyuN0RWmn7TIlYpJIg48Kvm7SOtqydLjHXbPSaaUCK8vfl0BQeKoPCj2N/zcvUVpfkdwLIkpCQTaMBo64anYAXZk+LJQ+SmZLg2q8Hh6XvCgAUXeihGGyAa22hG6JGox0k6F4E7dbaV14iQFQ+paXpvbbLzKqiP8hj/D6WqJSvCNWOMKirrwpVK/fzc4B924LrJ6iKu7t/6v2JbN5fDpk/+Sh4FX0LCTo7JF3tKpldenS70qrJNStlGaqZr+KKrtS1kJw6jL8H3TAj517E50MFrX/xmMcABKC6kzyZC6aa6IQTtLfPSlfKGa0qTtg2Jf3xXbaoOP/WgBgYR3GPh1RsR47LhD0BB6+foGtas2Rk9wfbfc3zO0kRGFz26UnRFvQCFko0iKL0ENFszoO4VbmYgvL941GtlVLvel41egaqlC82OIhy4agMuZCK34luEpPf3Q6HLcBRTFK/SJiDV2QYc/Y/Mo5IjPOd7ouue2jKgTPfQ3N9by4Hvx0DPUN9zwvuTXytzSDxoR+0sCt/KkjP4nT1PLJBGKH57BUmM3ze3aWtjf00q0nqihrOWgyNW8PfBrI0RMXtbB1O3lv++X0At0NDa3MJhXWUT/IOwg2hEvHlluFG7CgOH+mzJqss1LK4D2RiXwOYwCw7M23tSE49gcVAiiP7GfIpun5ThdEnopN+43/BZhWixgeQSUD8ALbucIbn4xaDNTT97p9lRP4PVh9tDN7VmzKHgf4RcNG7A0qhjLyeF21LS7Fd689P+gEu/I03uKGtGTZ/zXC/gTCDXQlkmmp61e7lZdwM7qfO3zB3rTDKuu90uhgk4f1ItAre++9KUywMsdM0adhtrU76Wgs0NonXpptlHFcD4SoARDb6q/CV1gE47VdALInas1FgkIqEsmBXyKKRz7uXUiDr9cm9g1tXf0iAEduNDIMSAToG82WwbSlVPHXvt8scloiMYhzXMVJI5VF2vMZoZOxGEcW0ZKLhca9G+ZQe5D7xn6H9rs+IKSEH6j2mPWmssAfipdCzlfos2f5sYng0/f1xB4fs0VFPHMFWfyDfmpaXlmkTK1YNKNonBjxy4xWcS5MJ0zTASTkcA+zdJB6oNNWHXZlIfFo2Z2IwuxWvxqRhy31ojnHOIHf3vkCRWkEqoVo3b8h1l
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN4PR13MB5311.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fe7be78e-dbc3-45c4-7f0f-08db9cd3a8fb
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Aug 2023 14:35:09.0025 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lMXbhBpIAYdopM2TNcuY53ZyoGjHqvpCQ60QDF0VVHHLGS1BeI1wQwBN4c0lfrqROtU/SMRGw0nn5eegGX6CVg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR13MB5518
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/zOf2bvYNdamLh_NRU1aW5ERg5-g>
Subject: Re: [tsvwg] signaling packet importance [was Re: New Version Notification for draft-herbert-fast]
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Aug 2023 14:35:48 -0000

Hi Sebastian,

>  [SM] UDP options, even if used to communicate with the network, should IMHO always be end-to-end. So removing an option during transfer of a packet is problematic. If you must add a bit "acted upon" which is 
>  only set to one if a node evaluated the MED option...

I see the point. Adding a bit "acted upon", or "ignore this option" if it has transited an untrusted path and not removing the UDP option may be a good choice for retaining e2e behavior.
Lets think about it a bit more, but we will take it as an action point.

>  [SM] Okay, maybe add another bit "ignore this option"... but realistically this feels quite ad-hoc and not how I would design a protocol to talk to network nodes... I would like to see robust and reliable 
>  communication that does not rely on any path between sender and scheduling node to be fully compliant to some rules that require active intervention...
>  [SM] It essentially needs to trust the full path not having done any shenanigans, is that really as robust and reliable as desirable for a method that aims at affecting QoS/priorities?

The authors understand that this works only in limited domain scenarios that conform to the restrictions outlined in the draft.
But they also represent some significant use cases needed by the industry and not that narrow given how IP networks are deployed today. 

We in the IETF have been trying to solve the general problem for more than 15 years and when we get close to complete privacy/security, the solutions tend to be extremely complex and unusable.

Why don’t we consider to go with an incremental approach and build a limited solution (as with MED) with necessary security, but then scale out later:
1) start with MED in limited domains (but of course have protocol and procedure frameworks that can be extended)
2) if successful with 3GPP (or elsewhere), add signed data (AUTH UDP options ?) to know who is sending the option, or if data was tampered with.
3) a big next step would be full encryption but this requires comprehensive key provisioning spanning LxNxM /multiple domains and large number of nodes within.
 
The above approach would allow us to see if MED is useful, understand how to manage the safety in complex deployments and then build an even more robust system without throwing away the underpinnings.
Many 3GPP people and companies are interested but they would need the support from application providers (which they have in 3GPP) and the IETF for this to work out. 

(To misquote Churchill: UDP option (MED) and procedures maybe the worst, except for all the others.)

>  [SM] I am pretty sure if MED takes off and offers tangible benefits for scheduling it will also be used for unencrypted media streams (to spare the scheduling node the work to deep dive into the packets and 
>  collect that information). However my interest is keeping the MED option end to end and signal the end points whether the MED option was evaluated/acted upon.

Fully agree with this. 
The current 3GPP approach to dive into packets is because there is no other viable option.

BR,
John


-----Original Message-----
From: Sebastian Moeller <moeller0@gmx.de> 
Sent: Monday, August 14, 2023 3:55 AM
To: Kaippallimalil John <john.kaippallimalil@futurewei.com>
Cc: touch@strayalpha.com; C. M. Heard <heard@pobox.com>; TSVWG <tsvwg@ietf.org>; Sri Gundavelli <sgundave@cisco.com>
Subject: Re: [tsvwg] signaling packet importance [was Re: New Version Notification for draft-herbert-fast]

Hi John,


> On Aug 13, 2023, at 22:22, Kaippallimalil John <john.kaippallimalil@futurewei.com> wrote:
> 
> Hi Sebastian,
> 
>> [SM] Could you clarify what exactly "drop MED" means here:
>> a) the packet is dropped (by whom)?
>> b) the MED option is ignored by the scheduling node, and excised
>> c) the MED option is ignored by the scheduling node, and left alone
>> d) the sender stops emitting MED options
> 
> My mail was not clear earlier, sorry about that.
> By "drop", the intent is to remove the UDP option (MED) at the entrance (router) if it is from an untrusted domain. This is to be sure that the data is from a trusted domain only.

	[SM] UDP options, even if used to communicate with the network, should IMHO always be end-to-end. So removing an option during transfer of a packet is problematic. If you must add a bit "acted upon" which is only set to one if a node evaluated the MED option...

> The scheduling node (wireless access point, gNB, etc) will act on the data/option that is presented to it, as it only arrives from a trusted domain.

	[SM] Okay, maybe add another bit "ignore this option"... but realistically this feels quite ad-hoc and not how I would design a protocol to talk to network nodes... I would like to see robust and reliable communication that does not rely on any path between sender and scheduling node to be fully compliant to some rules that require active intervention...

> 
>> How will the sender/scheduling node actually know that the option was 
>> visible outside the limited trust-domain? I guess the sending network needs to have clear egress policies about which "exits" can be taken by MED adorned packets, but that means all exist nodes need to peek deep into the UDP headers...
> 
> The scheduling node (wireless access point, gNB) will use the data in MED with the assurance that it has transited only through domains which are trusted (or the whole flow encrypted if it transits an untrusted domain).

	[SM] It essentially needs to trust the full path not having done any shenanigans, is that really as robust and reliable as desirable for a method that aims at affecting QoS/priorities?


> Yes, the sending domains should have clear egress policy to forward only to a trusted domain, or encrypt across a untrusted network.
> And the receiving domain should verify that it is arriving from a trusted network likewise, or is encrypted.  (an example in 3GPP is the use of Security Gateways (SEG) across untrusted networks).

	[SM] I think I like the much less fickle approach where the MED option is always encrypted with a key only distributed to the relevant scheduling nodes.

> 
>> At that point I would argue that having the sender simply encrypt the 
>> option with a key the intended scheduler node(s) has/have makes a ton of sense (the scheduling node might even replace the encrypted MED option with its decrypted representation of the MED option for the benefit of the end-node (which then does not also need the key, and can recognize whether the MED option was evaluated)).
>> 
>> Side-note: I am still puzzled at how a scheduler would look like that is supposed to act on such rich information essentially in real-time.... and how to secure such a scheduler against abuse.
> 
> Key provisioning and management is quite complex if we are considering N applications x M wireless networks x Large number of endpoints.

	[SM] So is keeping your trusted paths trust worthy... plus as I proposed, have the scheduling nodes replace the encrypted MED with a plain text one, so end nodes need no keys and immediately see what information was used by the scheduler...


> Note that the content of the packet is always encrypted, and the key management here is for the UDP option/metadata.

	[SM] I am pretty sure if MED takes off and offers tangible benefits for scheduling it will also be used for unencrypted media streams (to spare the scheduling node the work to deep dive into the packets and collect that information). However my interest is keeping the MED option end to end and signal the end points whether the MED option was evaluated/acted upon.


> If we are looking at the general internet,

	[SM] Which, respectfully we should for an IETF PS/Experimental draft, what 3GPP members do in their own private networks (assuming it is without side effects) would not really need IETF RFC status, no?


> I agree that what you suggest, or something like that, would be necessary to secure against abuse.
> In the draft, we have a smaller scope, i.e., that of a trusted limited domain consisting of application, wireless network.
> (Two examples there: (1) an Edge Site connected to a Mobile access 
> network, (2) scenario in (1), but with an untrusted transport network 
> in between over which the entire data is bulk encrypted using IPSec)


	[SM] To me this would make this an informational draft, "look IETFers here is what 3GPP members will do in their private networks". But if it is without side effects, it might not need an RFC at all.
	However, I assume that you want video transmission servers to actually gain the ability to emit MED options, so the whole thing then will not be so nicely compartmentalized, at that point I think looking outside of the initial private use-case gains more importance.

Regards
	Sebastian





> 
> BR,
> John
> 
> 
> -----Original Message-----
> From: Sebastian Moeller <moeller0@gmx.de>
> Sent: Sunday, August 13, 2023 2:43 PM
> To: Kaippallimalil John <john.kaippallimalil@futurewei.com>
> Cc: touch@strayalpha.com; C. M. Heard <heard@pobox.com>; TSVWG 
> <tsvwg@ietf.org>; Sri Gundavelli <sgundave@cisco.com>
> Subject: Re: [tsvwg] signaling packet importance [was Re: New Version 
> Notification for draft-herbert-fast]
> 
> Hi John,
> 
> 
>> On Aug 13, 2023, at 17:47, Kaippallimalil John <john.kaippallimalil@futurewei.com> wrote:
>> 
>>> My concern is that endorsing use of UDP options to signal in-network devices could cause the same reaction as IP HBH options - that they could be seen as unsafe to routers and could cause an over-reaction that causes >  deliberate blocking or stripping.
>>> 
>>> As the discussion noted, that’s not currently the case, or at least 
>>> as best can be determined. I
>>> 
>>> It’d be useful to avoid creating new reasons that routers would want to interfere. I.e., the question isn’t whether IP options are an alternative - they clearly are the appropriate place for draft-kaippallimalil-tsvwg-media->  hdr-wireless and draft-reddy-tsvwg-explcit-signal - it’s whether using UDP options for those purposes could jeapordize them for everyone else.
>> 
>> The procedures in draft-kaippallimalil-tsvwg-media- hdr-wireless can in theory be realized by encoding it in IPv6 HBH options (IPv4 is another questions) but I share Mike's concern about the timeline.
>> (-- " Those might bear fruit someday, though the timeline is at best uncertain").
>> The authors (of tsvwg-media- hdr-wireless) are primarily looking to providing a viable solution for 3GPP in the short term (end of 2024 or so) even if it is an Experimental or Informational one.
>> 
>> And I acknowledge the issue that Joe has pointed to - of whether UDP options will be seen as unsafe, and a corresponding over-reaction.
>> Our attempt in draft-kaippallimalil-tsvwg-media- hdr-wireless to avoid this has been that:
>> -  the MED option is to be used only within a limited domain that 
>> spans an application network and wireless network with 
>> pre-established trust (RFC 8799)
>> -  if the MED option crosses an "untrusted network" (e.g. , a transport network in between), the entire flow should be encrypted such that MED is not visible.
>> -  if a MED option is visible outside the limited domain with trust (set of application, wireless networks), the draft recommends that MED be dropped.
> 
>        [SM] Could you clarify what exactly "drop MED" means here:
> a) the packet is dropped (by whom)?
> b) the MED option is ignored by the scheduling node, and excised
> c) the MED option is ignored by the scheduling node, and left alone
> d) the sender stops emitting MED options
> 
> How will the sender/scheduling node actually know that the option was visible outside the limited trust-domain? I guess the sending network needs to have clear egress policies about which "exits" can be taken by MED adorned packets, but that means all exist nodes need to peek deep into the UDP headers...
> 
> At that point I would argue that having the sender simply encrypt the option with a key the intended scheduler node(s) has/have makes a ton of sense (the scheduling node might even replace the encrypted MED option with its decrypted representation of the MED option for the benefit of the end-node (which then does not also need the key, and can recognize whether the MED option was evaluated)).
> 
> Side-note: I am still puzzled at how a scheduler would look like that is supposed to act on such rich information essentially in real-time.... and how to secure such a scheduler against abuse.
> 
> Regards
>        Sebastian
> 
> 
>> 
>> BR,
>> John
>> 
>> 
>> 
>> From: tsvwg <tsvwg-bounces@ietf.org> On Behalf Of 
>> touch@strayalpha.com
>> Sent: Sunday, August 13, 2023 10:07 AM
>> To: C. M. Heard <heard@pobox.com>
>> Cc: TSVWG <tsvwg@ietf.org>; Sri Gundavelli <sgundave@cisco.com>
>> Subject: Re: [tsvwg] signaling packet importance [was Re: New Version 
>> Notification for draft-herbert-fast]
>> 
>> My concern is that endorsing use of UDP options to signal in-network devices could cause the same reaction as IP HBH options - that they could be seen as unsafe to routers and could cause an over-reaction that causes deliberate blocking or stripping.
>> 
>> As the discussion noted, that’s not currently the case, or at least 
>> as best can be determined. I
>> 
>> It’d be useful to avoid creating new reasons that routers would want to interfere. I.e., the question isn’t whether IP options are an alternative - they clearly are the appropriate place for draft-kaippallimalil-tsvwg-media-hdr-wireless and draft-reddy-tsvwg-explcit-signal - it’s whether using UDP options for those purposes could jeapordize them for everyone else.
>> 
>> draft-daiya-tsvwg-udp-options-protocol-number is of a completely different nature; it aims to be part of the transport protocol in chaining the meaning of protocol layers, rather than encoding them all in the destination port of the first exchange. In that regard, it’s more like draft-touch-tcpm-sno (service number option), except that it would require similar ’next protocol’ identifiers at all protocol layers, which is (sadly) not the way current services and protocol stacks work.
>> 
>> Joe
>> 
>> 
>> —
>> Dr. Joe Touch, temporal epistemologist
>> https://nam11.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.
>> strayalpha.com%2F&data=05%7C01%7Cjohn.kaippallimalil%40futurewei.com%
>> 7C070b596335724749e5c908db9ca427da%7C0fee8ff2a3b240189c753a1d5591fedc
>> %7C1%7C0%7C638276001098751063%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjA
>> wMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&s
>> data=z5%2FA42LUPCQRV5tWDE5DEfLrNXyCmCelzlUoek4Qcrw%3D&reserved=0
>> 
>> 
>> On Aug 12, 2023, at 6:14 PM, C. M. Heard <mailto:heard@pobox.com> wrote:
>> 
>> On Fri, Aug 11, 2023 at 7:47 PM Joe Touch wrote:
>> Just to be clear:
>> On Aug 11, 2023, at 2:42 PM, C. M. Heard <mailto:heard@pobox.com> wrote:
>> I've been pushing the idea to co-opt the per-fragment UDP options used for host-to-network signaling, and I'd like to make some comments about that.
>> 
>> This confuses transport options with network options.
>> 
>> Not confusion, but rather an explicit proposal to use the per-fragment options as network options instead of transport options. It is put forward to provide potentially workable solutions to the problems that draft-kaippallimalil-tsvwg-media-hdr-wireless and draft-reddy-tsvwg-explcit-signal are intended to solve.
>> 
>> Granted, an architecturally preferable way to accomplish these objectives would be to use IPv4 Options or IPv6 Hop-by-Hop Options. Indeed, I myself would prefer for IPv4/IPv6 Options to be used if the issues of high discard rates of packets with these options could be solved. There are efforts underway to mitigate the problems for IPv6 Hop-by-Hop Options. Those might bear fruit someday, though the timeline is at best uncertain. But as far as I know, the discard rates for IPv4 Options are equally dismal, and there are no efforts underway to fix that problem. Correction by parties with better knowledge of the facts than mine are invited.
>> 
>> My take is that the problems that draft-kaippallimalil-tsvwg-media-hdr-wireless and draft-reddy-tsvwg-explcit-signal (and possibly draft-daiya-tsvwg-udp-options-protocol-number as well) could, in principle, be solved by what I see as a modest change of direction to the UDP Options spec. Whether that would work out in practice is much less certain, for the reasons that Tom Herbert has pointed out. IMO it is a judgement call whether the chances are better to get IP Options (in any version) to work within our professional lifetimes. Given that, I don't think it would be right to turn draft-kaippallimalil-tsvwg-media-hdr-wireless and draft-reddy-tsvwg-explcit-signal away without a proper discussion.
>> 
>> Thanks,
>> 
>> Mike
>> 
>

v2.23.0 | Report a Bug | By Email