IETF Logo Mail Archive

Re: [Webtransport] Http3Transport: Connection-basd Functionality

David Schinazi <dschinazi.ietf@gmail.com> Sat, 20 February 2021 00:11 UTC

Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: webtransport@ietfa.amsl.com
Delivered-To: webtransport@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C0823A091B for <webtransport@ietfa.amsl.com>; Fri, 19 Feb 2021 16:11:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8U6JmzhHw0Fx for <webtransport@ietfa.amsl.com>; Fri, 19 Feb 2021 16:11:55 -0800 (PST)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0D6F3A091C for <webtransport@ietf.org>; Fri, 19 Feb 2021 16:11:55 -0800 (PST)
Received: by mail-pl1-x62c.google.com with SMTP id z7so4250688plk.7 for <webtransport@ietf.org>; Fri, 19 Feb 2021 16:11:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=U97XYN8kr/Eu5J6Qeax02suefjGhKQI26UFHEnNfiRA=; b=Ompyzp2z8n+j2zIS9q1YV2TpJEXa1f4pCDqO+nEFOXYKm5HzreWEyaFZGaqNtsYKvN OcNXK5djTvIvbmCIeijXR7yu31CiwlBJmJP+wgrrAZGG5hv7fFhy7i1pZDwoU4WS3cRQ krGmUAsqDNSq10WVWeusenQe9ojcuDP7ESAoB49l4sa1WjrPYZfb3VrA02sEPvt6c++9 Yo0Alc7zzvWgxmpqwq6X96hqkL0ayaQoRbR+y18lLn/+W2wyJ9yDSoOu3l+wki5VVL7U swkvpNDYNxl7JPo99g4zgUXNSe9AnCEhZEQjHnkTn10G7GyOXvuh9TpcNTu9CEDzzT7f Y4Aw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=U97XYN8kr/Eu5J6Qeax02suefjGhKQI26UFHEnNfiRA=; b=Ja9B8EGPpiZbmOyzt4jQQal/bGDlYgq18FwlIV1hAGez1B3jLMEDGGJA2W1MfjWNo5 5y8WcE/2PsB7O9ltXLZWBo0W7VTj74NQYQ/fWHhrMeftLI0uzxrwJkBXCdKjf1BJafe5 m534SWcip9r0a6n3EY6KOVABAnpw5kAUAROiqBHOEklNOzl+eN5VGrJyN1W27mKcmAHu TZgX027gMj6hjgp9JfoPeczGVlvEJJmhGPqd09YgOGJqLhaPqwaPQAPIEircLhbo9idm GOGRUd5M4aJhrkXE8HEHwqGC7t2Wozkvg1OffW3AKZq3Vs9iuqqbzBuvW+lVUDt1fBSr UpvA==
X-Gm-Message-State: AOAM531jDnVelLFzH51Z+QO3bSErezveHZmaaOm9DIiPatB5EyzefwIw VqXJi86ICpe9cc6cLOHK4w0XjKsPC0cFzp3TgjIjfO5w
X-Google-Smtp-Source: ABdhPJxKskzo73etDSZPnh+rlEF020HTbTXm3M8ECXwFCfL7B3BfgcScSU4Au6YVSCTRMnKFR8STIDFVIlPvCzt6LFM=
X-Received: by 2002:a17:902:ce83:b029:de:6b3c:fcd2 with SMTP id f3-20020a170902ce83b02900de6b3cfcd2mr11212040plg.67.1613779913592; Fri, 19 Feb 2021 16:11:53 -0800 (PST)
MIME-Version: 1.0
References: <CAHVo=ZmRketpx02KeYPSHSB2gQNvYi6RSs3HrXA1isYTgYorLg@mail.gmail.com> <CAOW+2duU6Xg98Tpec6NbEL5pyxAShp76rPMyZV07Wpmx3pJX2Q@mail.gmail.com> <CAHVo=Z=o-oMfWaOUMxjtgaTNVvo28ot5EhinE+uio19-c2S0Gg@mail.gmail.com> <CAPDSy+6tWTWyL6KHZTGJ3z3L6ZGJmTrVyiPiq0zRo-SGUb39tg@mail.gmail.com> <CAHVo=Z=gsLRuFFuYiXo73HwPiThgGH5n_scw7Bn8aNrAjQ2Dig@mail.gmail.com>
In-Reply-To: <CAHVo=Z=gsLRuFFuYiXo73HwPiThgGH5n_scw7Bn8aNrAjQ2Dig@mail.gmail.com>
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Fri, 19 Feb 2021 16:11:42 -0800
Message-ID: <CAPDSy+6LT9dMS6RofRzdqL6R5VFDRfv21qV+Xd9jx22w2yyuZA@mail.gmail.com>
To: Luke Curley <kixelated@gmail.com>
Cc: Bernard Aboba <bernard.aboba@gmail.com>, WebTransport <webtransport@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007ed4d005bbb96a37"
Archived-At: <https://mailarchive.ietf.org/arch/msg/webtransport/W_wEM9-qHAIVO2BUeUpujatrq6w>
Subject: Re: [Webtransport] Http3Transport: Connection-basd Functionality
X-BeenThere: webtransport@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <webtransport.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webtransport>, <mailto:webtransport-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webtransport/>
List-Post: <mailto:webtransport@ietf.org>
List-Help: <mailto:webtransport-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webtransport>, <mailto:webtransport-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Feb 2021 00:11:58 -0000

Thanks!

WebTransport is intentionally designed to be limited because we don't want
to expose too much to JavaScript.
Similarly, when JavaScript is using WebSocket, we don't let it access TLS
extensions or TCP flow control information, as doing that could cause
security issues.

To your MAX_STREAMS/MAX_DATA example, I think there's value in having
WebTransport-specific flow control, but I don't think that should rely on
the underlying transport and connection, we can easily build that inside
WebTransport itself.
In other words, if there are QUIC-connection-level features that we think
might benefit WebTransport applications, we should analyze their security
implications and add those specifically to WebTransport instead of giving
JavaScript blanket control over connection properties.

David

On Fri, Feb 19, 2021 at 2:59 PM Luke Curley <kixelated@gmail.com> wrote:

> Good examples, because HTTP/3 is currently the only QUIC application and
> it doesn't utilize both of those. But QUIC doesn't prohibit an
> application/protocol from utilizing the connection ID or TLS extensions. It
> could be useful for some future purpose, like the client using a
> pre-arranged connection ID (encoded with routing info?) or new TLS
> extensions/parameters (remove a round trip for a handshake?).
>
> WebTransport does prohibit using these connection-level functionalities
> for the sake of pooling. None of this is critical functionality, but it
> might hamper future efforts which is why I wanted to bring up the one-way
> door.
>
> It's on my mind because I'm designing a video protocol over QUIC. It would
> be nice if I could use MAX_STREAMS, MAX_DATA, etc, but as it stands now,
> I'll need to implement my own flow control mechanisms for WebTransport
> (browser) support.
>
> On Fri, Feb 19, 2021 at 2:27 PM David Schinazi <dschinazi.ietf@gmail.com>
> wrote:
>
>> Hi Luke,
>>
>> Can you elaborate on what benefits you see in exposing
>> QUIC-connection-level information to a WebTransport application?
>> In particular, which information would benefit WebTransport applications?
>> Because for example I don't see how knowing the connection ID or transport
>> parameters would be useful, but I could just be missing something.
>>
>> David
>>
>> On Fri, Feb 19, 2021 at 1:56 PM Luke Curley <kixelated@gmail.com> wrote:
>>
>>> Oh man I just noticed the typo in the email subject... that's
>>> embarrassing.
>>>
>>> I mentioned this earlier, but I think pooling is a potential future
>>> optimization. The benefit is that pooling can avoid additional TLS
>>> handshakes iff a client has multiple WebTransport or HTTP/3 connections to
>>> the same host (rare?). The cost of pooling is that connection-level QUIC
>>> functionality is no longer available, and must be avoided or worked around.
>>>
>>> I liked how QuicTransport was connection oriented and I think something
>>> similar could be done for Http3Transport without precluding pooling support
>>> in the future.
>>>
>>> On Fri, Feb 19, 2021 at 1:32 PM Bernard Aboba <bernard.aboba@gmail.com>
>>> wrote:
>>>
>>>> Luke --
>>>>
>>>> Thanks for bringing this up!
>>>>
>>>> At the Interim meeting, we talked about having the API provide some
>>>> control over pooling (e.g. allowing an appiication to specify that a
>>>> WebTransport connection not be pooled), as well as allowing a server to
>>>> specify that it doesn't support pooling.
>>>>
>>>> In W3C WebTransport WG we are now in the process of developing PRs to
>>>> deal with pooling, and are running into some of the same questions, such
>>>> as:
>>>>
>>>> 1. Under what circumstances can WebTransport connections be pooled, and
>>>> what kinds of pooling are allowed?
>>>> PR: https://github.com/whatwg/fetch/pull/1171
>>>>
>>>> 2.  What are the differences in API behavior between Http3Transport and
>>>> quic-transport?
>>>> PR: https://github.com/w3c/webtransport/pull/205
>>>>
>>>> 3.  For Http3Transport, are there differences in API behavior between
>>>> non-sharable connections and sharable ones (e.g. behavior of
>>>> webtransport.close())?
>>>> Also coming up in PR: https://github.com/w3c/webtransport/pull/205
>>>>
>>>> 4. For a non-sharable WebTransport connection, is it possible to obtain
>>>> some of the stats that were supported for quic-transport, but would not be
>>>> appropriate for a sharable transport?
>>>> Issue: https://github.com/w3c/webtransport/issues/206
>>>>
>>>>
>>>>
>>>> On Fri, Feb 19, 2021 at 12:49 PM Luke Curley <kixelated@gmail.com>
>>>> wrote:
>>>>
>>>>> Hey everybody, I wanted to start the discussion now that Victor's
>>>>> document has been adopted!
>>>>>
>>>>> I filed some issues
>>>>> <https://github.com/ietf-wg-webtrans/draft-ietf-webtrans-http3> earlier
>>>>> on Github over a few small things. Overall, the draft is clean and it's
>>>>> nice that we've converged on a single WebTransport protocol. One bigger
>>>>> topic I wanted to discuss is the ramifications of connection pooling.
>>>>>
>>>>> Broadly speaking, any QUIC parameters or frames that operate on the
>>>>> connection as a whole can no longer be exposed to the application.
>>>>> Specifically: MAX_DATA, MAX_STREAMS, CONNECTION_CLOSE*, connection ID, and
>>>>> any transport parameters.
>>>>>
>>>>> The WebTransport specification specifically mentions MAX_STREAMS, as
>>>>> HTTP/3 servers can no longer use this to limit the number of simultaneous
>>>>> requests. Returning an error code instead of utilizing the built-in flow
>>>>> control is not a problem, but it's not ideal either.
>>>>>
>>>>> I believe this is a one-way door in general. Any protocols or
>>>>> applications built on top of QUIC will no longer be able to use
>>>>> connection-based QUIC features without breaking WebTransport compatibility.
>>>>> This primarily means HTTP/3, but it also includes any new protocols that
>>>>> utilize QUIC and desire browser support.
>>>>>
>>>>> What does the group think? Is this something worth caring about?
>>>>> --
>>>>> Webtransport mailing list
>>>>> Webtransport@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/webtransport
>>>>>
>>>> --
>>> Webtransport mailing list
>>> Webtransport@ietf.org
>>> https://www.ietf.org/mailman/listinfo/webtransport
>>>
>>

v2.8.7 | Report a Bug | By Email