Internet DRAFT - draft-montenegro-quic-negotiate-pnp
draft-montenegro-quic-negotiate-pnp
QUIC G. Montenegro
Internet-Draft N. Banks
Intended status: Informational P. Balasubramanian
Expires: August 1, 2019 Microsoft Corporation
January 28, 2019
QUIC Negotiation for Header Protection
draft-montenegro-quic-negotiate-pnp-03
Abstract
This document defines an extension to reduce the cost of QUIC
deployment in environments like datacenters by allowing header
protection to be optionally disabled.
Note to Readers
Discussion of this draft takes place on the QUIC working group
mailing list (quic@ietf.org), which is archived at
https://mailarchive.ietf.org/arch/search/?email_list=quic [1].
Working Group information can be found at https://github.com/quicwg
[2]; source code and issues list for this draft can be found at
https://github.com/quicwg/base-drafts/labels/-recovery [3].
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 1, 2019.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
Montenegro, et al. Expires August 1, 2019 [Page 1]
Internet-Draft QUIC Header Protection Negotiation January 2019
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions and Definitions . . . . . . . . . . . . . . . . . 2
3. Transport Parameter to Disable Header Protection . . . . . . 3
4. Security Considerations . . . . . . . . . . . . . . . . . . . 3
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 3
6.1. Normative References . . . . . . . . . . . . . . . . . . 4
6.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 4
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 4
1. Introduction
QUIC is a new transport for the internet. In its generality, there
are features which are not well suited for some environments. In
particular, QUIC uses Header Protection to prevent ossification and
to provide unlinkability upon (voluntary) migration. However, there
are environments where these are not a concern, in particular,
connections within a datacenter.
This document defines a negotiation mechanism using transport
parameters to disable header protection. Internet facing nodes
SHOULD NOT disable header protection, so browsers, for example,
should not implement this extension. On the other hand, configured
nodes within a datacenter could turn off header protection in their
exchanges to avoid the CPU cost that header protection implies.
2. Conventions and Definitions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Montenegro, et al. Expires August 1, 2019 [Page 2]
Internet-Draft QUIC Header Protection Negotiation January 2019
3. Transport Parameter to Disable Header Protection
This document defines a new transport parameter for QUIC
[QUIC-TRANSPORT]:
disable_header_protection (0x000c ?, value TBD): The endpoint is
disabling header protection as specified in [QUIC-TLS]. This
parameter is a zero-length value. This parameter only affects
short headers.
A successful negotiation of the "disable_header_protection" parameter
requires both peers to send this transport parameter as well as the
"disable_migration" parameter.
An endpoint MUST treat receipt of "disable_header_protection" without
the "disable_migration" parameter as a connection error of type
TRANSPORT_PARAMETER_ERROR.
Peers that have successfully negotiated the
"disable_header_protection" parameter MUST NOT use header protection
on short header packets.
4. Security Considerations
Header protection was added as a partial mitigation against
linkability, and to prevent ossification. The
"disable_header_protection" parameter should be negotiated in
environments in which these are not a concern.
5. IANA Considerations
Per section 10 of [QUIC-TLS], this document requests IANA assign a
value for the new transport parameter and record it in the registry
for "QUIC Transport Parameters" under the "QUIC Protocol" heading.
IANA is further requested to assign a value with the first byte in
the range 0x00 to 0xfe (in hexadecimal) as follows:
+--------+---------------------------+---------------+
| Value | Parameter Name | Specification |
+--------+---------------------------+---------------+
| 0x000c | disable_header_protection | This document |
+--------+---------------------------+---------------+
6. References
Montenegro, et al. Expires August 1, 2019 [Page 3]
Internet-Draft QUIC Header Protection Negotiation January 2019
6.1. Normative References
[QUIC-TLS]
Thomson, M., Ed. and S. Turner, Ed., "Using Transport
Layer Security (TLS) to Secure QUIC", draft-ietf-quic-tls-
latest (work in progress).
[QUIC-TRANSPORT]
Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
Multiplexed and Secure Transport", draft-ietf-quic-
transport-latest (work in progress).
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
6.2. URIs
[1] https://mailarchive.ietf.org/arch/search/?email_list=quic
[2] https://github.com/quicwg
[3] https://github.com/quicwg/base-drafts/labels/-recovery
Acknowledgments
Thanks to the following individuals for useful discussions: Christian
Huitema, Martin Thomson, Mikkel Fahnoee Joergensen, Ian Swett, Martin
Duke, Lucas Pardue.
Authors' Addresses
Gabriel Montenegro
Microsoft Corporation
Email: Gabriel.Montenegro@Microsoft.com
Nick Banks
Microsoft Corporation
Email: NiBanks@Microsoft.com
Montenegro, et al. Expires August 1, 2019 [Page 4]
Internet-Draft QUIC Header Protection Negotiation January 2019
Praveen Balasubramanian
Microsoft Corporation
Email: PravB@Microsoft.com
Montenegro, et al. Expires August 1, 2019 [Page 5]