draft-ietf-quic-applicability-03.txt   draft-ietf-quic-applicability-04.txt 
Network Working Group M. Kuehlewind Network Working Group M. Kuehlewind
Internet-Draft B. Trammell Internet-Draft B. Trammell
Intended status: Informational ETH Zurich Intended status: Informational ETH Zurich
Expires: April 25, 2019 October 22, 2018 Expires: October 26, 2019 April 24, 2019
Applicability of the QUIC Transport Protocol Applicability of the QUIC Transport Protocol
draft-ietf-quic-applicability-03 draft-ietf-quic-applicability-04
Abstract Abstract
This document discusses the applicability of the QUIC transport This document discusses the applicability of the QUIC transport
protocol, focusing on caveats impacting application protocol protocol, focusing on caveats impacting application protocol
development and deployment over QUIC. Its intended audience is development and deployment over QUIC. Its intended audience is
designers of application protocol mappings to QUIC, and implementors designers of application protocol mappings to QUIC, and implementors
of these application protocols. of these application protocols.
Status of This Memo Status of This Memo
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 25, 2019. This Internet-Draft will expire on October 26, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 18 skipping to change at page 2, line 18
1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3
2. The Necessity of Fallback . . . . . . . . . . . . . . . . . . 3 2. The Necessity of Fallback . . . . . . . . . . . . . . . . . . 3
3. Zero RTT . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Zero RTT . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. Thinking in Zero RTT . . . . . . . . . . . . . . . . . . 4 3.1. Thinking in Zero RTT . . . . . . . . . . . . . . . . . . 4
3.2. Here There Be Dragons . . . . . . . . . . . . . . . . . . 4 3.2. Here There Be Dragons . . . . . . . . . . . . . . . . . . 4
3.3. Session resumption versus Keep-alive . . . . . . . . . . 4 3.3. Session resumption versus Keep-alive . . . . . . . . . . 4
4. Use of Streams . . . . . . . . . . . . . . . . . . . . . . . 6 4. Use of Streams . . . . . . . . . . . . . . . . . . . . . . . 6
4.1. Stream versus Flow Multiplexing . . . . . . . . . . . . . 6 4.1. Stream versus Flow Multiplexing . . . . . . . . . . . . . 6
4.2. Packetization and latency . . . . . . . . . . . . . . . . 7 4.2. Packetization and latency . . . . . . . . . . . . . . . . 7
4.3. Prioritization . . . . . . . . . . . . . . . . . . . . . 7 4.3. Prioritization . . . . . . . . . . . . . . . . . . . . . 7
5. Port Selection . . . . . . . . . . . . . . . . . . . . . . . 8 4.4. Flow Control Deadlocks . . . . . . . . . . . . . . . . . 8
6. Graceful connection closure . . . . . . . . . . . . . . . . . 8 5. Port Selection . . . . . . . . . . . . . . . . . . . . . . . 9
7. Information exposure and the Connection ID . . . . . . . . . 8 6. Graceful connection closure . . . . . . . . . . . . . . . . . 9
7.1. Server-Generated Connection ID . . . . . . . . . . . . . 9 7. Information exposure and the Connection ID . . . . . . . . . 9
7.1. Server-Generated Connection ID . . . . . . . . . . . . . 10
7.2. Mitigating Timing Linkability with Connection ID 7.2. Mitigating Timing Linkability with Connection ID
Migration . . . . . . . . . . . . . . . . . . . . . . . . 9 Migration . . . . . . . . . . . . . . . . . . . . . . . . 10
7.3. Using Server Retry for Redirection . . . . . . . . . . . 9 7.3. Using Server Retry for Redirection . . . . . . . . . . . 11
8. Use of Versions and Cryptographic Handshake . . . . . . . . . 10 8. Use of Versions and Cryptographic Handshake . . . . . . . . . 11
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 9. Enabling New Versions . . . . . . . . . . . . . . . . . . . . 11
10. Security Considerations . . . . . . . . . . . . . . . . . . . 10 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
11. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 10 11. Security Considerations . . . . . . . . . . . . . . . . . . . 12
12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11 12. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 13
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13
13.1. Normative References . . . . . . . . . . . . . . . . . . 11 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
13.2. Informative References . . . . . . . . . . . . . . . . . 11 14.1. Normative References . . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 14.2. Informative References . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15
1. Introduction 1. Introduction
QUIC [QUIC] is a new transport protocol currently under development QUIC [QUIC] is a new transport protocol currently under development
in the IETF quic working group, focusing on support of semantics as in the IETF quic working group, focusing on support of semantics as
needed for HTTP/2 [QUIC-HTTP] such as stream-multiplexing to avoid needed for HTTP/2 [QUIC-HTTP] such as stream-multiplexing to avoid
head-of-line blocking. Based on current deployment practices, QUIC head-of-line blocking. Based on current deployment practices, QUIC
is encapsulated in UDP. The version of QUIC that is currently under is encapsulated in UDP. The version of QUIC that is currently under
development will integrate TLS 1.3 [TLS13] to encrypt all payload development will integrate TLS 1.3 [TLS13] to encrypt all payload
data and most control information. data and most control information.
skipping to change at page 8, line 7 skipping to change at page 8, line 7
before new data, unless indicated differently by the application. before new data, unless indicated differently by the application.
Currently, QUIC only provides fully reliable stream transmission, Currently, QUIC only provides fully reliable stream transmission,
which means that prioritization of retransmissions will be beneficial which means that prioritization of retransmissions will be beneficial
in most cases, by filling in gaps and freeing up the flow control in most cases, by filling in gaps and freeing up the flow control
window. For partially reliable or unreliable streams, priority window. For partially reliable or unreliable streams, priority
scheduling of retransmissions over data of higher-priority streams scheduling of retransmissions over data of higher-priority streams
might not be desirable. For such streams, QUIC could either provide might not be desirable. For such streams, QUIC could either provide
an explicit interface to control prioritization, or derive the an explicit interface to control prioritization, or derive the
prioritization decision from the reliability level of the stream. prioritization decision from the reliability level of the stream.
4.4. Flow Control Deadlocks
Flow control provides a means of managing access to the limited
buffers endpoints have for incoming data. This mechanism limits the
amount of data that can be in buffers in endpoints or in transit on
the network. However, there are several ways in which limits can
produce conditions that can cause a connection to either perform
suboptimally or deadlock.
Deadlocks in flow control are possible for any protocol that uses
QUIC, though whether they become a problem depends on how
implementations consume data and provide flow control credit.
Understanding what causes deadlocking might help implementations
avoid deadlocks.
Large messages can produce deadlocking if the recipient does not
process the message incrementally. If the message is larger than
flow control credit available and the recipient does not release
additional flow control credit until the entire message is received
and delivered, a deadlock can occur. This is possible even where
stream flow control limits are not reached because connection flow
control limits can be consumed by other streams.
A common flow control implementation technique is for a receiver to
extend credit to the sender as a the data consumer reads data. In
this setting, a length-prefixed message format makes it easier for
the data consumer to leave data unread in the receiver's buffers and
thereby withhold flow control credit. If flow control limits prevent
the remainder of a message from being sent, a deadlock will result.
A length prefix might also enable the detection of this sort of
deadlock. Where protocols have messages that might be processed as a
single unit, reserving flow control credit for the entire message
atomically ensures that this style of deadlock is less likely.
A data consumer can read all data as it becomes available to cause
the receiver to extend flow control credit to the sender and reduce
the chances of a deadlock. However, releasing flow control credit
might mean that the data consumer might need other means for holding
a peer accountable for the state it keeps for partially processed
messages.
Deadlocking can also occur if data on different streams is
interdependent. Suppose that data on one stream arrives before the
data on a second stream on which it depends. A deadlock can occur if
the first stream is left unread, preventing the receiver from
extending flow control credit for the second stream. To reduce the
likelihood of deadlock for interdependent data, the sender should
ensure that dependent data is not sent until the data it depends on
has been accounted for in both stream- and connection- level flow
control credit.
Some deadlocking scenarios might be resolved by cancelling affected
streams with STOP_SENDING or RST_STREAM. Cancelling some streams
results in the connection being terminated in some protocols.
5. Port Selection 5. Port Selection
As QUIC is a general purpose transport protocol, there are no As QUIC is a general purpose transport protocol, there are no
requirements that servers use a particular UDP port for QUIC in requirements that servers use a particular UDP port for QUIC in
general. Instead, the same port number is used as would be used for general. Instead, the same port number is used as would be used for
the same application over TCP. In the case of HTTP the expectation the same application over TCP. In the case of HTTP the expectation
is that port 443 is used, which has already been registered for "http is that port 443 is used, which has already been registered for "http
protocol over TLS/SSL". However, [QUIC-HTTP] also specifies the use protocol over TLS/SSL". However, [QUIC-HTTP] also specifies the use
of Alt-Svc for HTTP/QUIC discovery which allows the server to use and of Alt-Svc for HTTP/QUIC discovery which allows the server to use and
announce a different port number. announce a different port number.
skipping to change at page 9, line 9 skipping to change at page 10, line 12
for other control processes, and a short header that may be used for for other control processes, and a short header that may be used for
data transmission in an established connection. While the long data transmission in an established connection. While the long
header always exposes some information (such as the version and header always exposes some information (such as the version and
Connection IDs), the short header exposes at most only a single Connection IDs), the short header exposes at most only a single
Connection ID. Connection ID.
7.1. Server-Generated Connection ID 7.1. Server-Generated Connection ID
QUIC supports a server-generated Connection ID, transmitted to the QUIC supports a server-generated Connection ID, transmitted to the
client during connection establishment (see Section 6.1 of [QUIC]). client during connection establishment (see Section 6.1 of [QUIC]).
Servers behind load balancers may need to propose a Connection ID Servers behind load balancers may need to change the Connection ID
during the handshake, encoding the identity of the server or during the handshake, encoding the identity of the server or
information about its load balancing pool, in order to support information about its load balancing pool, in order to support
stateless load balancing. Once the server generates a Connection ID stateless load balancing. Once the server generates a Connection ID
that encodes its identity, every CDN load balancer would be able to that encodes its identity, every CDN load balancer would be able to
forward the packets to that server without retaining connection forward the packets to that server without retaining connection
state. state.
Server-generated connection IDs should seek to obscure any encoding, Server-generated connection IDs should seek to obscure any encoding,
of routing identities or any other information. Exposing the server of routing identities or any other information. Exposing the server
mapping would allow linkage of multiple IP addresses to the same host mapping would allow linkage of multiple IP addresses to the same host
skipping to change at page 10, line 28 skipping to change at page 11, line 37
might simply provide a different feature set. As such, an might simply provide a different feature set. As such, an
application needs to be able to select which versions of QUIC it application needs to be able to select which versions of QUIC it
wants to use. wants to use.
A new version could use an encryption scheme other than TLS 1.3 or A new version could use an encryption scheme other than TLS 1.3 or
higher. [QUIC] specifies requirements for the cryptographic higher. [QUIC] specifies requirements for the cryptographic
handshake as currently realized by TLS 1.3 and described in a handshake as currently realized by TLS 1.3 and described in a
separate specification [QUIC-TLS]. This split is performed to enable separate specification [QUIC-TLS]. This split is performed to enable
light-weight versioning with different cryptographic handshakes. light-weight versioning with different cryptographic handshakes.
9. IANA Considerations 9. Enabling New Versions
QUIC provides integrity protection for its version negotiation
process. This process assumes that the set of versions that a server
supports is fixed. This complicates the process for deploying new
QUIC versions or disabling old versions when servers operate in
clusters.
A server that rolls out a new version of QUIC can do so in three
stages. Each stage is completed across all server instances before
moving to the next stage.
In the first stage of deployment, all server instances start
accepting new connections with the new version. The new version can
be enabled progressively across a deployment, which allows for
selective testing. This is especially useful when the new version is
compatible with an old version, because the new version is more
likely to be used.
While enabling the new version, servers do not advertise the new
version in any Version Negotiation packets they send. This prevents
clients that receive a Version Negotiation packet from attempting to
connect to server instances that might not have the new version
enabled.
During the initial deployment, some clients will have received
Version Negotiation packets that indicate that the server does not
support the new version. Other clients might have successfully
connected with the new version and so will believe that the server
supports the new version. Therefore, servers need to allow for this
ambiguity when validating the negotiated version.
The second stage of deployment commences once all server instances
are able accept new connections with the new version. At this point,
all servers can start sending the new version in Version Negotiation
packets.
During the second stage, the server still allows for the possibility
that some clients believe the new version to be available and some do
not. This state will persist only for as long as any Version
Negotiation packets take to be transmitted and responded to. So the
third stage can follow after a relatively short delay.
The third stage completes the process by enabling validation of the
negotiation version as though the new version were disabled.
The process for disabling an old version or rolling back the
introduction of a new version uses the same process in reverse.
Servers disable validation of the old version, stop sending the old
version in Version Negotiation packets, then the old version is no
longer accepted.
10. IANA Considerations
This document has no actions for IANA. This document has no actions for IANA.
10. Security Considerations 11. Security Considerations
See the security considerations in [QUIC] and [QUIC-TLS]; the See the security considerations in [QUIC] and [QUIC-TLS]; the
security considerations for the underlying transport protocol are security considerations for the underlying transport protocol are
relevant for applications using QUIC, as well. relevant for applications using QUIC, as well.
Application developers should note that any fallback they use when Application developers should note that any fallback they use when
QUIC cannot be used due to network blocking of UDP SHOULD guarantee QUIC cannot be used due to network blocking of UDP SHOULD guarantee
the same security properties as QUIC; if this is not possible, the the same security properties as QUIC; if this is not possible, the
connection SHOULD fail to allow the application to explicitly handle connection SHOULD fail to allow the application to explicitly handle
fallback to a less-secure alternative. See Section 2. fallback to a less-secure alternative. See Section 2.
11. Contributors 12. Contributors
Igor Lubashev contributed text to Section 7 on server-selected Igor Lubashev contributed text to Section 7 on server-selected
Connection IDs. Connection IDs.
12. Acknowledgments 13. Acknowledgments
This work is partially supported by the European Commission under This work is partially supported by the European Commission under
Horizon 2020 grant agreement no. 688421 Measurement and Architecture Horizon 2020 grant agreement no. 688421 Measurement and Architecture
for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat
for Education, Research, and Innovation under contract no. 15.0268. for Education, Research, and Innovation under contract no. 15.0268.
This support does not imply endorsement. This support does not imply endorsement.
13. References 14. References
13.1. Normative References 14.1. Normative References
[QUIC] Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed [QUIC] Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed
and Secure Transport", draft-ietf-quic-transport-15 (work and Secure Transport", draft-ietf-quic-transport-20 (work
in progress), October 2018. in progress), April 2019.
[QUIC-INVARIANTS] [QUIC-INVARIANTS]
Thomson, M., "Version-Independent Properties of QUIC", Thomson, M., "Version-Independent Properties of QUIC",
draft-ietf-quic-invariants-03 (work in progress), October draft-ietf-quic-invariants-04 (work in progress), April
2018. 2019.
[QUIC-TLS] [QUIC-TLS]
Thomson, M. and S. Turner, "Using Transport Layer Security Thomson, M. and S. Turner, "Using TLS to Secure QUIC",
(TLS) to Secure QUIC", draft-ietf-quic-tls-15 (work in draft-ietf-quic-tls-20 (work in progress), April 2019.
progress), October 2018.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S.
Cheshire, "Internet Assigned Numbers Authority (IANA) Cheshire, "Internet Assigned Numbers Authority (IANA)
Procedures for the Management of the Service Name and Procedures for the Management of the Service Name and
Transport Protocol Port Number Registry", BCP 165, Transport Protocol Port Number Registry", BCP 165,
RFC 6335, DOI 10.17487/RFC6335, August 2011, RFC 6335, DOI 10.17487/RFC6335, August 2011,
<https://www.rfc-editor.org/info/rfc6335>. <https://www.rfc-editor.org/info/rfc6335>.
[TLS13] Thomson, M. and S. Turner, "Using Transport Layer Security [TLS13] Thomson, M. and S. Turner, "Using TLS to Secure QUIC",
(TLS) to Secure QUIC", draft-ietf-quic-tls-15 (work in draft-ietf-quic-tls-20 (work in progress), April 2019.
progress), October 2018.
13.2. Informative References 14.2. Informative References
[Edeline16] [Edeline16]
Edeline, K., Kuehlewind, M., Trammell, B., Aben, E., and Edeline, K., Kuehlewind, M., Trammell, B., Aben, E., and
B. Donnet, "Using UDP for Internet Transport Evolution B. Donnet, "Using UDP for Internet Transport Evolution
(arXiv preprint 1612.07816)", December 2016, (arXiv preprint 1612.07816)", December 2016,
<https://arxiv.org/abs/1612.07816>. <https://arxiv.org/abs/1612.07816>.
[Hatonen10] [Hatonen10]
Hatonen, S., Nyrhinen, A., Eggert, L., Strowes, S., Hatonen, S., Nyrhinen, A., Eggert, L., Strowes, S.,
Sarolahti, P., and M. Kojo, "An experimental study of home Sarolahti, P., and M. Kojo, "An experimental study of home
skipping to change at page 12, line 34 skipping to change at page 14, line 36
nottingham-httpbis-retry-01 (work in progress), February nottingham-httpbis-retry-01 (work in progress), February
2017. 2017.
[PaaschNanog] [PaaschNanog]
Paasch, C., "Network Support for TCP Fast Open (NANOG 67 Paasch, C., "Network Support for TCP Fast Open (NANOG 67
presentation)", June 2016, presentation)", June 2016,
<https://www.nanog.org/sites/default/files/ <https://www.nanog.org/sites/default/files/
Paasch_Network_Support.pdf>. Paasch_Network_Support.pdf>.
[QUIC-HTTP] [QUIC-HTTP]
Bishop, M., "Hypertext Transfer Protocol (HTTP) over Bishop, M., "Hypertext Transfer Protocol Version 3
QUIC", draft-ietf-quic-http-15 (work in progress), October (HTTP/3)", draft-ietf-quic-http-20 (work in progress),
2018. April 2019.
[Swett16] Swett, I., "QUIC Deployment Experience at Google (IETF96 [Swett16] Swett, I., "QUIC Deployment Experience at Google (IETF96
QUIC BoF presentation)", July 2016, QUIC BoF presentation)", July 2016,
<https://www.ietf.org/proceedings/96/slides/ <https://www.ietf.org/proceedings/96/slides/
slides-96-quic-3.pdf>. slides-96-quic-3.pdf>.
[Trammell16] [Trammell16]
Trammell, B. and M. Kuehlewind, "Internet Path Trammell, B. and M. Kuehlewind, "Internet Path
Transparency Measurements using RIPE Atlas (RIPE72 MAT Transparency Measurements using RIPE Atlas (RIPE72 MAT
presentation)", May 2016, <https://ripe72.ripe.net/wp- presentation)", May 2016, <https://ripe72.ripe.net/wp-
 End of changes. 20 change blocks. 
40 lines changed or deleted 147 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/