From 74aa5cb628027717c33b5b029f591c79eee500ec Mon Sep 17 00:00:00 2001 From: martinduke Date: Wed, 17 Jun 2020 17:12:26 -0700 Subject: [PATCH 1/6] Added normative text to invariants Fixes #3773. As some who's writing a spec for a QUIC intermediary, I hope this covers most of the ground here. --- draft-ietf-quic-invariants.md | 43 ++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index 2421595d7c..c59d5192e5 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -96,6 +96,11 @@ the protocol can change between different versions. might be made based on knowledge of QUIC version 1; these do not apply to every version of QUIC. +This standard imposes normative requirements on intermediaries and tools that seek +to observe and/or process QUIC packets. Following these requirements will allow +these entities to function properly as QUIC evolves, and allow that evolution to +continue. + # Conventions and Definitions @@ -103,6 +108,19 @@ version of QUIC. This document uses terms and notational conventions from {{QUIC-TRANSPORT}}. +This document uses the term "intermediaries" to refer to routers, load +balancers, traffic classifiers, measurement devices, and any other entity that +observes, measures, or otherwise processes QUIC packets. Some intermediaries +might have the ability to drop QUIC packets based on their observable contents. + +The definition of "intermediaries" explicity excludes QUIC proxies that fully +terminate a QUIC connection to one endpoint and open a different QUIC +(or other transport protocol) connection to the other endpoint. + +An intermediary is said to "understand" a QUIC version if it has implemented the +necessary algorithms to parse the relevant packets and monitor the relevant +behaviors for that version beyond the invariants described in this document. + # An Extremely Abstract Description of QUIC @@ -156,6 +174,29 @@ Example Structure { {: #fig-ex-format title="Example Format"} +# Requirements for Intermediaries + +An intermediary MAY observe the QUIC version in certain packets, statefully note +the version associated with the connection IDs (see {{connection-id}}) in the +packet, and if it understands that version, parse and process packets with one +of those connection IDs without regard for the invariants in this document. + +Intermediaries MUST implement a mode that, if they cannot associate a version +with a packet's connection ID or do not understand the associated QUIC version, +uses only the invariant fields described in this document to execute its +function(s). This might mean that the intermediary cannot accomplish its +function(s) at all, or that it implements a default behavior. + +Intermediaries MUST NOT implement a default behavior of dropping packets of QUIC +versions they do not understand, or packets that have a connection ID they +cannot associate with a QUIC version. + +Future specifications for intermediaries SHOULD document any implicit +assumptions they are making about endpoint behavior beyond the invariants in +this document, and the impact if future versions of QUIC violate those +assumptions. + + # QUIC Packet Headers QUIC endpoints exchange UDP datagrams that contain one or more QUIC packets. @@ -234,7 +275,7 @@ and is not constrained by this specification. The remainder of the packet has version-specific semantics. -## Connection ID +## Connection ID {#connection-id} A connection ID is an opaque field of arbitrary length. From 30954246938ac5ff728b4b3ba50b62d033dde76a Mon Sep 17 00:00:00 2001 From: martinduke Date: Wed, 17 Jun 2020 17:20:10 -0700 Subject: [PATCH 2/6] Fixed line break. --- draft-ietf-quic-invariants.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index c59d5192e5..5ace7961bd 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -96,10 +96,10 @@ the protocol can change between different versions. might be made based on knowledge of QUIC version 1; these do not apply to every version of QUIC. -This standard imposes normative requirements on intermediaries and tools that seek -to observe and/or process QUIC packets. Following these requirements will allow -these entities to function properly as QUIC evolves, and allow that evolution to -continue. +This standard imposes normative requirements on intermediaries and tools that +seek to observe and/or process QUIC packets. Following these requirements will +allow these entities to function properly as QUIC evolves, and allow that +evolution to continue. # Conventions and Definitions From 4f6747fd4265ea7001de2c5eaa0128b5a6098059 Mon Sep 17 00:00:00 2001 From: Martin Duke Date: Thu, 18 Jun 2020 09:03:05 -0700 Subject: [PATCH 3/6] Update draft-ietf-quic-invariants.md --- draft-ietf-quic-invariants.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index 5ace7961bd..ce0fc307c3 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -191,10 +191,9 @@ Intermediaries MUST NOT implement a default behavior of dropping packets of QUIC versions they do not understand, or packets that have a connection ID they cannot associate with a QUIC version. -Future specifications for intermediaries SHOULD document any implicit -assumptions they are making about endpoint behavior beyond the invariants in -this document, and the impact if future versions of QUIC violate those -assumptions. +Specifications for intermediaries SHOULD document any implicit assumptions they +are making about endpoint behavior beyond the invariants in this document, and +the impact if future versions of QUIC violate those assumptions. # QUIC Packet Headers From 92c25240019bccd8882918023bd821bd78bf82f7 Mon Sep 17 00:00:00 2001 From: Martin Duke Date: Thu, 18 Jun 2020 09:29:50 -0700 Subject: [PATCH 4/6] MT's comments Partially addresses MT's comments in #3773. Discussion is ongoing. --- draft-ietf-quic-invariants.md | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index ce0fc307c3..8ec39c5145 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -108,10 +108,12 @@ evolution to continue. This document uses terms and notational conventions from {{QUIC-TRANSPORT}}. -This document uses the term "intermediaries" to refer to routers, load -balancers, traffic classifiers, measurement devices, and any other entity that -observes, measures, or otherwise processes QUIC packets. Some intermediaries -might have the ability to drop QUIC packets based on their observable contents. +This document uses the term "intermediaries" to refer devices, besides +endpoints, that in some way interface with the contents of QUIC Packets. It +includes routers, load balancers, traffic classifiers, measurement devices, and +any other entity that observes, measures, or otherwise processes QUIC packets. +Some intermediaries might have the ability to drop QUIC packets based on their +observable contents. The definition of "intermediaries" explicity excludes QUIC proxies that fully terminate a QUIC connection to one endpoint and open a different QUIC @@ -195,6 +197,11 @@ Specifications for intermediaries SHOULD document any implicit assumptions they are making about endpoint behavior beyond the invariants in this document, and the impact if future versions of QUIC violate those assumptions. +QUIC incorporates mechanisms for endpoints to detect packet tampering, and +interventions by intermediaries are often less helpful as the protocol evolves. +Specifications for intermediaries SHOULD, where possible, include mechanisms +for explicit consent and/or consent from QUIC endpoints. + # QUIC Packet Headers From 504669f295d9ad65b77003aa742becbc365c36fc Mon Sep 17 00:00:00 2001 From: martinduke Date: Mon, 22 Jun 2020 11:41:10 -0700 Subject: [PATCH 5/6] Update draft-ietf-quic-invariants.md Co-authored-by: Mike Bishop --- draft-ietf-quic-invariants.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index 8ec39c5145..39f28f69f6 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -195,7 +195,7 @@ cannot associate with a QUIC version. Specifications for intermediaries SHOULD document any implicit assumptions they are making about endpoint behavior beyond the invariants in this document, and -the impact if future versions of QUIC violate those assumptions. +the impact if future versions of QUIC do not conform to those assumptions. QUIC incorporates mechanisms for endpoints to detect packet tampering, and interventions by intermediaries are often less helpful as the protocol evolves. From ca0bfe10d0a8c9fda04f501dc1ab52a210a3a558 Mon Sep 17 00:00:00 2001 From: Martin Duke Date: Mon, 22 Jun 2020 12:16:32 -0700 Subject: [PATCH 6/6] Igor and Mike's suggestion --- draft-ietf-quic-invariants.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index 8ec39c5145..30aee5207b 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -189,9 +189,10 @@ uses only the invariant fields described in this document to execute its function(s). This might mean that the intermediary cannot accomplish its function(s) at all, or that it implements a default behavior. -Intermediaries MUST NOT implement a default behavior of dropping packets of QUIC -versions they do not understand, or packets that have a connection ID they -cannot associate with a QUIC version. +Intermediaries MUST NOT drop QUIC packets with versions they do not understand, +or packets that have a connection ID they cannot associate with a QUIC version, +solely for those reasons. Doing so would break QUIC's address migration and +version negotiation mechanisms. Specifications for intermediaries SHOULD document any implicit assumptions they are making about endpoint behavior beyond the invariants in this document, and