idnits 2.17.1 

draft-schinazi-quic-version-negotiation-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  -- The document date (March 11, 2019) is 1872 days in the past.  Is this
     intentional?


  Checking references for intended status: Informational
  ----------------------------------------------------------------------------

  == Outdated reference: A later version (-34) exists of
     draft-ietf-quic-transport-18


     Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.
--------------------------------------------------------------------------------


2	QUIC Working Group                                           D. Schinazi
3	Internet-Draft                                                Google LLC
4	Intended status: Informational                               E. Rescorla
5	Expires: September 12, 2019                                      Mozilla
6	                                                          March 11, 2019

8	                Compatible Version Negotiation for QUIC
9	               draft-schinazi-quic-version-negotiation-00

11	Abstract

13	   QUIC does not provide a complete version negotiation mechanism but
14	   instead only provides a way for the server to indicate that the
15	   version the client offered is unacceptable.  This document describes
16	   a version negotiation mechanism that allows a client and server to
17	   select from a set of QUIC versions which share a compatible Initial
18	   format without incurring an extra round trip.

20	Status of This Memo

22	   This Internet-Draft is submitted in full conformance with the
23	   provisions of BCP 78 and BCP 79.

25	   Internet-Drafts are working documents of the Internet Engineering
26	   Task Force (IETF).  Note that other groups may also distribute
27	   working documents as Internet-Drafts.  The list of current Internet-
28	   Drafts is at https://datatracker.ietf.org/drafts/current/.

30	   Internet-Drafts are draft documents valid for a maximum of six months
31	   and may be updated, replaced, or obsoleted by other documents at any
32	   time.  It is inappropriate to use Internet-Drafts as reference
33	   material or to cite them other than as "work in progress."

35	   This Internet-Draft will expire on September 12, 2019.

37	Copyright Notice

39	   Copyright (c) 2019 IETF Trust and the persons identified as the
40	   document authors.  All rights reserved.

42	   This document is subject to BCP 78 and the IETF Trust's Legal
43	   Provisions Relating to IETF Documents
44	   (https://trustee.ietf.org/license-info) in effect on the date of
45	   publication of this document.  Please review these documents
46	   carefully, as they describe your rights and restrictions with respect
47	   to this document.  Code Components extracted from this document must
48	   include Simplified BSD License text as described in Section 4.e of
49	   the Trust Legal Provisions and are provided without warranty as
50	   described in the Simplified BSD License.

52	Table of Contents

54	   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
55	   2.  Conventions and Definitions . . . . . . . . . . . . . . . . .   2
56	   3.  Version Negotiation Mechanism . . . . . . . . . . . . . . . .   3
57	   4.  Compatible Versions Transport Parameter . . . . . . . . . . .   3
58	   5.  Compatible Versions . . . . . . . . . . . . . . . . . . . . .   4
59	   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
60	   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
61	   8.  Normative References  . . . . . . . . . . . . . . . . . . . .   5
62	   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   5

64	1.  Introduction

66	   QUIC [I-D.ietf-quic-transport] does not provide a complete version
67	   negotiation (VN) mechanism; the VN packet only allows the server to
68	   indicate that the version the client offered is unacceptable, but
69	   doesn't allow the client to safely make use of that information.  In
70	   principle the VN packet could be part of a mechanism to allow two
71	   QUIC implementations to negotiate between two totally disjoint
72	   versions of QUIC (at the cost of an extra round trip).  However,
73	   experience with negotiation of previous IETF protocols indicates that
74	   this is probably not the most common scenario:

76	   1.  Implementations do not generally want to incur an extra round
77	       trip to negotiate versions.

79	   2.  Most incremental versions are broadly similar to the the previous
80	       version, and so the version negotiation mechanism can be built on
81	       the assumption that the version advertisement and selection is
82	       common to the versions to be negotiated.

84	   This specification describes a simple version negotiation mechanism
85	   which exploits property (2) and can negotiate between the set of
86	   "compatible" versions in a single round trip.  Negotiation between
87	   totally disjoint versions - if it ever proves to be necessary - is
88	   left as a topic for future work.

90	2.  Conventions and Definitions

92	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
93	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
94	   "OPTIONAL" in this document are to be interpreted as described in BCP
95	   14 [RFC2119] [RFC8174] when, and only when, they appear in all
96	   capitals, as shown here.

98	3.  Version Negotiation Mechanism

100	   The mechanism defined in this document is straightforward: the client
101	   maintains a list of QUIC versions it supports, ordered by preference.
102	   Its Initial packet is sent using the version that the server is most
103	   likely to support (in practice, this will generally be the oldest
104	   version the client supports); that Initial packet then lists all of
105	   the other compatible versions (Section 5) that the client supports in
106	   the supported_compatible_versions field of its transport parameters
107	   (Section 4).  The server then selects its preferred version and
108	   responds with that version in all of its future packets (except for
109	   Retry, as below).  It also inserts the selected version in the
110	   negotiated_compatible_version field of its transport parameters.

112	   The server MUST NOT select a version not offered by the client.  The
113	   client MUST validate that the version in the server's packets is one
114	   of the versions that it offered and that it matches the value in the
115	   server's transport parameters.

117	   If the server sends a Retry, it MUST use the same version that the
118	   client provided in its Initial.  Version negotiation takes place
119	   after the retry cycle is over.

121	   In order for negotiation to complete successfully, the client's
122	   Initial packet (and initial CRYPTO frames) MUST be interpretable by
123	   the server.  This implies that servers must retain the ability to
124	   process the Initial packet from older versions as long as they are
125	   reasonably popular.  This is not generally an issue in practice as
126	   long as the the overall structure of the protocol remains similar.

128	   If the server receives an Initial packet with a version it does not
129	   understand this will cause a connection failure and the server SHOULD
130	   send a Version Negotiation packet as defined in
131	   [I-D.ietf-quic-transport].

133	4.  Compatible Versions Transport Parameter

135	   This document adds a new transport parameter, CompatibleVersions:

137	   struct {
138	         select (Handshake.msg_type) {
139	            case client_hello:
140	               QuicVersion supported_compatible_versions<4..2^8-4>;

142	            case encrypted_extensions:
143	               QuicVersion negotiated_compatible_version;
144	         }
145	   } CompatibleVersions;
146	   The client's "supported_compatible_versions" parameter lists the
147	   versions it supports in decreasing order of preference.  The server's
148	   "negotiated_compatible_version" parameter lists the version it has
149	   selected.  If the client does not send this transport parameter, the
150	   server MUST assume that the client only supports the version it used
151	   for the Initial packet and MUST NOT send its own parameter.

153	   Clients MAY include versions following the pattern 0x?a?a?a?a in
154	   their supported_compatible_versions.  Those versions are reserved to
155	   exercise version negotiation (see the Versions section of
156	   [I-D.ietf-quic-transport]), and MUST be ignored by the server when
157	   parsing supported_compatible_versions.

159	5.  Compatible Versions

161	   Two versions of QUIC A and B are "compatible" if a version A Initial
162	   can be used to negotiate version B and vice versa.  The most common
163	   scenario is a sequence of versions 1, 2, 3, etc. in which all the
164	   Initial packets have the same basic structure but might include
165	   specific extensions (especially inside the crypto handshake) that are
166	   only meaningful in some subset of versions and are ignored in others.
167	   Note that it is not possible to add new frame types in Initial
168	   packets because QUIC frames do not use a self-describing encoding, so
169	   unrecognized frame types cannot be parsed or ignored (see the
170	   Extension Frames section of [I-D.ietf-quic-transport]).

172	   When a new version of QUIC is defined, it is assumed to not be
173	   compatible with any other version unless otherwise specified.
174	   Implementations MUST NOT assume compatibility between version unless
175	   explicitly specified.

177	6.  Security Considerations

179	   The crypto handshake is already required to guarantee agreement on
180	   the supported parameters, so negotiation between compatible versions
181	   will have the security of the weakest common version.

183	   The requirement that versions not be assumed compatible mitigates the
184	   possibility of cross-protocol attacks, but more analysis is still
185	   needed here.

187	7.  IANA Considerations

189	   If this document is approved, IANA shall assign the identifier TBD
190	   for the "compatible_versions" transport parameter.

192	8.  Normative References

194	   [I-D.ietf-quic-transport]
195	              Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed
196	              and Secure Transport", draft-ietf-quic-transport-18 (work
197	              in progress), January 2019.

199	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
200	              Requirement Levels", BCP 14, RFC 2119,
201	              DOI 10.17487/RFC2119, March 1997,
202	              <https://www.rfc-editor.org/info/rfc2119>.

204	   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
205	              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
206	              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

208	Authors' Addresses

210	   David Schinazi
211	   Google LLC
212	   1600 Amphitheatre Parkway
213	   Mountain View, California 94043
214	   United States of America

216	   Email: dschinazi.ietf@gmail.com

218	   Eric Rescorla
219	   Mozilla

221	   Email: ekr@rtfm.com