QUIC Negotiation for Packet Number Protection
Microsoft Corporation
Gabriel.Montenegro@Microsoft.com
Microsoft Corporation
NiBanks@Microsoft.com
Microsoft Corporation
PravB@Microsoft.com
Transport
QUIC
Internet-Draft
This document defines an extension to reduce the cost of QUIC deployment in environments like datacenters by allowing packet number protection to be optionally disabled.
Discussion of this draft takes place on the QUIC working group mailing list
(quic@ietf.org), which is archived at
https://mailarchive.ietf.org/arch/search/?email_list=quic.
Working Group information can be found at https://github.com/quicwg; source
code and issues list for this draft can be found at
https://github.com/quicwg/base-drafts/labels/-recovery.
QUIC is a new transport for the internet. In its generality, there are features which are not well suited
for some environments. In particular, QUIC uses Packet Number Protection (PNP)
to prevent ossification and to provide unlinkability upon (voluntary) migration.
However, there are environments where these are not a concern, in particular,
connections within a datacenter.
This document defines
a negotiation mechanism using transport parameters to disable PNP. Internet facing nodes MUST not disable PNP, so
browsers, for example, should not implement this extension. On the other hand, configured nodes
within a datacenter could turn off PNP in their exchanges to avoid the CPU cost that PNP implies.
The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”,
“SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this
document are to be interpreted as described in BCP 14
when, and only when, they appear in all capitals, as shown here.
This document defines a new transport parameter for QUIC :
The endpoint is disabling packet number protection as specified in .
This parameter is a zero-length value. This parameter only affects short headers.
A successful negotiation of the “disable_packet_number_protection” parameter
requires both peers to send this transport parameter.
Peers that have successfully negotiated the “disable_packet_number_protection” parameter MUST NOT use packet number protection on short header packets.
Per section 6.11.5 of , PNP is used as a partial mitigation against linkability, and to
prevent ossification.
The “disable_packet_number_protection” parameter should be negotiated in environments in which these are not
a concern.
Per section 13.1 of , this document requests IANA assign a value for the new transport parameter
and record it in the registry for “QUIC Transport Parameters” under the “QUIC Protocol” heading.
IANA is further requested to assign a value with the first byte in the range 0x00 to 0xfe (in
hexadecimal) as follows:
Value
Parameter Name
Specification
0x000c
disable_packet_number_protection
This document
QUIC: A UDP-Based Multiplexed and Secure Transport
Fastly
Mozilla
Using Transport Layer Security (TLS) to Secure QUIC
Mozilla
sn3rd
Key words for use in RFCs to Indicate Requirement Levels
In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.
Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words
RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.