[ih] QUIC story

John Day jeanjour at comcast.net
Mon Jun 27 12:13:55 PDT 2022


What decoupling?

What security layer? 

Security is an inherent part of the structure of a layer, assuming that follows the rules.

It is all in knowing how to implement it.  In my experience, the stronger the layer boundary, the more secure, the more efficient and faster the implementation.

Take care,
John

> On Jun 27, 2022, at 14:51, Toerless Eckert via Internet-history <internet-history at elists.isoc.org> wrote:
> 
> On Sun, Jun 26, 2022 at 06:04:48PM +0200, Stephane Bortzmeyer wrote:
>>> the long-perceived wisdom was that security, such as via TLS or
>>> IPsec is best decoupled from transport to be reuseable/modular. And
>>> that QUIC experience may serve as a reminder that other real-world
>>> requirements may throw wrenches into other well-meaning modularily
>>> and layering principles.
>> 
>> Another way, more positive, to view this change is to say that
>> encryption, today, is no longer an option, it is as necessary as flow
>> control and congestion avoidance and, therefore, it makes sense to
>> have it inside the transport layer.
> 
> Even if encryption was optional, you wouldn't want the RTT overhead
> that decoupled transport and security layer would give, when you do
> use encryption, so ultimately it is the need for speed (low RTT) that
> drives breaking traditional layering assumptions. Encryption is just
> one example where this is true. And of course for encryption it doesn't
> only happen with transport.
> 
> 
> Low overhead for high performance at low cost are just two IMHO in our (protocol)
> world architecturally underappreciated ongoing challenges that in practice
> have been at the forefront of driving adoption and proliferation of
> our protocol technologies. I would not be surprised to see also an
> ongoing trend to see our existing IETF protocols be superceeded by
> the more lightweight variants we have been building especially over
> the last decade (as long as those alternatives have no significant
> use-case limitations).
> 
> That bad part of this is that its extremely difficult then to
> future-proof protocols through expandability, because that runs
> quite contrary. Theres some good IAB insight written recently on that
> too.
> 
>> The principle of layering is very important. But the actual placement
>> of layers can vary.
> 
> -- 
> ---
> tte at cs.fau.de
> -- 
> Internet-history mailing list
> Internet-history at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/internet-history




More information about the Internet-history mailing list