From: Omer Shapira <omer_shapira@apple.com>
To: Michael Welzl <michawe@ifi.uio.no>
Cc: "Toke Høiland-Jørgensen" <toke@toke.dk>,
Rpm <rpm@lists.bufferbloat.net>,
Make-Wifi-fast <make-wifi-fast@lists.bufferbloat.net>,
"Keith Winstein" <keithw@cs.stanford.edu>
Subject: Re: [Make-wifi-fast] [Rpm] tack - reducing acks on wlans
Date: Wed, 20 Oct 2021 16:20:01 -0700 [thread overview]
Message-ID: <9C553AC1-B470-4887-B770-9FD23D586889@apple.com> (raw)
In-Reply-To: <C755F873-0719-4F97-886B-654602427A1D@ifi.uio.no>
[-- Attachment #1: Type: text/plain, Size: 3011 bytes --]
> On Oct 20, 2021, at 3:54 AM, Michael Welzl via Rpm <rpm@lists.bufferbloat.net> wrote:
>
>
>
>> On 20 Oct 2021, at 12:44, Toke Høiland-Jørgensen <toke@toke.dk> wrote:
>>
>> Michael Welzl <michawe@ifi.uio.no> writes:
>>
>>>> On 20 Oct 2021, at 11:44, Toke Høiland-Jørgensen <toke@toke.dk> wrote:
>>>>
>>>> Michael Welzl <michawe@ifi.uio.no> writes:
>>>>
>>>>> Am I being naive? Why can't such an ARQ proxy be deployed? Is it just
>>>>> because standardizing this negotiation is too difficult, or would it
>>>>> also be too computationally heavy for an AP perhaps, at high speeds?
>>>>
>>>> Immediate thought: this won't work for QUIC
>>>
>>> .... as-is, true, though MASQUE is still being defined. Is this an
>>> argument for defining it accordingly?
>>
>> MASQUE is proxying, right? Not quite sure if it's supposed to be also
>> MITM'ing the traffic?
>
> Wellllll.... I'm not 100% sure. If I understood it correctly, ideas on the table would have it do this in case of tunneling TCP/IP over QUIC, but not in case of QUIC itself - but to me, this isn't necessarily good design? Because: =>
>
>
>> In any case, it would require clients to negotiate
>> a proxy session with the AP and trust it to do that properly?
>
> => Yes.
>
>
>> This may
>> work for a managed setup in an enterprise, but do you really expect me
>> to be OK with any random access point in a coffee shop being a MITM?
>
> MiTM is a harsh term for just being able to ACK on my behalf. Some capabilities could be defined, as long as they're indeed defined clearly.
> So I don't see why "yes, you can ACK my packets on my behalf when you get a LL-ACK from me" is MiTM'ing. I believe that things are now all being lumped together, which may be why the design may end up being too prohibitive.
Yet, the QUIC protocol makes ACKs part of the protected payload. Having the ACKs protected by the frame protection allows ensuring that nobody had meddled with the ACKs - and by this to avoid an entire class of attacks that put a close-by endpoint which NACKs segments.
> Someone showed me a paper which lets such proxies ACK by reflecting parts of the encrypted packet... I don't remember the title now and don't have a pointer, but: it can be done anyway (if the sender is able to parse these ACKs). Not being a part of the standard means nobody will implement such a sender though.
Michael, it sounds to me that what you are describing is something that belongs to the datalink layer (LL or MAC), maybe with an addition of namespaces (at the MAC layer) which can be aligned with the streams / connections. However, once we get into QUIC, the assumption that we are free to meddle with the ACK frames is problematic.
>
> Cheers,
> Michael
>
> _______________________________________________
> Rpm mailing list
> Rpm@lists.bufferbloat.net <mailto:Rpm@lists.bufferbloat.net>
> https://lists.bufferbloat.net/listinfo/rpm <https://lists.bufferbloat.net/listinfo/rpm>
[-- Attachment #2: Type: text/html, Size: 16434 bytes --]
next prev parent reply other threads:[~2021-10-20 23:20 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-19 20:12 [Make-wifi-fast] " Dave Taht
2021-10-19 20:25 ` [Make-wifi-fast] [Rpm] " Matt Mathis
2021-10-19 20:31 ` Omer Shapira
2021-10-20 7:00 ` [Make-wifi-fast] " Michael Welzl
2021-10-20 9:44 ` Toke Høiland-Jørgensen
2021-10-20 10:13 ` Michael Welzl
2021-10-20 10:44 ` Toke Høiland-Jørgensen
2021-10-20 10:54 ` Michael Welzl
2021-10-20 11:52 ` Toke Høiland-Jørgensen
2021-10-20 12:21 ` Michael Welzl
2021-10-20 15:57 ` Toke Høiland-Jørgensen
2021-10-20 17:08 ` Michael Welzl
2021-10-20 22:04 ` Toke Høiland-Jørgensen
2021-10-20 23:06 ` Anna Brunström
2021-10-21 6:01 ` Michael Welzl
2021-10-20 23:20 ` Omer Shapira [this message]
2021-10-21 6:19 ` [Make-wifi-fast] [Rpm] " Michael Welzl
2021-10-21 7:18 ` Michael Welzl
2021-10-21 7:57 ` Keith Winstein
2021-10-21 8:42 ` Michael Welzl
2021-10-21 20:19 ` Keith Winstein
2021-10-20 23:08 ` Omer Shapira
2021-10-20 10:58 ` Sebastian Moeller
2021-10-20 11:55 ` Toke Høiland-Jørgensen
2021-10-20 20:37 ` Sebastian Moeller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/make-wifi-fast.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9C553AC1-B470-4887-B770-9FD23D586889@apple.com \
--to=omer_shapira@apple.com \
--cc=keithw@cs.stanford.edu \
--cc=make-wifi-fast@lists.bufferbloat.net \
--cc=michawe@ifi.uio.no \
--cc=rpm@lists.bufferbloat.net \
--cc=toke@toke.dk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox