Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Client and/or server initiated handshake #242

Open
kixelated opened this issue Sep 10, 2023 · 8 comments · May be fixed by #499
Open

Client and/or server initiated handshake #242

kixelated opened this issue Sep 10, 2023 · 8 comments · May be fixed by #499
Assignees
@ianswett
Labels
Handshake QUIC vs WebTransport, SETUP Message

Comments

@kixelated
Copy link
Collaborator

kixelated commented Sep 10, 2023
edited
Loading

Splitting discussion in #212 into a separate issue.

The current draft states that the client initiates the session via a CLIENT_SETUP message and then server replies with a SERVER_SETUP. The client sends a list of supported versions and its role, while the server chooses a version and reaffirms the role. This is done via a bidirectional stream opened by the client.

However, depending on the underlying transport, the client won't always be the first endpoint allowed to send a flight, so this incurs a half-RTT of latency:

  • WebTransport: Client is allowed to send first (before CONNECT response), but most implementations will let the server send first (after 2xx CONNECT response)
  • QUIC: Client sends first with 0-RTT, while the server sends first with 1-RTT (most common).
@kixelated
Copy link
Collaborator Author

kixelated commented Sep 10, 2023
edited
Loading

I think we should emulate HTTP/3 SETTINGS. That means endpoints can send the SETUP in parallel.

SETUP
supported_versions: [ 1, 3, 4, ... ]
supported_roles: "publisher" | "subscriber" | "both"

As far as I understand, this doesn't support from version negotiation attacks, since it's over an established QUIC connection.

Alternatively, QUIC could use the ALPN to transmit this SETUP information. Unfortunately no such mechanism exists for WebTransport (yet).

@kixelated kixelated mentioned this issue Sep 11, 2023
Open
@afrind afrind added the Handshake QUIC vs WebTransport, SETUP Message label Oct 3, 2023
@ianswett ianswett added the Needs Discussion Tags for issues which need discussion, ideally at an interim or IETF meeting. label Oct 18, 2023
@fluffy
Copy link
Contributor

fluffy commented Feb 5, 2024

so I am working on the assumption the vast majority of connections, measured by numbers of connection, will be 0-RTT, not 1. I was assuming this because what the MoQ client sends in that would be "SAFE" in the HTTP replay sen. I realize other on this thread have thought about this lots. Any particular reason 0-RTT would not be common in MoQ ?

@kixelated
Copy link
Collaborator Author

so I am working on the assumption the vast majority of connections, measured by numbers of connection, will be 0-RTT, not 1. I was assuming this because what the MoQ client sends in that would be "SAFE" in the HTTP replay sen. I realize other on this thread have thought about this lots. Any particular reason 0-RTT would not be common in MoQ ?

Well, WebTransport does not support 0-RTT. Even if it did, MoQ would be subject to a replay attacks depending on how authentication is performed.

@vasilvv
Copy link
Collaborator

vasilvv commented Feb 7, 2024

Note that in case of WebTransport, the question of 0-RTT is orthogonal to the question of which side speaks first (it just lets you skip a round trip that occurs before the WebTransport session is established).

@ianswett
Copy link
Collaborator

We now have a clearer definition of Role, so the 'server' from the perspective of a QUIC connection could initiate a MoQ session with a CLIENT_SETUP message I believe?

I'm going to park this for now unless this is currently causing problems. Currently the control stream is bidi and unidirectional streams are for Objects, so this would be a non-trivial change.

@ianswett ianswett removed the Needs Discussion Tags for issues which need discussion, ideally at an interim or IETF meeting. label Mar 18, 2024
@afrind
Copy link
Collaborator

afrind commented Mar 18, 2024

the 'server' from the perspective of a QUIC connection could initiate a MoQ session with a CLIENT_SETUP message

Did we intend to allow this?

@martinduke
Copy link
Contributor

@kixelated: this will require a new version negotiation design, because SERVER_SETUP currently depends on CLIENT_SETUP. So you can progress this issue by (1) closing it, (2) starting a discussion a new design, or (3) filing a PR.

ianswett added a commit that referenced this issue Aug 5, 2024
@ianswett
Always use ALPN for version negotiation
52f01b4 
Removes version negotiation from the MoQ SETUP messages.

Fixes #242 
Fixes #243
Related to #83
@ianswett ianswett linked a pull request Aug 5, 2024 that will close this issue
Open
@martinduke martinduke assigned ianswett and unassigned kixelated Aug 14, 2024
@martinduke
Copy link
Contributor

Reassigning to @ianswett, as the author of the ALPN PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ianswett ianswett

Labels
Handshake QUIC vs WebTransport, SETUP Message
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Always use ALPN for version negotiation moq-wg/moq-transport
6 participants
@vasilvv @fluffy @kixelated @afrind @ianswett @martinduke