The Wire Image of a Network Protocol
RFC 8546

Document Type RFC - Informational (April 2019; No errata)
Last updated 2019-04-16
Replaces draft-trammell-wire-image
Stream IAB
Formats plain text pdf html bibtex
Stream IAB state Published RFC
Consensus Boilerplate Yes
RFC Editor Note (None)
Internet Architecture Board (IAB)                            B. Trammell
Request for Comments: 8546                                 M. Kuehlewind
Category: Informational                                       April 2019
ISSN: 2070-1721

                  The Wire Image of a Network Protocol

Abstract

   This document defines the wire image, an abstraction of the
   information available to an on-path non-participant in a networking
   protocol.  This abstraction is intended to shed light on the
   implications that increased encryption has for network functions that
   use the wire image.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Architecture Board (IAB)
   and represents information that the IAB has deemed valuable to
   provide for permanent record.  It represents the consensus of the
   Internet Architecture Board (IAB).  Documents approved for
   publication by the IAB are not candidates for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8546.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Trammell & Kuehlewind         Informational                     [Page 1]
RFC 8546                       Wire Image                     April 2019

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Definition  . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Discussion  . . . . . . . . . . . . . . . . . . . . . . . . .   3
     3.1.  The Extent of the Wire Image  . . . . . . . . . . . . . .   4
     3.2.  Obscuring Timing and Sizing Information . . . . . . . . .   5
     3.3.  Integrity Protection of the Wire Image  . . . . . . . . .   5
   4.  Engineering the Wire Image  . . . . . . . . . . . . . . . . .   6
     4.1.  Declaring Protocol Invariants . . . . . . . . . . . . . .   7
     4.2.  Trustworthiness of Engineered Signals . . . . . . . . . .   7
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   7.  Informative References  . . . . . . . . . . . . . . . . . . .   8
   IAB Members at the Time of Approval . . . . . . . . . . . . . . .   9
   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .   9
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10

1.  Introduction

   A protocol specification defines a set of behaviors for each
   participant in the protocol: which lower-layer protocols are used for
   which services, how messages are formatted and protected, which
   participant sends which message when, how each participant should
   respond to each message, and so on.

   Implicit in a protocol specification is the information the protocol
   radiates toward nonparticipant observers of the messages sent among
   participants, often including participants in lower-layer protocols.
   Any information that has a clear definition in the protocol's message
   format(s), or is implied by that definition, and is not
   cryptographically confidentiality protected can be unambiguously
   interpreted by those observers.  This information comprises the
   protocol's wire image, which we define and discuss in this document.

   The wire image, not the protocol's specification, determines how
   third parties on the network paths among protocol participants will
   interact with that protocol.

   The increasing deployment of transport-layer security [RFC8446] to
   protect application-layer headers and payload, as well as the
   definition and deployment of transport protocols with encrypted
   control information such as QUIC [QUIC], brings new relevance to the
   question of how third parties on the network paths will interact with
   a protocol.  QUIC is, in effect, the first IETF-defined transport
   protocol to take care of the minimization of its own wire image to
   prevent ossification and improve end-to-end privacy by reducing
   information radiation.

Trammell & Kuehlewind         Informational                     [Page 2]
RFC 8546                       Wire Image                     April 2019

   The flip side of this trend is the impact of a less visible wire
   image on various functions driven by third-party observation of the
   wire image.  In contrast to ongoing discussions about this tussle,
Show full document text