A Minimal Set of Transport Services for End Systems
draft-ietf-taps-minset-11

Note: This ballot was opened for revision 07 and is now closed.

(Spencer Dawkins) Yes

Ignas Bagdonas No Objection

Deborah Brungard No Objection

(Ben Campbell) No Objection

Comment (2018-09-11 for -08)
No email
send info
General: 

It's not clear to me who the target audience is for this draft or what the purpose is for publishing it as an RFC. It seems like an internal working group document that won't have much archival value once the interfaces are published. It seems telling that Appendix A (which IIUC is entirely historical) is almost twice as long as the body of the draft.  But I see that it is in fact chartered work, so I'm balloting "No Objection". 

Otherwise, I just have a few editorial comments:

General: The annotation "(!UDP)" is used throughout. I can guess the meaning, but it would be better to explicitly state it. Also, it seems odd to find that sort of annotation imbedded in paragraph form text.

§1: Please include a citation for the "Berkeley Sockets Interface". (Maybe the POSIX specs?)

§3.1, section title: What is the meaning of using all-caps here? It would help to include some description of the typographical convention. (This repeats in some other sections).

§3.1 "We caution implementers to be aware of the full
   set of trade-offs, for which we recommend consulting the list in
   Appendix A.2.1 when deciding how to initialize a connection."

If there is content in an Appendix that is risky for an implementor to skip, please consider moving it into the body. People regularly skip reading appendices.

Alissa Cooper (was Discuss) No Objection

Comment (2018-09-19 for -10)
No email
send info
Thanks for addressing my DISCUSS point.

Original COMMENT:

It seems like this document will be in need of updating once QUIC is published. Is the plan to publish this now and then publish an update next year? Why is that preferable to waiting and just publishing once?

Benjamin Kaduk (was Discuss) No Objection

Comment (2018-09-18 for -10)
No email
send info
Thank you for addressing my DISCUSS points; original comments retained
below for posterity.

As a former academic, I can see the appeal of abstracting away details to
get to a generic set of features that could allow the backend to do
protocol selection and increase the usage of more modern/better-featured
protocols.  But in some sense this feels like it really wants to be
defining an abstract API for transport services, making the feature set
into an *interface*, and more directly enabling this automatic selection in
the backend.  Unfortunately, this particular description is perhaps too
abstract to be translateable into "interoperable implementations" of an
abstract API (that is, so that an application written for one instantiation
of the API would be able to be used with a different instantiation of the
API using only a thin shim layer).  In particular, in Section 3.2 we are
given the option for keeping grouping information within the transport
abstraction (even when SCTP is not available) or reporting to the
application that he attempt to group connections failed.  An abstract API
would also need to be quite clear on the semantics of the exposed routines;
e.g., "timeout event when data could not be delivered for too long" is
predicated on reliable delivery being requested, so an application should
not try to use that event as a failsafe abort timer, since UDP does not
provide reliable delivery at all, and the application won't know that UDP
is/is not in use.  So while my personal preference would be to see this
document written in a very different way before publication, I have not
technical grounds to insist on it, so my preference here is just a
nonblocking objection.


I agree with Ben that some of the content in the appendices probably
ought to be pulled into the main body of the document.

The Gen-ART review called out "ADDED" as being noteworthy; my only
additional contribution is to ask whether "CHANGED FROM RFC8303" would be
easier on the reader.

Per-section comments follow.

I think we need a reference for LEDBAT in Section 1 when it first shows up.
(Also, RFC 6817 seems to say that the 'T' is "Transport", not "Transfer".)

Section 2 has an interesting definition of socket, but I don't have an
alternate term handy to reflect this concept without overloading the
connotations of a POSIX socket.

I may just be thinking too hard, but does "Hand over a message to reliably
transfer (possibly multiple times) before connection establishment"
mean that the data transfer of this message will complete prior to
connection establishment, or merely that the application has handed data to
the transport prior to connection establishment (but the data transfer will
occur after connection establishment)?  (The Appendices do help clear this
up with concrete examples, but perhaps the text earlier in the document
could be clarified?)

Section 3.1

   [...] This means that
   unacknowledged data residing a transport system's send buffer may
   have to be dropped from that buffer upon arrival of a "close" or
   "abort" notification from the peer.

nit: Is this supposed to be "residing in"?

Section A.1.1

I'm a little confused how the multiple-streams establishment features are
"automatable".  Coming at this from the perspective of an application that
needs to know that multiple streams exist in order to concurrently send
data on them, it seems non-automatable.  But I assume there's a different
sense in which the application can't really tell whether those "multiple
streams" are related at the transport protocol level or it's just the
transport abstraction that's tracking the group.

I'm also a little unsure about "configure message fragmentation" being
"automatable", given my understanding of how many fragmentation-intolrant
networks there are.  (But that's far from my area of expertise and any data
I have would be stale, so I don't really have anything useful to say here.)


   o  Disable checksum when sending
      Protocols: UDP
      Functional because application-specific knowledge is necessary to
      decide whether it can be acceptable to lose data integrity.
      Implementation: via SET_CHECKSUM_ENABLED.UDP.
      Implementation over TCP: do nothing (TCP does not offer to disable
      the checksum, but transmitting data with an intact checksum will
      not yield a semantically wrong result).

(Also for receiving, "checksum coverage" topics, etc.).  Please clarify
that this is "data integrity with respect to random corruption" (as opposed
to "source authentication and integrity protection" which would require
more crypto).

The notification of unsent/unacknowledged (part of a) message items are
listed as automatable because the distinction is "network-specific".  I
agree that the distinction is something that can be made automatically, but
I don't really understand how what "network" it is supposed to be that
matters for the distinction.

Section A.2

   the following list, we therefore precede a transport feature with
   "T:" if an implementation over TCP is possible, "U:" if an
   implementation over UDP is possible, and "TU:" if an implementation
   over either TCP or UDP is possible.

nit: It looks like "T,U:" is what's actually used, with the comma.

Section A.3.2

   With only these semantics necessary to represent, the interface to a
   transport system becomes easier if we assume that connections may be
   a transport protocol's connection or association, but could also be a
   stream of an existing SCTP association, for example.

nit: is this missing a "not only" (or similar) in "may be not only a
transport protocol's connection or association"?

Suresh Krishnan No Objection

Mirja Kühlewind No Objection

Comment (2018-09-07 for -08)
No email
send info
Rereading this doc again, I still have a couple of mostly editorial comments (however, none of them are critical in any way):

1) In the terminology section I think "Transport Service Instance" is actually never used in this doc and could therefore be removed. Please also double-check if service and feature is used coherently; I thought there were one or two cases where I would have expected to see feature instead of service. And finally Connection Group is explain there, however, given it is a new term and important concept, I would recommend to introduce it anyway separately in the intro as well.

2) Not sure if the paragraph in the intro about "one-sided" deployment is needed there, given that this doc does not/should not really talk about any deployment considerations for an taps system.

3) In section 3 I find this sentence a bit confusing: "The described transport system can be implemented over TCP."
This sentence leaves open if other protocols can be implemented as well. However, I guess what you actually what to say is something like
"Any configuration based the described minimum set of transport feature can always be realized over TCP but also gives the transport system flexibility to choose another transport if implemented." Or something like this. I think a clarification would be helpful to make clear that there is no direct dependency on TCP.

4) I personally still think that having this example decision tree in section 3.1 puts to much emphasis on this specific example (that "only" covers TCP, SCTP, and UDP(-Lite)) and I would rather move it to the appendix (or maybe create an own subsection somehow). 

5) In section 3.1 the paragraph starting with "Once a connection is created..." seems redundant with section 3.2.1 and could potentially be just removed.

6) sec 3.3.1: "Note that
      applications sending unreliable data without congestion control
      should themselves perform congestion control in accordance with
      [RFC2914]."
  I guess the better reference is RFC8085 (if this sentence is needed at all).

7) Why is "Configure checksum usage" (only) applicable to individual connections?

(Terry Manderson) No Objection

(Eric Rescorla) No Objection

Comment (2018-09-12 for -08)
No email
send info
Rich version of this review at:
https://mozphab-ietf.devsvcdev.mozaws.net/D4808



IMPORTANT
S 3.1.
>        - Is any of the following useful to the application?
>          *  Specify checksum coverage used by the sender
>          *  Specify minimum checksum coverage required by receiver
>   
>          Yes: UDP-Lite is preferred.
>          No: UDP is preferred.

there seems to be something missing here wrt penetration rates. I.e.,
SCTP  (absent UDP) does not reliably work for any client behind NATs,
which means that it's not preferred for those clients regardless of
the other benefits in this tree.

COMMENTS
S 1.
>      of libraries to use this transport feature without exposing it, based
>      on knowledge about the applications -- but this is not the general
>      case).  In most situations, in the interest of being as flexible and
>      efficient as possible, the best choice will be for a library to
>      expose at least all of the transport features that are recommended as
>      a "minimal set" here.

What is the bar for the requirements here. I.e., do you believe that
all of these can be implemented with a standard sockets API.


S 3.
>   
>      Based on the categorization, reduction, and discussion in Appendix A,
>      this section describes a minimal set of transport features that end
>      systems should offer.  The described transport system can be
>      implemented over TCP.  Elements of the system that are not marked
>      with "!UDP" can also be implemented over UDP.

Does this mean over native UDP with no other session protocol. Because
you can have TCP over UDP.


S 3.2.
>      multiplexed as streams on a single SCTP association when SCTP may not
>      be available).  The transport system must therefore ensure that
>      group- versus non-group-configurations are handled correctly in some
>      way (e.g., by applying the configuration to all grouped connections
>      even when they are not multiplexed, or informing the application
>      about grouping success or failure).

How do you group connections in TCP? Or is this text saying it
doesn't?


S 7.2.
>      o  Request to negotiate interleaving of user messages
>         Protocols: SCTP
>         Automatable because it requires using multiple streams, but
>         requesting multiple streams in the CONNECTION.ESTABLISHMENT
>         category is automatable.
>         Implementation: via a parameter in CONNECT.SCTP.

I'm not sure I follow how this is automatable. Is the argument that
SCTP will always do it, and so once you have asked for SCTP...?


S 7.2.
>   
>      o  Disable MPTCP
>         Protocols: MPTCP
>         Automatable because the usage of multiple paths to communicate to
>         the same end host relates to knowledge about the network, not the
>         application.

I don't think I understand how this is automatable. Is the theory that
the host auto-negotiates MPTCP? But what if the app doesn't want it no
matter what.

Alvaro Retana No Objection

Comment (2018-09-11 for -08)
No email
send info
Mostly just a nit...

What is an end system?  I was curious to see the definition to get an idea of who the recommendations in this document are for.  I assumed pretty much any device is an end system; the Introduction seems to focus on applications as the users of the transport services (which obviously makes sense).

There is no definition of "end system" in the document.  But there is one for endpoint: "an entity that communicates with one or more other endpoints using a transport protocol."   Hmmm...so an endpoint is one that communicates with other endpoints.  Just what I thought! ;-)

Seriously...  The terminology may not be obvious to the casual reader.  It would be nice to at least be consistent in the terminology/description.  BTW, all the terminology in §2 is pretty much the same as what is already defined in rfc8303.

Adam Roach No Objection

Comment (2018-09-13 for -08)
No email
send info
I support the first paragraph of Benjamin's DISCUSS. (For avoidance of doubt: I take no position on the remainder of his DISCUSS, and in no way intend to diminish it by explicitly supporting a specific subset of his DISCUSS.)

Martin Vigoureux No Objection