-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Take Hardware Offloads into Account #25
Comments
A few disconnected points on this subject:
on the other hand:
It would be very good to engage with the right people in industry, do some thinking about what these APIs would likely resemble, and if possible come up with a crypto design that is consistent with that. |
I would be hoping that any hardware offload would already be able to handle a different nonce length as that seem more future proof anyway. However, Martin probably has a good point that is makes sense to reach out and make this requirement explicit now. |
Based on recent changes about removing single packet number space, have there been changes on this topic? We'd love to get feedback on https://github.com/microsoft/quic-offloads with response to multi-path to make sure our HW offload design can support it. |
I think we need to find out whether hardware offloading is still working with multi-path extension before the WG last call. |
We've had some discussion with Eric for supporting hardware offloading with multi-path extension.
|
@Yanmei-Liu and @nibanks thanks for the continued discussion! It seems that the current design is fine with respect to hardware-offload and I believe the design is stable now. So I think we could actually close this issue now? Or do you maybe want to add any notes about hardware offload in the implementation consideration section? |
I struggle to understand what to do here. We do not have any "hardware offload" section in either RFC 9000 or RFC 9001. The last comment was related to the old "per connection ID" design, but it did not surface any roadblock. We moved to the "unique path ID" design, which is arguably simpler to implement. My proposal is to close with no action. |
I agree that we could close this issue with no action, so long as there's no such part for RFC 9000 and 9001.
|
While discussing single packet space vs multi packet space designs, @martinduke brought up the topic of hardware offloading. The effect of any design changes on packet encryption/decryption should take HW offloads into account. As I understand it, single packet space would not modify the packet encryption/decryption logic, but the multi packet space design would because of the difference nonce length. Additionally, since multi-path would be a negotiated feature/extension, that would mean all connections that don't negotiate the feature would have the "old" model/logic, where as the connections that do would have the new encryption/decryption logic. IMO, this could significantly complicated HW offloads.
The text was updated successfully, but these errors were encountered: