<?xml version="1.0" encoding="US-ASCII"?> encoding="UTF-8"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY RFC0791 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.0791.xml">
<!ENTITY RFC1273 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.1273.xml">
<!ENTITY RFC2410 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2410.xml">
<!ENTITY RFC2474 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2474.xml">
<!ENTITY RFC2475 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2475.xml">
<!ENTITY RFC2507 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2507.xml">
<!ENTITY RFC2508 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2508.xml">
<!ENTITY RFC2914 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2914.xml">
<!ENTITY RFC3168 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3168.xml">
<!ENTITY RFC3234 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3234.xml">
<!ENTITY RFC3261 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3261.xml">
<!ENTITY RFC3393 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3393.xml">
<!ENTITY RFC3550 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3550.xml">
<!ENTITY RFC3711 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3711.xml">
<!ENTITY RFC3819 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3819.xml">
<!ENTITY RFC4302 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4302.xml">
<!ENTITY RFC4303 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4303.xml">
<!ENTITY RFC4566 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4566.xml">
<!ENTITY RFC4585 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4585.xml">
<!ENTITY RFC4737 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4737.xml">
<!ENTITY RFC4960 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.4960.xml">
<!ENTITY RFC5166 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5166.xml">
<!ENTITY RFC5795 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5795.xml">
<!ENTITY RFC5218 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5218.xml">
<!ENTITY RFC5236 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5236.xml">
<!ENTITY RFC8446 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8446.xml">
<!ENTITY RFC5426 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5426.xml">
<!ENTITY RFC5481 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5481.xml">
<!ENTITY RFC3449 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3449.xml">
<!ENTITY RFC5925 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.5925.xml">
<!ENTITY RFC6056 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6056.xml">
<!ENTITY RFC6294 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6294.xml">
<!ENTITY RFC6269 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6269.xml">
<!ENTITY RFC6347 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6347.xml">
<!ENTITY RFC6437 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6437.xml">
<!ENTITY RFC6438 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6438.xml">
<!ENTITY RFC6973 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6973.xml">

<!ENTITY RFC7098 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7098.xml">

<!ENTITY RFC7605 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7605.xml">
<!ENTITY RFC7126 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7126.xml">
<!ENTITY RFC7258 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7258.xml">
<!ENTITY RFC7525 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7525.xml">
<!ENTITY RFC7413 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7413.xml">
<!ENTITY RFC7414 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7414.xml">
<!ENTITY RFC7567 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7567.xml">
<!ENTITY RFC7624 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7624.xml">
<!ENTITY RFC7713 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7713.xml">
<!ENTITY RFC7872 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7872.xml">
<!ENTITY RFC7928 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7928.xml">
<!ENTITY RFC7594 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7594.xml">
<!ENTITY RFC7799 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7799.xml">
<!ENTITY RFC7983 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7983.xml">
<!ENTITY RFC8033 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8033.xml">
<!ENTITY RFC8084 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8084.xml">
<!ENTITY RFC8085 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8085.xml">
<!ENTITY RFC8086 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8086.xml">
<!ENTITY RFC8087 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8087.xml">
<!ENTITY RFC8095 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8095.xml">
<!ENTITY RFC8200 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml">
<!ENTITY RFC8404 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8404.xml">
<!ENTITY RFC8250 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8250.xml">
<!ENTITY RFC8257 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8257.xml">
<!ENTITY RFC8289 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8289.xml">
<!ENTITY RFC8290 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8290.xml">
<!ENTITY RFC8462 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8462.xml">
<!ENTITY RFC8517 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8517.xml">
<!ENTITY RFC8546 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8546.xml">
<!ENTITY RFC8548 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8548.xml">
<!ENTITY RFC8684 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8684.xml">
<!ENTITY RFC8558 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8558.xml">
<!ENTITY RFC6846 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.6846.xml">
<!ENTITY RFC3552 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.3552.xml">
<!ENTITY RFC8724 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8724.xml">
<!ENTITY I-D.ietf-quic-transport SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-ietf-quic-transport-29.xml">
<!ENTITY RFC8701 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8701.xml">
<!ENTITY I-D.trammell-plus-abstract-mech SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-trammell-plus-abstract-mech-00.xml">
<!ENTITY I-D.ietf-tcpm-accurate-ecn SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-ietf-tcpm-accurate-ecn-11.xml">
<!ENTITY I-D.ietf-tsvwg-l4s-arch SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-ietf-tsvwg-l4s-arch-06.xml">
<!ENTITY I-D.ietf-ippm-ioam-data SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-ietf-ippm-ioam-data-10.xml">
<!ENTITY RFC8922 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8922.xml">
<!ENTITY I-D.ietf-tsvwg-rtcweb-qos SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-ietf-tsvwg-rtcweb-qos-18.xml">
<!ENTITY RFC8837 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8837.xml">
<!ENTITY I-D.ietf-tls-dtls13 SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-ietf-tls-dtls13-38.xml">
<!ENTITY I-D.marx-qlog-main-schema SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.draft-marx-qlog-main-schema-02.xml">
<!-- Note XML for rev -04 is currently broken, RFC-Ed needs to fix latest rev. -->
<!ENTITY I-D.ietf-6man-ipv6-alt-mark SYSTEM "http://xml2rfc.tools.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6man-ipv6-alt-mark-00.xml">
]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc toc="yes"?>
<?rfc strict="yes"?>
<?rfc tocompact="yes"?>
<?rfc rfcedstyle="yes"?>
<?rfc subcompact="no"?>
<?rfc tocdepth="2"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes" ?>
<?rfc comments="yes"?>
<?rfc inline="yes" ?>
<?rfc compact='yes'?> "rfc2629-xhtml.ent">

<rfc category="info" xmlns:xi="http://www.w3.org/2001/XInclude" docName="draft-ietf-tsvwg-transport-encrypt-21"
     ipr="trust200902"> number="9065" ipr="trust200902" obsoletes="" updates="" submissionType="IETF" category="info" consensus="true" xml:lang="en" tocInclude="true" tocDepth="2" symRefs="true" sortRefs="true" version="3">

  <!-- xml2rfc v2v3 conversion 3.7.0 -->
  <front>
    <title abbrev="Transport Header Encryption">Considerations around
    Transport Header Confidentiality, Network Operations, and the Evolution of
    Internet Transport Protocols</title>
    <seriesInfo name="RFC" value="9065"/>
    <author fullname="Godred Fairhurst" initials="G." surname="Fairhurst">
      <organization>University of Aberdeen</organization>
      <address>
        <postal>
          <street>Department
	  <extaddr>Department of Engineering</street> Engineering</extaddr>
          <street>Fraser Noble Building</street>

          <city>Aberdeen</city>
          <city>Aberdeen, Scotland</city>
          <code>AB24 3UE</code>

          <country>Scotland</country>
          <country>United Kingdom</country>
        </postal>
        <email>gorry@erg.abdn.ac.uk</email>
        <uri>http://www.erg.abdn.ac.uk/</uri>
      </address>
    </author>
    <author fullname="Colin Perkins" initials="C.S." initials="C." surname="Perkins">
      <organization>University of Glasgow</organization>
      <address>
        <postal>
          <street>School
          <extaddr>School of Computing Science</street>

          <city>Glasgow</city> Science</extaddr>
          <city>Glasgow, Scotland</city>
          <code>G12 8QQ</code>

          <country>Scotland</country>
          <country>United Kingdom</country>
        </postal>
        <email>csp@csperkins.org</email>
        <uri>https://csperkins.org/</uri>
      </address>
    </author>
    <date day="18" month="April" year="2021" /> month="July" year="2021"/>
    <area>Transport</area>
    <workgroup>TSVWG</workgroup>
    <keyword>transport design, operations design</keyword>
    <keyword>operations and management</keyword>
    <abstract>
      <t>To protect user data and privacy, Internet transport protocols have
      supported payload encryption and authentication for some time. Such
      encryption and authentication is are now also starting to be applied to the
      transport protocol headers. This helps avoid transport protocol
      ossification by middleboxes, mitigate attacks against the transport
      protocol, and protect metadata about the communication. Current
      operational practice in some networks inspect transport header
      information within the network, but this is no longer possible when
      those transport headers are encrypted.</t>
      <t>This document discusses the possible impact when network traffic uses
      a protocol with an encrypted transport header. It suggests issues to
      consider when designing new transport protocols or features.</t>
    </abstract>
  </front>
  <middle>
    <section title="Introduction"> numbered="true" toc="default">
      <name>Introduction</name>
      <t>The transport layer supports the end-to-end flow of data across a
      network path, providing features such as connection establishment,
      reliability, framing, ordering, congestion control, flow control, etc.,
      as needed to support applications. One of the core functions of an
      Internet transport is to discover and adapt to the characteristics of
      the network path that is currently being used.</t>
      <t>For some years, it has been common for the transport layer transport-layer payload to
      be protected by encryption and authentication, authentication but for the transport
      layer transport-layer
      headers to be sent unprotected. Examples of protocols that behave
      in this manner include <xref target="RFC8446"> Transport Layer Security
      (TLS) over TCP</xref>, TCP <xref target="RFC8446" format="default"/>, Datagram TLS <xref target="RFC6347"></xref> target="RFC6347" format="default"/> <xref
      target="I-D.ietf-tls-dtls13"></xref>, target="I-D.ietf-tls-dtls13" format="default"/>, the <xref target="RFC3711"> Secure
      Real-time Transport Protocol</xref>, and Protocol <xref target="RFC8548"> target="RFC3711" format="default"/>, and tcpcrypt </xref>. <xref target="RFC8548" format="default"/>. The use of unencrypted transport headers has led some
      network operators, researchers, and others to develop tools and
      processes that rely on observations of transport headers both in
      aggregate and at the flow level to infer details of the network's
      behaviour and inform operational practice.</t>
      <t>Transport protocols are now being developed that encrypt some or all
      of the transport headers, in addition to the transport payload data. The
      QUIC transport protocol <xref target="I-D.ietf-quic-transport"></xref> target="RFC9000" format="default"/>
      is an example of such a protocol. Such transport header encryption makes
      it difficult to observe transport protocol behaviour from the vantage
      point of the network. This document discusses some implications of
      transport header encryption for network operators and researchers that
      have previously observed transport headers, and it highlights some issues
      to consider for transport protocol designers.</t>
      <t>As discussed in <xref target="RFC7258"></xref>, target="RFC7258" format="default"/>, the IETF has
      concluded that Pervasive Monitoring (PM) is a technical attack that
      needs to be mitigated in the design of IETF protocols. This document
      supports that conclusion. It also recognises that RFC7258 states <xref target="RFC7258" format="default"/>
      states, "Making networks unmanageable to mitigate PM is not an acceptable outcome, but
      ignoring PM would go against the consensus documented here. An
      appropriate balance will emerge over time as real instances of this
      tension are considered". considered." This document is written to provide input to
      the discussion around what is an appropriate balance, balance by highlighting
      some implications of transport header encryption.</t>
      <t>Current uses of transport header information by network devices on
      the Internet path are explained. These uses can be beneficial or
      malicious. This is written to provide input to the discussion around
      what is an appropriate balance, balance by highlighting some implications of
      transport header encryption.</t>
    </section>
    <section anchor="Current"
             title="Current uses numbered="true" toc="default">
      <name>Current Uses of Transport Headers within the Network"> Network</name>
      <t>In response to pervasive monitoring surveillance <xref target="RFC7624"></xref> target="RFC7624" format="default"/>
      revelations and the IETF consensus that "Pervasive Monitoring is Is an
      Attack" <xref target="RFC7258"></xref>, target="RFC7258" format="default"/>, efforts are underway to increase
      encryption of Internet traffic. Applying confidentiality to transport
      header fields can improve privacy, privacy and can help to mitigate certain
      attacks or manipulation of packets by devices on the network path, but
      it can also affect network operations and measurement <xref
      target="RFC8404"></xref>.</t> target="RFC8404"
      format="default"/>.</t>
      <t>When considering what parts of the transport headers should be
      encrypted to provide confidentiality, confidentiality and what parts should be visible
      to network devices (including non-encrypted unencrypted but authenticated headers),
      it is necessary to consider both the impact on network operations and
      management,
      management and the implications for ossification and user privacy <xref
      target="Measurement"></xref>.
      target="Measurement" format="default"/>. Different parties will view the relative
      importance of these concerns differently. For some, the benefits of
      encrypting all the transport headers outweigh the impact of doing so;
      others might analyse the security, privacy, and ossification impacts and
      arrive at a different trade-off.</t>
      <t>This section reviews examples of the observation of transport layer transport-layer
      headers within the network by using devices on the network path, path or by using
      information exported by an on-path device. Unencrypted transport headers
      provide information that can support network operations and management,
      and this section notes some ways in which this has been done.
      Unencrypted transport header information also contributes metadata that
      can be exploited for purposes unrelated to network transport
      measurement, diagnostics diagnostics, or troubleshooting (e.g., to block or to
      throttle traffic from a specific content provider), and this section
      also notes some threats relating to unencrypted transport headers.</t>
      <t>Exposed transport information also provides a source of information
      that contributes to linked data sets, which could be exploited to deduce
      private information, e.g., user patterns, user location, tracking
      behaviour, etc. This might reveal information the parties did not intend
      to be revealed. <xref target="RFC6973"></xref> target="RFC6973" format="default"/> aims to make designers,
      implementers, and users of Internet protocols aware of privacy-related
      design choices in IETF protocols.</t>
      <t>This section does not consider intentional modification of transport
      headers by middleboxes, such as devices performing Network Address
      Translation (NAT) or Firewalls.</t> firewalls.</t>
      <section title="To numbered="true" toc="default">
        <name>To Separate Flows in Network Devices"> Devices</name>
        <t>Some network layer network-layer mechanisms separate network traffic by flow, flow
        without resorting to identifying the type of traffic. Hash-based
        load-sharing traffic: hash-based
        load sharing across paths (e..g., equal cost multi path,
        ECMP), (e.g., Equal-Cost Multipath
        (ECMP)); sharing across a group of links (e.g., using a link aggregation
        group, LAG), Link Aggregation
        Group (LAG)); ensuring equal access to link capacity (e.g., fair
        queuing, FQ), Fair
        Queuing (FQ)); or distributing traffic to servers (e.g., load
        balancing). To prevent packet reordering, forwarding engines can
        consistently forward the same transport flows along the same
        forwarding path, often achieved by calculating a hash using an n-tuple
        gleaned from a combination of link header information through to
        transport header information. This n-tuple can use the MAC address, Media Access Control
	(MAC) address and IP
        addresses,
        addresses and can include observable transport header information.
        </t>
        <t>When transport header information cannot be observed, there can be
        less information to separate flows at equipment along the path.
	Flow
        separation might not be possible when, when a transport that forms traffic
        into an encrypted aggregate. For IPv6, the Flow Label <xref
        target="RFC6437"></xref> target="RFC6437" format="default"/> can be used even when all transport
        information is encrypted, enabling Flow Label-based ECMP <xref
        target="RFC6438"></xref> target="RFC6438" format="default"/> and Load-Sharing load sharing <xref
        target="RFC7098"></xref>.</t> target="RFC7098" format="default"/>.</t>
      </section>
      <section anchor="Current-demux"
               title="To numbered="true" toc="default">
        <name>To Identify Transport Protocols and Flows"> Flows</name>
        <t>Information in exposed transport layer transport-layer headers can be used by the
        network to identify transport protocols and flows <xref
        target="RFC8558"></xref>. target="RFC8558" format="default"/>. The ability to identify transport protocols,
        flows, and sessions is a common function performed, for example, by
        measurement activities, Quality of Service (QoS) classifiers, and
        firewalls. These functions can be beneficial, beneficial and performed with the
        consent of, and in support of, the end user. Alternatively, the same
        mechanisms could be used to support practises that might be
        adversarial to the end user, including blocking, de-prioritising, deprioritising, and
        monitoring traffic without consent.</t>
        <t>Observable transport header information, together with information
        in the network header, has been used to identify flows and their
        connection state, together with the set of protocol options being
        used. Transport protocols, such as TCP <xref target="RFC7414"></xref> target="RFC7414" format="default"/>
        and the Stream Control Transport Transmission Protocol (SCTP) <xref
        target="RFC4960"></xref>, target="RFC4960" format="default"/>, specify a standard base header that includes
        sequence number information and other data. They also have the
        possibility to negotiate additional headers at connection setup,
        identified by an option number in the transport header.</t>
        <t>In some uses, an assigned transport port (e.g., 0..49151) can
        identify the upper-layer protocol or service <xref
        target="RFC7605"></xref>. target="RFC7605" format="default"/>. However, port information alone is not
        sufficient to guarantee identification. Applications can use arbitrary
        ports and do not need to use assigned port numbers. The use of an
        assigned port number is also not limited to the protocol for which the
        port is intended. Multiple sessions can also be multiplexed on a
        single port, and ports can be re-used reused by subsequent sessions.</t>
        <t>Some flows can be identified by observing signalling data
        (e.g., see <xref target="RFC3261"></xref>, target="RFC3261" format="default"/> and <xref target="RFC8837"></xref>) target="RFC8837" format="default"/>) or
        through the use of magic numbers placed in the first byte(s) of a
        datagram payload <xref target="RFC7983"></xref>.</t> target="RFC7983" format="default"/>.</t>
        <t>When transport header information cannot be observed, this removes
        information that could have been used to classify flows by passive
        observers along the path. More ambitious ways could be used to
        collect, estimate, or infer flow information, including heuristics
        based on the analysis of traffic patterns, such as classification of
        flows relying on timing, volumes of information, and correlation
        between multiple flows. For example, an operator that cannot access
        the Session Description Protocol (SDP) session descriptions <xref
        target="RFC4566"></xref> target="RFC8866" format="default"/> to classify a flow as audio traffic, traffic might
        instead use (possibly less-reliable) heuristics to infer that short
        UDP packets with regular spacing carry audio traffic. Operational
        practises aimed at inferring transport parameters are out of scope for
        this document, and are only mentioned here to recognise that
        encryption does not prevent operators from attempting to apply
        practises that were used with unencrypted transport headers.</t>
        <t>The IAB <xref target="RFC8546"></xref> have target="RFC8546" format="default"/> has provided a summary of
        expected implications of increased encryption on network functions
        that use the observable headers and describe the expected benefits of
        designs that explicitly declare protocol invariant protocol-invariant header information
        that can be used for this purpose.</t>
      </section>
      <section anchor="stats"
               title="To numbered="true" toc="default">
        <name>To Understand Transport Protocol Performance"> Performance</name>
        <t>This subsection describes use by the network of exposed transport
        layer transport-layer headers to
	understand transport protocol performance and
        behaviour.</t>
        <section title="Using numbered="true" toc="default">
          <name>Using Information Derived from Transport Layer Headers"> Transport-Layer Headers</name>
          <t>Observable transport headers enable explicit measurement and
          analysis of protocol performance, performance and detection of network anomalies
          at any point along the Internet path. Some operators use passive
          monitoring to manage their portion of the Internet by characterising
          the performance of link/network segments. Inferences from transport
          headers are used to derive performance metrics:</t>

          <t><list style="hanging">
              <t hangText="Traffic
          <dl newline="true" spacing="normal">
            <dt>Traffic Rate and Volume:">Per-application Volume:</dt>
            <dd><t>Per-application traffic
              rate and volume measures can be used to characterise the traffic
              that uses a network segment or the pattern of network usage.
              Observing the protocol sequence number and packet size offers
              one way to measure this (e.g., measurements observing counters
              in periodic reports reports, such as RTCP; RTCP <xref target="RFC3550"
	      format="default"/> <xref target="RFC3711" format="default"/> <xref
	      target="RFC4585" format="default"/>, or measurements observing
              protocol sequence numbers in statistical samples of packet
              flows,
              flows or specific control packets, such as those observed at
              the start and end of a flow).</t>

              <t hangText="">Measurements
            <t>Measurements can be per endpoint, endpoint or for an
              endpoint aggregate. These could be used to assess usage or for
              subscriber billing.</t>

              <t hangText="">Such
            <t>Such measurements can be used to trigger traffic
              shaping,
              shaping and to associate QoS support within the network and
              lower layers. This can be done with consent and in support of an
              end user, user to improve quality of service; service or could be used by the
              network to de-prioritise deprioritise certain flows without user consent.</t>

              <t hangText="">The
            <t>The traffic rate and volume can be determined determined,
              providing that the packets belonging to individual flows can be
              identified, but there might be no additional information about a
              flow when the transport headers cannot be observed.</t>

              <t hangText="Loss
	    </dd>
            <dt>Loss Rate and Loss Pattern:">Flow Pattern:</dt>
            <dd><t>Flow loss rate can be
              derived (e.g., from transport sequence numbers or inferred from
              observing transport protocol interactions) and has been used as
              a metric for performance assessment and to characterise
              transport behaviour. Network operators have used the variation
              in patterns to detect changes in the offered service.
              Understanding the location and root cause of loss can help an
              operator determine whether this requires corrective action.</t>
            <t>There are various causes of loss, including: corruption of
              link frames (e.g., due to interference on a radio link), link);
              buffering loss (e.g., overflow due to congestion, Active Queue
              Management, AQM
              Management (AQM) <xref target="RFC7567"></xref>, target="RFC7567" format="default"/>, or inadequate
              provision following traffic pre-emption), preemption), and policing (traffic (e.g., traffic
              management <xref target="RFC2475"></xref>). target="RFC2475" format="default"/>). Understanding flow
              loss rates requires maintaining the per-flow state (flow
              identification often requires transport layer transport-layer information) and
              either observing the increase in sequence numbers in the network
              or transport headers, headers or comparing a per-flow packet counter
              with the number of packets that the flow actually sent. Per-hop
              loss can also sometimes be monitored at the interface level by
              devices on the network path, path or by using in-situ methods operating
              over a network segment (see <xref
              target="other-sources"></xref>).</t> target="other-sources" format="default"/>).</t>
            <t>The pattern of loss can provide insight into the cause of
              loss. Losses can often occur as bursts, randomly-timed randomly timed events,
              etc. It can also be valuable to understand the conditions under
              which loss occurs. This usually requires relating loss to the
              traffic flowing at a network node or segment at the time of
              loss. Transport header information can help identify cases where
              loss could have been wrongly identified, identified or where the transport
              did not require retransmission of a lost packet.</t>

              <t hangText="Throughput
	    </dd>
            <dt>Throughput and Goodput:">Throughput Goodput:</dt>
            <dd>Throughput is the amount
              of payload data sent by a flow per time interval. Goodput (the
              subset of throughput consisting of useful traffic) traffic; see <xref
              target="RFC7928">(see Section 2.5 of </xref> target="RFC7928"
	      sectionFormat="of" section="2.5"/> and <xref
              target="RFC5166"></xref>) target="RFC5166" format="default"/>) is
	      a measure of useful data exchanged.
              The throughput of a flow can be determined in the absence of
              transport header information, providing that the individual flow
              can be identified, and the overhead known. Goodput requires the
              ability to differentiate loss and retransmission of packets, for
              example
              example, by observing packet sequence numbers in the TCP or RTP
              headers <xref target="RFC3550"></xref>.</t>

              <t hangText="Latency:">Latency target="RFC3550" format="default"/>.</dd>
            <dt>Latency:</dt>
            <dd><t>Latency is a key performance metric that
              impacts application and user-perceived response times. It often
              indirectly impacts throughput and flow completion time. This
              determines the reaction time of the transport protocol itself,
              impacting flow setup, congestion control, loss recovery, and
              other transport mechanisms. The observed latency can have many
              components <xref target="Latency"></xref>. target="Latency" format="default"/>. Of these,
              unnecessary/unwanted queueing in buffers of the network devices
              on the path has often been observed as a significant factor
              <xref target="bufferbloat"></xref>. target="bufferbloat" format="default"/>. Once the cause of unwanted
              latency has been identified, this can often be eliminated.</t>
            <t>To measure latency across a part of a path, an observation
              point <xref target="RFC7799"></xref> target="RFC7799" format="default"/> can measure the experienced
              round trip
              round-trip time (RTT) by using packet sequence numbers and
              acknowledgements,
              acknowledgements or by observing header timestamp information.
              Such information allows an observation point on the network path
              to determine not only the path RTT, RTT but also allows measurement
              of the upstream and downstream contribution to the RTT. This
              could be used to locate a source of latency, e.g., by observing
              cases where the median RTT is much greater than the minimum RTT
              for a part of a path.</t>
            <t>The service offered by network operators can benefit from
              latency information to understand the impact of configuration
              changes and to tune deployed services. Latency metrics are key
              to evaluating and deploying AQM <xref target="RFC7567"></xref>,
              DiffServ target="RFC7567" format="default"/>,
              Diffserv <xref target="RFC2474"></xref>, target="RFC2474" format="default"/>, and
	      Explicit Congestion
              Notification (ECN) <xref target="RFC3168"></xref> target="RFC3168" format="default"/> <xref
              target="RFC8087"></xref>. target="RFC8087"
	      format="default"/>. Measurements could identify
              excessively large buffers, indicating where to deploy or
              configure AQM. An AQM method is often deployed in combination
              with other techniques, such as scheduling <xref
              target="RFC7567"> target="RFC7567" format="default">
	      </xref> <xref target="RFC8290"> </xref> target="RFC8290" format="default"> </xref>, and
              although parameter-less methods are desired <xref
              target="RFC7567"> target="RFC7567" format="default">
	      </xref>, current methods often require tuning
              <xref target="RFC8290"></xref> target="RFC8290" format="default"/> <xref target="RFC8289"> target="RFC8289" format="default">
	    </xref>
              <xref target="RFC8033"> target="RFC8033" format="default"> </xref> because they cannot scale across
              all possible deployment scenarios.</t>
            <t>Latency and round-trip time information can potentially
              expose some information useful for approximate geolocation, as
              discussed in <xref target="PAM-RTT"></xref>.</t>

              <t hangText="Variation target="PAM-RTT" format="default"/>.</t>
	    </dd>
            <dt>Variation in delay:">Some Delay:</dt>
            <dd>Some network applications are
              sensitive to (small) changes in packet timing (jitter). Short Short-
              and long-term delay variation can impact on the latency of a
              flow and hence the perceived quality of applications using a
              network path. For example, jitter metrics are often cited when
              characterising paths supporting real-time traffic. The expected
              performance of such applications, applications can be inferred from a measure
              of the variation in delay observed along a portion of the path
              <xref target="RFC3393"></xref> target="RFC3393" format="default"/> <xref target="RFC5481"></xref>. target="RFC5481" format="default"/>.
              The requirements resemble those for the measurement of
              latency.</t>

              <t hangText="Flow Reordering:">Significant
              latency.</dd>
            <dt>Flow Reordering:</dt>
            <dd><t>Significant packet reordering
              within a flow can impact time-critical applications and can be
              interpreted as loss by reliable transports. Many transport
              protocol techniques are impacted by reordering (e.g., triggering
              TCP retransmission or re-buffering rebuffering of real-time applications).
              Packet reordering can occur for many reasons, e.g., from equipment
              design to misconfiguration of forwarding rules. Flow
              identification is often required to avoid significant packet
              mis-ordering
              misordering (e.g., when using ECMP, or LAG). Network tools can
              detect and measure unwanted/excessive reordering, reordering and the impact
              on transport performance.</t>
            <t>There have been initiatives in the IETF transport area to
              reduce the impact of reordering within a transport flow,
              possibly leading to a reduction in the requirements for
              preserving ordering. These have potential to simplify network
              equipment design as well as the potential to improve robustness
              of the transport service. Measurements of reordering can help
              understand the present level of reordering, reordering and inform decisions
              about how to progress new mechanisms.</t>
            <t>Techniques for measuring reordering typically observe packet
              sequence numbers. Metrics have been defined that evaluate
              whether a network path has maintained packet order on a
              packet-by-packet basis <xref target="RFC4737"></xref> target="RFC4737" format="default"/> <xref
              target="RFC5236"></xref>.
	      target="RFC5236" format="default"/>. Some protocols provide in-built
              monitoring and reporting functions. Transport fields in the RTP
              header <xref target="RFC3550"></xref> target="RFC3550" format="default"/> <xref
              target="RFC4585"></xref> target="RFC4585"
	      format="default"/> can be observed to derive traffic
              volume measurements and provide information on the progress and
              quality of a session using RTP. Metadata assists in
              understanding the context under which the data was collected,
              including the time, observation point <xref
              target="RFC7799"></xref>, target="RFC7799" format="default"/>, and
	      way in which metrics were
              accumulated. The RTCP protocol directly reports some of this
              information in a form that can be directly visible by devices on
              the network path.</t>
            </list></t>
	    </dd>
          </dl>
          <t>In some cases, measurements could involve active injection of
          test traffic to perform a measurement (see Section 3.4 of <xref
          target="RFC7799"></xref>). target="RFC7799" sectionFormat="of"
	  section="3.4"/>). However, most operators do not have
          access to user equipment, therefore equipment; therefore, the point of test is normally
          different from the transport endpoint. Injection of test traffic can
          incur an additional cost in running such tests (e.g., the
          implications of capacity tests in a mobile network segment are
          obvious). Some active measurements <xref target="RFC7799"></xref> target="RFC7799" format="default"/>
          (e.g., response under load or particular workloads) perturb other
          traffic,
          traffic and could require dedicated access to the network
          segment.</t>
          <t>Passive measurements (see Section 3.6 of <xref
          target="RFC7799"></xref>) target="RFC7799" sectionFormat="of" section="3.6"/>)
	  can have advantages in terms of
          eliminating unproductive test traffic, reducing the influence of
          test traffic on the overall traffic mix, and having the ability to choose
          the point of observation (see <xref target="point"></xref>). target="point" format="default"/>).
          Measurements can rely on observing packet headers, which is not
          possible if those headers are encrypted, but could utilise
          information about traffic volumes or patterns of interaction to
          deduce metrics.</t>
          <t>Passive packet sampling techniques are also often used to scale
          the processing involved in observing packets on high rate high-rate links.
          This exports only the packet header information of (randomly)
          selected packets. Interpretation of the exported information relies
          on understanding of the header information. The utility of these
          measurements depends on the type of network segment/link and number
          of mechanisms used by the network devices. Simple routers are
          relatively easy to manage, but a device with more complexity demands
          understanding of the choice of many system parameters.</t>
        </section>
        <section anchor="tunlhf"
                 title="Using numbered="true" toc="default">
          <name>Using Information Derived from Network Layer Network-Layer Header Fields"> Fields</name>
          <t>Information from the transport header can be used by a
          multi-field (MF) classifier as a part of policy framework. Policies
          are commonly used for management of the QoS or Quality of Experience
          (QoE) in resource-constrained networks, networks or by firewalls to implement
          access rules (see also Section 2.2.2 of <xref
          target="RFC8404"></xref>). target="RFC8404" sectionFormat="of" section ="2.2.2"/>).
	  Policies can support user
          applications/services or protect against unwanted, unwanted or lower priority lower-priority
          traffic (<xref target="Implic-Unknown"></xref>).</t>

          <t>Transport layer target="Implic-Unknown" format="default"/>).</t>
          <t>Transport-layer information can also be explicitly carried in
          network-layer header fields that are not encrypted, serving as a
          replacement/addition to the exposed transport header information
          <xref target="RFC8558"></xref>. target="RFC8558" format="default"/>. This information can enable a
          different forwarding treatment by the devices forming the network
          path, even when a transport employs encryption to protect other
          header information.</t>
          <t>On the one hand, the user of a transport that multiplexes
          multiple sub-flows subflows might want to obscure the presence and
          characteristics of these sub-flows. subflows. On the other hand, an encrypted
          transport could set the network-layer information to indicate the
          presence of sub-flows, subflows and to reflect the service requirements of
          individual sub-flows. subflows. There are several ways this could be done:</t>

          <t><list style="hanging">
              <t hangText="IP Address:">Applications
          <dl newline="true" spacing="normal">
            <dt>IP Address:</dt>
            <dd>Applications normally expose the
              endpoint addresses used in the forwarding decisions in network
              devices. Address and other protocol information can be used by a
              MF-classifier an
              MF classifier to determine how traffic is treated <xref
              target="RFC2475"></xref>, target="RFC2475"
	      format="default"/> and hence affect affects the quality of
              experience for a flow. Common issues concerning IP address
              sharing are described in <xref target="RFC6269"></xref>.</t>

              <t hangText="Using target="RFC6269" format="default"/>.</dd>
            <dt>Using the IPv6 Network-Layer Flow Label:">A Label:</dt>
            <dd><t>A number
              of Standards Track and Best Current Practice RFCs (e.g., <xref
              target="RFC8085"></xref>, target="RFC8085"
	      format="default"/>, <xref target="RFC6437"></xref>, target="RFC6437" format="default"/>, and <xref
              target="RFC6438"></xref>)
	      target="RFC6438" format="default"/>) encourage endpoints to set the IPv6
              flow label
              Flow Label field of the network-layer header.
	      As per <xref target="RFC6437"/>, IPv6 &ldquo;source source nodes SHOULD "<bcp14>SHOULD</bcp14> assign each
	      unrelated transport connection and application data stream to a
	      new flow&rdquo; <xref
              target="RFC6437"></xref>. flow."
	      A multiplexing transport could choose
              to use multiple flow labels to allow the network to
              independently forward sub-flows. RFC6437 subflows. <xref target="RFC6437" format="default"/> provides further
              guidance on choosing a flow label value, stating these
              &ldquo;should
              "should be chosen such that their bits exhibit a high
              degree of variability&rdquo;, variability" and chosen so that &ldquo;third "third
              parties should be unlikely to be able to guess the next value
              that a source of flow labels will choose&rdquo;.</t>

              <t hangText="">Once choose."</t>
            <t>Once set, a flow label can provide information
              that can help inform network-layer queueing and forwarding,
              including use with IPsec, IPsec <xref target="RFC6294"></xref> and use
              with Equal Cost Multi-Path routing target="RFC6294" format="default"/>,
              Equal-Cost Multipath routing, and Link Aggregation<xref
              target="RFC6438"> </xref>.</t>

              <t hangText="">The Aggregation <xref target="RFC6438"
	      format="default"></xref>.</t>
            <t>The choice of how to assign a flow label needs to
              avoid introducing linkages between flows that a network device
              could not otherwise observe. Inappropriate use by the transport
              can have privacy implications (e.g., assigning the same label to
              two independent flows that ought not to be classified the
              same).</t>

              <t
              hangText="Using similarly).</t>
	    </dd>
            <dt>Using the Network-Layer Differentiated Services Code Point:">Applications Point:</dt>
            <dd>Applications
              can expose their delivery expectations to network devices by
              setting the Differentiated Services Code Point (DSCP) field of
              IPv4 and IPv6 packets <xref target="RFC2474"></xref>. target="RFC2474" format="default"/>. For
              example, WebRTC applications identify different forwarding
              treatments for individual sub-flows subflows (audio vs. video) based on
              the value of the DSCP field <xref
              target="I-D.ietf-tsvwg-rtcweb-qos"></xref>). target="RFC8837" format="default"/>). This provides
              explicit information to inform network-layer queueing and
              forwarding, rather than an operator inferring traffic
              requirements from transport and application headers via a
              multi-field classifier. Inappropriate use by the transport can
              have privacy implications (e.g., assigning a different DSCP to a
              subflow could assist in a network device discovering the traffic
              pattern used by an application). The field is mutable, i.e.,
              some network devices can be expected to change this field. Since
              the DSCP value can impact the quality of experience for a flow,
              observations of service performance have to consider this field
              when a network path supports differentiated service
              treatment.</t>

              <t hangText="Using
              treatment.</dd>
            <dt>Using Explicit Congestion Marking:">ECN Notification:</dt>
            <dd><t>Explicit Congestion Notification (ECN) <xref
              target="RFC3168"> target="RFC3168" format="default">
	    </xref> is a transport mechanism that uses the
              ECN field in the network-layer header. Use of ECN explicitly
              informs the network-layer network layer that a transport is ECN-capable, ECN capable and
              requests ECN treatment of the flow. An ECN-capable transport can
              offer benefits when used over a path with equipment that
              implements an AQM method with CE Congestion Experienced (CE) marking of IP packets <xref
              target="RFC8087"></xref>, target="RFC8087" format="default"/>, since it can react to congestion
              without also having to recover from lost packets.</t>
            <t>ECN exposes the presence of congestion. The reception of
              CE-marked packets can be used to estimate the level of incipient
              congestion on the upstream portion of the path from the point of
              observation (Section 2.5 of <xref target="RFC8087"> </xref>). (<xref target="RFC8087" sectionFormat="of" section="2.5"/>).
              Interpreting the marking behaviour (i.e., assessing congestion
              and diagnosing faults) requires context from the transport
              layer, such as path RTT.</t>
            <t>AQM and ECN offer a range of algorithms and configuration
              options. Tools therefore have to be available to network
              operators and researchers to understand the implication of
              configuration choices and transport behaviour as the use of ECN
              increases and new methods emerge <xref target="RFC7567"> target="RFC7567" format="default">
              </xref>.</t>

              <t hangText="Network-Layer Options">Network
	    </dd>
            <dt>Network-Layer Options:</dt>
            <dd><t>Network protocols can carry
              optional headers (see <xref target="EH"></xref>). target="EH" format="default"/>). These can
              explicitly expose transport header information to on-path
              devices operating at the network layer (as discussed further in
              <xref target="OAM"></xref>).</t>

              <t hangText="">IPv4 target="OAM" format="default"/>).</t>
            <t>IPv4 <xref target="RFC0791"></xref> target="RFC0791" format="default"/> has provision provisions
              for optional header fields. IP routers can examine these headers
              and are required to ignore IPv4 options that they do not
              recognise. Many current paths include network devices that
              forward packets that carry options on a slower processing path.
              Some network devices (e.g., firewalls) can be (and are)
              configured to drop these packets <xref target="RFC7126"></xref>. target="RFC7126" format="default"/>.
              BCP 186 <xref target="RFC7126"></xref> target="RFC7126" format="default"/> provides Best Current
              Practice
              guidance on how operators should treat IPv4 packets
              that specify options.</t>

              <t hangText="">IPv6
            <t>IPv6 can encode optional network-layer
              information in separate headers that may be placed between the
              IPv6 header and the upper-layer header <xref
              target="RFC8200"></xref>. target="RFC8200" format="default"/>
	      (e.g., the IPv6 Alternate Marking
              Method <xref target="I-D.ietf-6man-ipv6-alt-mark"></xref>, target="I-D.ietf-6man-ipv6-alt-mark" format="default"/>, which
              can be used to measure packet loss and delay metrics). The
              Hop-by-Hop options Options header, when present, immediately follows the
              IPv6 header. IPv6 permits this header to be examined by any node
              along the path if explicitly configured <xref
              target="RFC8200"></xref>.</t>
            </list>Careful target="RFC8200"
	      format="default"/>.</t>
	    </dd>
          </dl>
          <t>Careful use of the network layer network-layer features (e.g., Extension
          Headers can extension
          headers can; see <xref target="EH2"></xref>) target="EH2" format="default"/>) help provide similar
          information in the case where the network is unable to inspect
          transport protocol headers.</t>
        </section>
      </section>
      <section anchor="Measure" title="To numbered="true" toc="default">
        <name>To Support Network Operations"> Operations</name>
        <t>Some network operators make use of on-path observations of
        transport headers to analyse the service offered to the users of a
        network segment, segment and to inform operational practice, practice and can help
        detect and locate network problems. <xref target="RFC8517"></xref> target="RFC8517" format="default"/>
        gives an operator's perspective about such use.</t>
        <t>When observable transport header information is not available,
        those seeking an understanding of transport behaviour and dynamics
        might learn to work without that information. Alternatively, they
        might use more limited measurements combined with pattern inference
        and other heuristics to infer network behaviour (see Section 2.1.1 of <xref target="RFC8404"></xref>). target="RFC8404"
	sectionFormat="of" section="2.1.1"/>). Operational practises aimed at
        inferring transport parameters are out of scope for this document, document and
        are only mentioned here to recognise that encryption does not
        necessarily stop operators from attempting to apply practises that
        have been used with unencrypted transport headers.</t>
        <t>This section discusses topics concerning observation of transport
        flows, with a focus on transport measurement.</t>
        <section anchor="point" title="Problem Location"> numbered="true" toc="default">
          <name>Problem Location</name>
          <t>Observations of transport header information can be used to
          locate the source of problems or to assess the performance of a
          network segment. Often issues can only be understood in the context
          of the other flows that share a particular path, particular device
          configuration, interface port, etc. A simple example is monitoring
          of a network device that uses a scheduler or active queue management
          technique <xref target="RFC7567"></xref>, target="RFC7567" format="default"/>, where it could be
          desirable to understand whether the algorithms are correctly
          controlling latency, latency or if overload protection is working. This
          implies knowledge of how traffic is assigned to any sub-queues subqueues used
          for flow scheduling, scheduling but can require information about how the
          traffic dynamics impact active queue management, starvation
          prevention mechanisms, and circuit-breakers.</t> circuit breakers.</t>
          <t>Sometimes correlating observations of headers at multiple points
          along the path (e.g., at the ingress and egress of a network
          segment),
          segment) allows an observer to determine the contribution of a
          portion of the path to an observed metric. e.g., metric (e.g., to locate a source
          of delay, jitter, loss, reordering, or congestion marking.</t> marking).</t>
        </section>
        <section title="Network numbered="true" toc="default">
          <name>Network Planning and Provisioning"> Provisioning</name>
          <t>Traffic rate and volume measurements are used to help plan
          deployment of new equipment and configuration in networks. Data is
          also valuable to equipment vendors who want to understand traffic
          trends and patterns of usage as inputs to decisions about planning
          products and provisioning for new deployments.</t>
          <t>Trends in aggregate traffic can be observed and can be related to
          the endpoint addresses being used, but when transport header
          information is not observable, it might be impossible to correlate
          patterns in measurements with changes in transport protocols. This
          increases the dependency on other indirect sources of information to
          inform planning and provisioning.</t>
        </section>
        <section anchor="Compliance"
                 title="Compliance numbered="true" toc="default">
          <name>Compliance with Congestion Control"> Control</name>
          <t>The traffic that can be observed by on-path network devices (the
          "wire image") is a function of transport protocol design/options,
          network use, applications, and user characteristics. In general,
          when only a small proportion of the traffic has a specific
          (different) characteristic, such traffic seldom leads to operational
          concern, although the ability to measure and monitor it is lower.
          The desire to understand the traffic and protocol interactions
          typically grows as the proportion of traffic increases. The
          challenges increase when multiple instances of an evolving protocol
          contribute to the traffic that share network capacity.</t>
          <t>Operators can manage traffic load (e.g., when the network is
          severely overloaded) by deploying rate-limiters, rate limiters, traffic shaping, or
          network transport circuit breakers <xref target="RFC8084"></xref>. target="RFC8084" format="default"/>.
          The information provided by observing transport headers is a source
          of data that can help to inform such mechanisms.</t>

          <t><list style="hanging">
              <t
              hangText="Congestion
          <dl newline="true" spacing="normal">
            <dt>Congestion Control Compliance of Traffic:">Congestion Traffic:</dt>
            <dd><t>Congestion control is a key transport function <xref
              target="RFC2914"></xref>. target="RFC2914"
	    format="default"/>. Many network operators implicitly
              accept that TCP traffic complies with a behaviour that is
              acceptable for the shared Internet. TCP algorithms have been
              continuously improved over decades, decades and have reached a level of
              efficiency and correctness that is difficult to match in custom
              application-layer mechanisms <xref target="RFC8085"></xref>.</t> target="RFC8085" format="default"/>.</t>
            <t>A standards-compliant TCP stack provides congestion control
              that is judged safe for use across the Internet. Applications
              developed on top of well-designed transports can be expected to
              appropriately control their network usage, reacting when the
              network experiences congestion, by back-off backing off and reduce reducing the load
              placed on the network. This is the normal expected behaviour for
              IETF-specified transports (e.g., TCP and SCTP).</t>

              <t hangText="Congestion
	    </dd>
            <dt>Congestion Control Compliance for UDP traffic:">UDP Traffic:</dt>
            <dd><t>UDP
              provides a minimal message-passing datagram transport that has
              no inherent congestion control mechanisms. Because congestion
              control is critical to the stable operation of the Internet,
              applications and other protocols that choose to use UDP as a
              transport have to employ mechanisms to prevent collapse, avoid
              unacceptable contributions to jitter/latency, and to establish
              an acceptable share of capacity with concurrent traffic <xref
              target="RFC8085"></xref>.</t> target="RFC8085"
	      format="default"/>.</t>
            <t>UDP flows that expose a well-known header can be observed to
              gain understanding of the dynamics of a flow and its congestion
              control behaviour. For example, tools exist to monitor various
              aspects of RTP header information and RTCP reports for real-time
              flows (see <xref target="stats"></xref>). target="stats" format="default"/>). The Secure RTP and
              RTCP extensions <xref target="RFC3711"></xref> target="RFC3711" format="default"/> were explicitly
              designed to expose some header information to enable such
              observation,
              observation while protecting the payload data.</t>
            <t>A network operator can observe the headers of transport
              protocols layered above UDP to understand if the datagram flows
              comply with congestion control expectations. This can help
              inform a decision on whether it might be appropriate to deploy
              methods
              methods, such as rate-limiters rate limiters, to enforce acceptable usage. The
              available information determines the level of precision with
              which flows can be classified and the design space for
              conditioning mechanisms (e.g., rate limiting, rate-limiting, circuit breaker
              techniques <xref target="RFC8084"></xref>, target="RFC8084" format="default"/>, or blocking of
              uncharacterised traffic) <xref target="RFC5218"></xref>.</t>
            </list></t> target="RFC5218" format="default"/>.</t>
	    </dd>
          </dl>
          <t>When anomalies are detected, tools can interpret the transport
          header information to help understand the impact of specific
          transport protocols (or protocol mechanisms) on the other traffic
          that shares a network. An observer on the network path can gain an
          understanding of the dynamics of a flow and its congestion control
          behaviour. Analysing observed flows can help to build confidence
          that an application flow backs-off backs off its share of the network load
          under persistent congestion, congestion and hence to understand whether the
          behaviour is appropriate for sharing limited network capacity. For
          example, it is common to visualise plots of TCP sequence numbers
          versus time for a flow to understand how a flow shares available
          capacity, deduce its dynamics in response to congestion, etc.</t>
          <t>The ability to identify sources and flows that contribute to
          persistent congestion is important to the safe operation of network
          infrastructure,
          infrastructure and can inform configuration of network devices to
          complement the endpoint congestion avoidance mechanisms <xref
          target="RFC7567"></xref> target="RFC7567" format="default"/> <xref target="RFC8084"></xref> target="RFC8084" format="default"/> to avoid a
          portion of the network being driven into congestion collapse <xref
          target="RFC2914"></xref>.</t> target="RFC2914" format="default"/>.</t>
        </section>
        <section anchor="Implic-Unknown"
                 title="To numbered="true" toc="default">
          <name>To Characterise &quot;Unknown&quot; "Unknown" Network Traffic"> Traffic</name>
          <t>The patterns and types of traffic that share Internet capacity
          change over time as networked applications, usage patterns patterns, and
          protocols continue to evolve.</t>
          <t>Encryption can increase the volume of "unknown" or
          "uncharacterised" traffic seen by the network. If these traffic
          patterns form a small part of the traffic aggregate passing through
          a network device or segment of the network path, the dynamics of the
          uncharacterised traffic might not have a significant collateral
          impact on the performance of other traffic that shares this network
          segment. Once the proportion of this traffic increases, monitoring
          the traffic can determine if appropriate safety measures have to be
          put in place.</t>
          <t>Tracking the impact of new mechanisms and protocols requires
          traffic volume to be measured and new transport behaviours to be
          identified. This is especially true of protocols operating over a
          UDP substrate. The level and style of encryption needs to be
          considered in determining how this activity is performed.</t>
          <t>Traffic that cannot be classified typically receives a default
          treatment. Some networks block or rate-limit traffic that cannot be
          classified.</t>
        </section>
        <section title="To numbered="true" toc="default">
          <name>To Support Network Security Functions"> Functions</name>
          <t>On-path observation of the transport headers of packets can be
          used for various security functions. For example, Denial of Service
          (DoS) and Distributed DoS (DDoS) attacks against the infrastructure
          or against an endpoint can be detected and mitigated by
          characterising anomalous traffic (see <xref
          target="Implic-Unknown"></xref>) target="Implic-Unknown" format="default"/>) on a shorter timescale. Other uses
          include support for security audits (e.g., verifying the compliance
          with cipher suites), client and application fingerprinting for
          inventory, and to provide alerts provided for network intrusion detection and
          other next generation firewall functions.</t>
          <t>When using an encrypted transport, endpoints can directly provide
          information to support these security functions. Another method, if
          the endpoints do not provide this information, is to use an on-path
          network device that relies on pattern inferences in the traffic, traffic and
          heuristics or machine learning instead of processing observed header
          information. An endpoint could also explicitly cooperate with an
          on-path device (e.g., a QUIC endpoint could share information about
          current uses of connection IDs).</t>
        </section>
        <section anchor="Current-diag"
                 title="Network numbered="true" toc="default">
          <name>Network Diagnostics and Troubleshooting "> Troubleshooting</name>
          <t>Operators monitor the health of a network segment to support a
          variety of operational tasks <xref target="RFC8404"></xref> target="RFC8404" format="default"/>,
          including procedures to provide early warning and trigger action: action, e.g., to
          diagnose network problems, to manage security threats (including
          DoS), to evaluate equipment or protocol performance, or to respond
          to user performance questions. Information about transport flows can
          assist in setting buffer sizes, sizes and help identify whether
          link/network tuning is effective. Information can also support
          debugging and diagnosis of the root causes of faults that concern a
          particular user's traffic and can support post-mortem postmortem investigation
          after an anomaly. Section 3.1.2 Sections <xref target="RFC8404" section="3.1.2" sectionFormat="bare"/>
	  and Section 5 <xref target="RFC8404" section="5" sectionFormat="bare"/> of <xref
          target="RFC8404"></xref>
	  target="RFC8404"/> provide further examples.</t>
          <t>Network segments vary in their complexity. The design trade-offs
          for radio networks are often very different from those of wired
          networks <xref target="RFC8462"></xref>. target="RFC8462" format="default"/>. A radio-based network
          (e.g., cellular mobile, enterprise Wireless LAN (WLAN), satellite
          access/back-haul,
          access/backhaul, point-to-point radio) adds a subsystem that
          performs radio resource management, with impact on the available
          capacity,
          capacity and potentially loss/reordering of packets. This impact
          can differ by traffic type, type and can be correlated with link
          propagation and interference. These can impact the cost and
          performance of a provided service, service and is expected to increase in
          importance as operators bring together heterogeneous types of
          network equipment and deploy opportunistic methods to access a shared
          radio spectrum.</t>
        </section>
        <section anchor="Implic-Cost" title="Tooling numbered="true" toc="default">
          <name>Tooling and Network Operations"> Operations</name>
          <t>A variety of open source and proprietary tools have been deployed
          that use the transport header information observable with widely
          used protocols protocols, such as TCP or RTP/UDP/IP. Tools that dissect network
          traffic flows can alert to potential problems that are hard to
          derive from volume measurements, link statistics statistics, or device
          measurements alone.</t>
          <t>Any introduction of a new transport protocol, protocol feature,
          or application might require changes to such tools, tools and so could
          impact operational practice and policies. Such changes have
          associated costs that are incurred by the network operators that
          need to update their tooling or develop alternative practises that
          work without access to the changed/removed information.</t>
          <t>The use of encryption has the desirable effect of preventing
          unintended observation of the payload data data, and these tools seldom
          seek to observe the payload, payload or other application details. A flow
          that hides its transport header information could imply "don't
          touch" to some operators. This might limit a trouble-shooting
          response to "can't help, no trouble found".</t>
          <t>An alternative that does not require access to an observable
          transport headers is to access endpoint diagnostic tools or to
          include user involvement in diagnosing and troubleshooting unusual
          use cases or to troubleshoot non-trivial nontrivial problems. Another approach
          is to use traffic pattern analysis. Such tools can provide useful
          information during network anomalies (e.g., detecting significant
          reordering, high or intermittent loss), however loss); however, indirect
          measurements need to be carefully designed to provide information
          for diagnostics and troubleshooting.</t>
          <t>If new protocols, or protocol extensions, are made to closely
          resemble or match existing mechanisms, then the changes to tooling
          and the associated costs can be small. Equally, more extensive
          changes to the transport tend to require more extensive, and more
          expensive, changes to tooling and operational practice. Protocol
          designers can mitigate these costs by explicitly choosing to expose
          selected information as invariants that are guaranteed not to change
          for a particular protocol (e.g., the header invariants and the
          spin-bit
          spin bit in QUIC <xref target="I-D.ietf-quic-transport"></xref>). target="RFC9000" format="default"/>).
          Specification of common log formats and development of alternative
          approaches can also help mitigate the costs of transport
          changes.</t>
        </section>
      </section>
      <section title="To numbered="true" toc="default">
        <name>To Mitigate the Effects of Constrained Networks"> Networks</name>
        <t>Some link and network segments are constrained by the capacity they
        can offer, offer by the time it takes to access capacity (e.g., due to
        under-lying
        underlying radio resource management methods), methods) or by asymmetries in
        the design (e.g., many link are designed so that the capacity
        available is different in the forward and return directions; some
        radio technologies have different access methods in the forward and
        return directions resulting from differences in the power budget).</t>
        <t>The impact of path constraints can be mitigated using a proxy
        operating at or above the transport layer to use an alternate
        transport protocol.</t>
        <t>In many cases, one or both endpoints are unaware of the
        characteristics of the constraining link or network segment segment, and
        mitigations are applied below the transport layer: layer. Packet
        classification and QoS methods (described in various sections) can be
        beneficial in differentially prioritising certain traffic when there
        is a capacity constraint or additional delay in scheduling link
        transmissions. Another common mitigation is to apply header
        compression over the specific link or subnetwork (see <xref
        target="HC"></xref>).</t> target="HC" format="default"/>).</t>
        <section anchor="HC" title="To numbered="true" toc="default">
          <name>To Provide Header Compression"> Compression</name>
          <t>Header compression saves link capacity by compressing network and
          transport protocol headers on a per-hop basis. This has been widely
          used with low bandwidth dial-up access links, links and still finds
          application on wireless links that are subject to capacity
          constraints. These methods are effective for bit-congestive links
          sending small packets (e.g., reducing the cost for sending control
          packets or small data packets over radio links).</t>
          <t>Examples of header compression include use with TCP/IP and
          RTP/UDP/IP flows <xref target="RFC2507"></xref>, target="RFC2507" format="default"/> <xref
          target="RFC6846"></xref>, target="RFC6846" format="default"/> <xref target="RFC2508"></xref>, target="RFC2508" format="default"/> <xref
          target="RFC5795"></xref>, target="RFC5795" format="default"/> <xref target="RFC8724"></xref>. target="RFC8724" format="default"/>. Successful
          compression depends on observing the transport headers and
          understanding of the way fields change between packets, packets and is hence
          incompatible with header encryption. Devices that compress transport
          headers are dependent on a stable header format, implying
          ossification of that format.</t>
          <t>Introducing a new transport protocol, or changing the format of
          the transport header information, will limit the effectiveness of
          header compression until the network devices are updated. Encrypting
          the transport protocol headers will tend to cause the header
          compression to fall back to compressing only the network layer network-layer
          headers, with a significant reduction in efficiency. This can limit
          connectivity if the resulting flow exceeds the link capacity, capacity or if
          the packets are dropped because they exceed the link MTU.</t> Maximum
	  Transmission Unit (MTU).</t>
          <t>The Secure RTP (SRTP) extensions <xref target="RFC3711"></xref> target="RFC3711" format="default"/>
          were explicitly designed to leave the transport protocol headers
          unencrypted, but authenticated, since support for header compression
          was considered important.</t>
        </section>
      </section>
      <section title="To numbered="true" toc="default">
        <name>To Verify SLA Compliance"> Compliance</name>
        <t>Observable transport headers coupled with published transport
        specifications allow operators and regulators to explore and verify
        compliance with Service Level Agreements (SLAs). It can also be used
        to understand whether a service is providing differential treatment to
        certain flows.</t>
        <t>When transport header information cannot be observed, other methods
        have to be found to confirm that the traffic produced conforms to the
        expectations of the operator or developer.</t>
        <t>Independently verifiable performance metrics can be utilised to
        demonstrate regulatory compliance in some jurisdictions, jurisdictions and as a
        basis for informing design decisions. This can bring assurance to
        those operating networks, often avoiding deployment of complex
        techniques that routinely monitor and manage Internet traffic flows
        (e.g., avoiding the capital and operational costs of deploying flow
        rate-limiting and network circuit-breaker circuit breaker methods <xref
        target="RFC8084"></xref>).</t> target="RFC8084" format="default"/>).</t>
      </section>
    </section>
    <section anchor="Implic" title="Research, Development numbered="true" toc="default">
      <name>Research, Development, and Deployment"> Deployment</name>
      <t>Research and development of new protocols and mechanisms need to be
      informed by measurement data (as described in the previous section).
      Data can also help promote acceptance of proposed standards
      specifications by the wider community (e.g., as a method to judge the
      safety for Internet deployment).</t>
      <t>Observed data is important to ensure the health of the research and
      development communities, communities and provides data needed to evaluate new
      proposals for standardisation. Open standards motivate a desire to
      include independent observation and evaluation of performance and
      deployment data. Independent data helps compare different methods, judge
      the level of deployment deployment, and ensure the wider applicability of the
      results. This is important when considering when a protocol or mechanism
      should be standardised for use in the general Internet. This, in turn,
      demands control/understanding about where and when measurement samples
      are collected. This requires consideration of the methods used to
      observe information and the appropriate balance between encrypting all
      and no transport header information.</t>
      <t>There can be performance and operational trade-offs in exposing
      selected information to network tools. This section explores key
      implications of tools and procedures that observe transport protocols, protocols
      but does not endorse or condemn any specific practises.</t>
      <section anchor="Implic-Independent" title="Independent Measurement"> numbered="true" toc="default">
        <name>Independent Measurement</name>
        <t>Encrypting transport header information has implications on the way
        network data is collected and analysed. Independent observation observations by
        multiple actors is currently used by the transport community to
        maintain an accurate understanding of the network within transport
        area working groups, IRTF research groups, and the broader research
        community. This is important to be able to provide accountability, accountability and
        demonstrate that protocols behave as intended, although intended; although, when providing
        or using such information, it is important to consider the privacy of
        the user and their incentive for providing accurate and detailed
        information.</t>
        <t>Protocols that expose the state of the transport protocol in their
        header (e.g., timestamps used to calculate the RTT, packet numbers
        used to assess congestion congestion, and requests for retransmission) provide an
        incentive for a sending endpoint to provide consistent information,
        because a protocol will not work otherwise. An on-path observer can
        have confidence that well-known (and ossified) transport header
        information represents the actual state of the endpoints, endpoints when this
        information is necessary for the protocol's correct operation.</t>
        <t>Encryption of transport header information could reduce the range
        of actors that can observe useful data. This would limit the
        information sources available to the Internet community to understand
        the operation of new transport protocols, reducing information to
        inform design decisions and standardisation of the new protocols and
        related operational practises. The cooperating dependence of network,
        application, and host to provide communication performance on the
        Internet is uncertain when only endpoints (i.e., at user devices and
        within service platforms) can observe performance, performance and when
        performance cannot be independently verified by all parties.</t>
      </section>
      <section anchor="Implic-design" title="Measurable numbered="true" toc="default">
        <name>Measurable Transport Protocols"> Protocols</name>
        <t>Transport protocol evolution, evolution and the ability to measure and
        understand the impact of protocol changes, changes have to proceed
        hand-in-hand. A transport protocol that provides observable headers
        can be used to provide open and verifiable measurement data.
        Observation of pathologies has a critical role in the design of
        transport protocol mechanisms and development of new mechanisms and
        protocols,
        protocols and aides in understanding of the interactions between
        cooperating protocols and network mechanisms, the implications of
        sharing capacity with other traffic traffic, and the impact of different
        patterns of usage. The ability of other stakeholders to review
        transport header traces helps develop insight into the performance and
        the traffic contribution of specific variants of a protocol.</t>
        <t>Development of new transport protocol mechanisms has to consider
        the scale of deployment and the range of environments in which the
        transport is used. Experience has shown that it is often difficult to
        correctly implement new mechanisms <xref target="RFC8085"></xref>, target="RFC8085" format="default"/> and
        that mechanisms often evolve as a protocol matures, matures or in response to
        changes in network conditions, changes in network traffic, or changes
        to application usage. Analysis is especially valuable when based on
        the behaviour experienced across a range of topologies, vendor
        equipment, and traffic patterns.</t>
        <t>Encryption enables a transport protocol to choose which internal
        state to reveal to devices on the network path, what information to
        encrypt, and what fields to grease <xref target="RFC8701"></xref>. target="RFC8701" format="default"/>. A
        new design can provide summary information regarding its performance,
        congestion control state, etc., or to make available explicit
        measurement information. information available. For example, <xref
        target="I-D.ietf-quic-transport"></xref> target="RFC9000" format="default"/>
	specifies a way for a QUIC
        endpoint to optionally set the spin-bit spin bit to explicitly reveal the RTT
        of an encrypted transport session to the on-path network devices.
        There is a choice of what information to expose. For some operational
        uses, the information has to contain sufficient detail to understand,
        and possibly reconstruct, the network traffic pattern for further
        testing. The interpretation of the information needs to consider
        whether this information reflects the actual transport state of the
        endpoints. This might require the trust of transport protocol
        implementers,
        implementers to correctly reveal the desired information.</t>
        <t>New transport protocol formats are expected to facilitate an
        increased pace of transport evolution, evolution and with it the possibility to
        experiment with and deploy a wide range of protocol mechanisms. At the
        time of writing, there has been interest in a wide range of new
        transport methods, e.g., Larger Initial Window, larger initial window, Proportional Rate
        Reduction (PRR), congestion control methods based on measuring
        bottleneck bandwidth and round-trip propagation time, the introduction
        of AQM techniques techniques, and new forms of ECN response (e.g., Data Centre
        TCP, DCTCP, and methods proposed for L4S). Low Latency Low Loss Scalable throughput (L4S)). The growth and diversity of
        applications and protocols using the Internet also continues to
        expand. For each new method or application, it is desirable to build a
        body of data reflecting its behaviour under a wide range of deployment
        scenarios, traffic load, and interactions with other
        deployed/candidate methods.</t>
      </section>
      <section anchor="other-sources" title="Other numbered="true" toc="default">
        <name>Other Sources of Information"> Information</name>
        <t>Some measurements that traditionally rely on observable transport
        information could be completed by utilising endpoint-based logging
        (e.g., based on <xref target="Quic-Trace">Quic-Trace</xref> target="Quic-Trace" format="default">QUIC trace</xref> and qlog
        <xref target="I-D.marx-qlog-main-schema"></xref>). target="I-D.ietf-quic-qlog-main-schema" format="default">qlog</xref>). Such information
        has a diversity of uses, including developers wishing to
        debug/understand the transport/application protocols with which they
        work, researchers seeking to spot trends and anomalies, and
        to characterise variants of protocols. A standard format for endpoint
        logging could allow these to be shared (after appropriate
        anonymisation) to understand performance and pathologies.</t>
        <t>When measurement datasets are made available by servers or client
        endpoints, additional metadata, such as the state of the network and
        conditions in which the system was observed, is often necessary to
        interpret this data to answer questions about network performance or
        understand a pathology. Collecting and coordinating such metadata is
        more difficult when the observation point is at a different location
        to the bottleneck or device under evaluation <xref
        target="RFC7799"></xref>.</t> target="RFC7799" format="default"/>.</t>
        <t>Despite being applicable in some scenarios, endpoint logs do not
        provide equivalent information to on-path measurements made by devices
        in the network. In particular, endpoint logs contain only a part of
        the information to understand the operation of network devices and
        identify issues issues, such as link performance or capacity sharing between
        multiple flows. An analysis can require coordination between actors at
        different layers to successfully characterise flows and correlate the
        performance or behaviour of a specific mechanism with an equipment
        configuration and traffic using operational equipment along a network
        path (e.g., combining transport and network measurements to explore
        congestion control dynamics, dynamics to understand the implications of traffic
        on designs for active queue management or circuit breakers).</t>
        <t>Another source of information could arise from operations,
        administration Operations,
        Administration, and management Maintenance (OAM) (see <xref target="OAM"></xref>)
        information target="OAM" format="default"/>).
        Information data records could be embedded into header information at
        different layers to support functions functions, such as performance evaluation,
        path-tracing,
        path tracing, path verification information, classification classification, and a
        diversity of other uses.</t>
        <t>In-situ OAM (IOAM) data fields <xref
        target="I-D.ietf-ippm-ioam-data"></xref> target="I-D.ietf-ippm-ioam-data" format="default"/> can be encapsulated into a
        variety of protocols to record operational and telemetry information
        in an existing packet, packet while that packet traverses a part of the path
        between two points in a network (e.g., within a particular IOAM
        management domain). The IOAM-Data-Fields are independent from the
        protocols into which the IOAM-Data-Fields are encapsulated. For example, IOAM
        can provide proof that a certain traffic flow takes a
        pre-defined
        predefined path, SLA verification for the live data traffic, and
        statistics relating to traffic distribution.</t>
      </section>
    </section>
    <section anchor="Transport-encrypt"
             title="Encryption numbered="true" toc="default">
      <name>Encryption and Authentication of Transport Headers"> Headers</name>
      <t>There are several motivations for transport header encryption.</t>
      <t>One motive to encrypt transport headers is to prevent network
      ossification from network devices that inspect well-known transport
      headers. Once a network device observes a transport header and becomes
      reliant upon using it, the overall use of that field can become
      ossified, preventing new versions of the protocol and mechanisms from
      being deployed. Examples include:</t>

      <t><list style="symbols">
          <t>During
      <ul spacing="normal">
        <li>During the development of TLS 1.3 <xref target="RFC8446"></xref>, target="RFC8446" format="default"/>,
          the design needed to function in the presence of deployed
          middleboxes that relied on the presence of certain header fields
          exposed in TLS 1.2 <xref target="RFC5426"></xref>.</t>

          <t>The target="RFC5426" format="default"/>.</li>
        <li>The design of Multipath TCP (MPTCP) <xref
          target="RFC8684"></xref> target="RFC8684" format="default"/> had to account for middleboxes (known as
          "TCP Normalizers") that monitor the evolution of the window
          advertised in the TCP header and then reset connections when the
          window did not grow as expected.</t>

          <t>TCP expected.</li>
        <li>TCP Fast Open <xref target="RFC7413"></xref> target="RFC7413" format="default"/> can experience
          problems due to middleboxes that modify the transport header of
          packets by removing "unknown" TCP options. Segments with
          unrecognised TCP options can be dropped, segments that contain data
          and set the SYN bit can be dropped, and some middleboxes that
          disrupt connections that can send data before completion of the
          three-way handshake.</t>

          <t>Other handshake.</li>
        <li>Other examples of TCP ossification have included middleboxes that
          modify transport headers by rewriting TCP sequence and
          acknowledgement numbers, numbers but are unaware of the (newer) TCP
          selective acknowledgement (SACK) option and therefore fail to
          correctly rewrite the SACK information to match the changes made to
          the fixed TCP header, preventing correct SACK operation.</t>
        </list></t> operation.</li>
      </ul>
      <t>In all these cases, middleboxes with a hard-coded, but incomplete,
      understanding of a specific transport behaviour (i.e., TCP), TCP) interacted
      poorly with transport protocols after the transport behaviour was
      changed. In some cases, the middleboxes modified or replaced information
      in the transport protocol header.</t>
      <t>Transport header encryption prevents an on-path device from observing
      the transport headers, headers and therefore stops ossified mechanisms being
      used that directly rely on or infer semantics of the transport header
      information. This encryption is normally combined with authentication of
      the protected information. RFC 8546 <xref target="RFC8546" format="default"/> summarises this
      approach, stating
      that it is "The "[t]he wire image, not the protocol's specification, determines
      how third parties on the network paths among protocol participants will
      interact with that protocol" <xref target="RFC8546">(Section 1 of
      </xref>), (<xref target="RFC8546" sectionFormat="of"
      section="1"/>), and it can be expected that header information that is not
      encrypted will become ossified.</t>
      <t>Encryption does not itself prevent ossification of the network
      service. People seeking to understand or classify network traffic could
      still come to rely on pattern inferences and other heuristics or machine
      learning to derive measurement data and as the basis for network
      forwarding decisions <xref target="RFC8546"></xref>. target="RFC8546" format="default"/>. This can also
      create dependencies on the transport protocol, protocol or the patterns of
      traffic it can generate, also resulting in ossification of the
      service.</t>
      <t>Another motivation for using transport header encryption is to
      improve privacy and to decrease opportunities for surveillance. Users
      value the ability to protect their identity and location, location and defend
      against analysis of the traffic. Revelations about the use of pervasive
      surveillance <xref target="RFC7624"></xref> target="RFC7624" format="default"/> have, to some extent, eroded
      trust in the service offered by network operators and have led to an
      increased use of encryption. Concerns have also been voiced about the
      addition of metadata to packets by third parties to provide analytics,
      customisation, advertising, cross-site tracking of users, to bill the
      customer,
      customer billing, or to selectively allow allowing or block blocking content.</t>
      <t>Whatever the reasons, the IETF is designing protocols that include
      transport header encryption (e.g., QUIC <xref
      target="I-D.ietf-quic-transport"></xref>) target="RFC9000" format="default"/>) to supplement the already
      widespread payload encryption, encryption and to further limit exposure of
      transport metadata to the network.</t>
      <t>If a transport protocol uses header encryption, the designers have to
      decide whether to encrypt all, all or a part of, of the transport layer transport-layer
      information. Section 4 of <xref target="RFC8558"></xref> states: target="RFC8558" sectionFormat="of" section="4"/> states,
      "Anything exposed to the path should be done with the intent that it be
      used by the network elements on the path".</t> path."</t>
      <t>Certain transport header fields can be made observable to on-path
      network devices, devices or can define new fields designed to explicitly expose
      observable transport layer transport-layer information to the network. Where exposed
      fields are intended to be immutable (i.e., can be observed, observed but not
      modified by a network device), the endpoints are encouraged to use
      authentication to provide a cryptographic integrity check that can
      detect if these immutable fields have been modified by network devices.
      Authentication can help to prevent attacks that rely on sending packets
      that fake exposed control signals in transport headers (e.g., TCP RST
      spoofing). Making a part of a transport header observable or exposing
      new header fields can lead to ossification of that part of a header as
      network devices come to rely on observations of the exposed fields.</t>
      <t>The use of transport header authentication and encryption therefore
      exposes a tussle between middlebox vendors, operators, researchers,
      applications developers, and end-users: <list style="symbols">
          <t>On end users: </t>
      <ul spacing="normal">
        <li>On the one hand, future Internet protocols that support transport
          header encryption assist in the restoration of the end-to-end nature
          of the Internet by returning complex processing to the endpoints.
          Since middleboxes cannot modify what they cannot see, the use of
          transport header encryption can improve application and end-user
          privacy by reducing leakage of transport metadata to operators that
          deploy middleboxes.</t>

          <t>On middleboxes.</li>
        <li>On the other hand, encryption of transport layer transport-layer information has
          implications for network operators and researchers seeking to
          understand the dynamics of protocols and traffic patterns, since it
          reduces the information that is available to them.</t>
        </list></t> them.</li>
      </ul>
      <t>The following briefly reviews some security design options for
      transport protocols. A "A Survey of the Interaction between Security
      Protocols and Transport Services Services" <xref target="RFC8922"></xref> target="RFC8922" format="default"/> provides
      more details concerning commonly used encryption methods at the
      transport layer.</t>
      <t>Security work typically employs a design technique that seeks to
      expose only what is needed <xref target="RFC3552"></xref>. target="RFC3552" format="default"/>. This approach
      provides incentives to not reveal any information that is not necessary
      for the end-to-end communication. The IETF has provided guidelines for
      writing Security Considerations security considerations for IETF specifications <xref
      target="RFC3552"></xref>.</t> target="RFC3552" format="default"/>.</t>
      <t>Endpoint design choices impacting privacy also need to be considered
      as a part of the design process <xref target="RFC6973"></xref>. target="RFC6973" format="default"/>. The IAB
      has provided guidance for analyzing analysing and documenting privacy
      considerations within IETF specifications <xref
      target="RFC6973"></xref>.</t>

      <t><list style="hanging">
          <t
          hangText="Authenticating target="RFC6973" format="default"/>.</t>
      <dl newline="true" spacing="normal">
        <dt>Authenticating the Transport Protocol Header:">Transport
          layer Header:</dt>
        <dd><t>Transport-layer header information can be authenticated. An example transport
          authentication mechanism is TCP-Authentication TCP Authentication Option (TCP-AO) <xref
          target="RFC5925"> target="RFC5925" format="default"> </xref>. This TCP option authenticates the IP
          pseudo header,
          pseudo-header, TCP header, and TCP data. TCP-AO protects the
          transport layer, preventing attacks from disabling the TCP
          connection itself and provides replay protection. Such
          authentication might interact with middleboxes, depending on their
          behaviour <xref target="RFC3234"> target="RFC3234" format="default"> </xref>.</t>
        <t>The IPsec Authentication Header (AH) <xref target="RFC4302"> target="RFC4302" format="default">
          </xref> was designed to work at the network layer and authenticate
          the IP payload. This approach authenticates all transport headers, headers
          and verifies their integrity at the receiver, preventing
          modification by network devices on the path. The IPsec Encapsulating
          Security Payload (ESP) <xref target="RFC4303"></xref> target="RFC4303" format="default"/> can also
          provide authentication and integrity without confidentiality using
          the NULL encryption algorithm <xref target="RFC2410"></xref>. target="RFC2410" format="default"/>. SRTP
          <xref target="RFC3711"></xref> target="RFC3711" format="default"/> is another example of a transport
          protocol that allows header authentication.</t>

          <t hangText="Integrity Check">Transport
	</dd>
        <dt>Integrity Check:</dt>
        <dd>Transport protocols usually employ
          integrity checks on the transport header information. Security
          method
          methods usually employ stronger checks and can combine this with
          authentication. An integrity check that protects the immutable
          transport header fields, but can still expose the transport header
          information in the clear, allows on-path network devices to observe
          these fields. An integrity check is not able to prevent modification
          by network devices on the path, path but can prevent a receiving endpoint
          from accepting changes and avoid impact on the transport protocol
          operation, including some types of attack.</t>

          <t
          hangText="Selectively attack.</dd>
        <dt>Selectively Encrypting Transport Headers and Payload:">A Payload:</dt>
        <dd><t>A
          transport protocol design that encrypts selected header fields, fields
          allows specific transport header fields to be made observable by
          network devices on the path. This information is explicitly exposed
          either in a transport header field or lower layer protocol header. A
          design that only exposes immutable fields can also perform
          end-to-end authentication of these fields across the path to prevent
          undetected modification of the immutable transport headers.</t>
        <t>Mutable fields in the transport header provide opportunities
          where on-path network devices can modify the transport behaviour
          (e.g., the extended headers described in <xref
          target="I-D.trammell-plus-abstract-mech"></xref>). target="I-D.trammell-plus-abstract-mech"
	  format="default"/>). An example of a
          method that encrypts some, but not all, transport header information
          is GRE-in-UDP <xref target="RFC8086"> target="RFC8086" format="default"> </xref> when used with GRE
          encryption.</t>

          <t hangText="Optional
	</dd>
        <dt>Optional Encryption of Header Information:">There Information:</dt>
        <dd>There are
          implications to the use of optional header encryption in the design
          of a transport protocol, where support of optional mechanisms can
          increase the complexity of the protocol and its implementation, implementation and
          in the management decisions that have to be made to use variable
          format fields. Instead, fields of a specific type ought to be sent
          with the same level of confidentiality or integrity protection.</t>

          <t hangText="Greasing:">Protocols protection.</dd>
        <dt>Greasing:</dt>
        <dd><t>Protocols often provide extensibility
          features, reserving fields or values for use by future versions of a
          specification. The specification of receivers has traditionally
          ignored unspecified values, however values; however, on-path network devices have
          emerged that ossify to require a certain value in a field, field or re-use reuse
          a field for another purpose. When the specification is later
          updated, it is impossible to deploy the new use of the field, field and
          forwarding of the protocol could even become conditional on a
          specific header field value.</t>

          <t hangText="">A
        <t>A protocol can intentionally vary the value, format,
          and/or presence of observable transport header fields at random
          <xref target="RFC8701"></xref>. target="RFC8701" format="default"/>. This prevents a network device
          ossifying the use of a specific observable field and can ease future
          deployment of new uses of the value or code-point. code point. This is not a
          security mechanism, although the use can be combined with an
          authentication mechanism.</t>
        </list></t>
	</dd>
      </dl>
      <t>Different transports use encryption to protect their header
      information to varying degrees. The trend is towards increased
      protection.</t>
    </section>
    <section anchor="EH2"
             title="Intentionally numbered="true" toc="default">
      <name>Intentionally Exposing Transport Information to the Network"> Network</name>
      <t>A transport protocol can choose to expose certain transport
      information to on-path devices operating at the network layer by sending
      observable fields. One approach is to make an explicit choice not to
      encrypt certain transport header fields, making this transport
      information observable by an on-path network device. Another approach is
      to expose transport information in a network-layer extension header (see
      <xref target="EH"></xref>). target="EH" format="default"/>). Both are examples of explicit information
      intended to be used by network devices on the path <xref
      target="RFC8558"></xref>.</t> target="RFC8558" format="default"/>.</t>
      <t>Whatever the mechanism used to expose the information, a decision to
      expose only specific information places the transport endpoint in
      control of what to expose outside of the encrypted transport header.
      This decision can then be made independently of the transport protocol
      functionality. This can be done by exposing part of the transport header
      or as a network layer network-layer option/extension.</t>
      <section anchor="EH"
               title="Exposing numbered="true" toc="default">
        <name>Exposing Transport Information in Extension Headers"> Headers</name>
        <t>At the network-layer, network layer, packets can carry optional headers that
        explicitly expose transport header information to the on-path devices
        operating at the network layer (<xref target="tunlhf"></xref>). target="tunlhf" format="default"/>). For
        example, an endpoint that sends an IPv6 Hop-by-Hop hop-by-hop option <xref
        target="RFC8200"></xref> target="RFC8200"
	format="default"/> can provide explicit transport layer transport-layer
        information that can be observed and used by network devices on the
        path. New hop-by-hop options are not recommended in <xref
        target="RFC8200">RFC 8200</xref> target="RFC8200"
	format="default"/> "because nodes may be configured to
        ignore the Hop-by-Hop Options header, drop packets containing a
        Hop-by-Hop Options header, or assign packets containing a Hop-by-Hop
        Options header to a slow processing path. Designers considering
        defining new hop-by-hop options need to be aware of this likely
        behavior."</t>
        <t>Network-layer optional headers explicitly indicate the information
        that is exposed, whereas use of exposed transport header information
        first requires an observer to identify the transport protocol and its
        format. (See See <xref target="Current-demux"></xref>.)</t> target="Current-demux" format="default"/>.</t>
        <t>An arbitrary path can include one or more network devices that drop
        packets that include a specific header or option used for this purpose
        (see <xref target="RFC7872"></xref>). target="RFC7872" format="default"/>). This could impact the proper
        functioning of the protocols using the path. Protocol methods can be
        designed to probe to discover whether the specific option(s) can be
        used along the current path, enabling use on arbitrary paths.</t>
      </section>
      <section title="Common numbered="true" toc="default">
        <name>Common Exposed Transport Information"> Information</name>
        <t>There are opportunities for multiple transport protocols to
        consistently supply common observable information <xref
        target="RFC8558"></xref>. target="RFC8558" format="default"/>. A common approach can result in an open
        definition of the observable fields. This has the potential that the
        same information can be utilised across a range of operational and
        analysis tools.</t>
      </section>
      <section anchor="exposing"
               title="Considerations numbered="true" toc="default">
        <name>Considerations for Exposing Transport Information"> Information</name>
        <t>Considerations concerning what information, if any, it is
        appropriate to expose include:</t>

        <t><list style="symbols">
            <t>On
        <ul spacing="normal">
          <li>On the one hand, explicitly exposing derived fields containing
            relevant transport information (e.g., metrics for loss, latency,
            etc)
            etc.) can avoid network devices needing to derive this information
            from other header fields. This could result in development and
            evolution of transport-independent tools around a common
            observable header, header and permit transport protocols to also evolve
            independently of this ossified header <xref
            target="RFC8558"></xref>.</t>

            <t>On target="RFC8558" format="default"/>.</li>
          <li>On the other hand, protocols and implementations might be
            designed to avoid consistently exposing external information that
            corresponds to the actual internal information used by the
            protocol itself. An endpoint/protocol could choose to expose
            transport header information to optimise the benefit it gets from
            the network <xref target="RFC8558"></xref>. target="RFC8558" format="default"/>. The value of this
            information for analysing operation of the transport layer would
            be enhanced if the exposed information could be verified to match
            the transport protocol's observed behavior.</t>
          </list></t> behavior.</li>
        </ul>
        <t>The motivation to include actual transport header information and
        the implications of network devices using this information has to be
        considered when proposing such a method. RFC 8558 <xref target="RFC8558" format="default"/>
	summarises this as
        "When as:</t>
	<blockquote>
        When signals from endpoints to the path are independent from the
        signals used by endpoints to manage the flow's state mechanics, they
        may be falsified by an endpoint without affecting the peer's
        understanding of the flow's state. For encrypted flows, this
        divergence is not detectable by on-path devices <xref
        target="RFC8558"></xref>.</t> devices.</blockquote>
      </section>
    </section>
    <section anchor="OAM"
             title="Addition numbered="true" toc="default">
      <name>Addition of Transport OAM Information to Network-Layer Headers"> Headers</name>
      <t>Even when the transport headers are encrypted, on-path devices can
      make measurements by utilising additional protocol headers carrying OAM
      information in an additional packet header. OAM information can be
      included with packets to perform functions functions, such as identification of
      transport protocols and flows, to aide understanding of network or
      transport performance, performance or to support network operations or mitigate the
      effects of specific network segments.</t>
      <t>Using network-layer approaches to reveal information has the
      potential that the same method (and hence same observation and analysis
      tools) can be consistently used by multiple transport protocols. This
      approach also could be applied to methods beyond OAM (see <xref
      target="EH2"></xref>). target="EH2" format="default"/>). There can also be less desirable implications
      from separating the operation of the transport protocol from the
      measurement framework.</t>
      <section title="Use numbered="true" toc="default">
        <name>Use of OAM within a Maintenance Domain"> Domain</name>
        <t>OAM information can be restricted to a maintenance domain,
        typically owned and operated by a single entity. OAM information can
        be added at the ingress to the maintenance domain (e.g., an Ethernet
        protocol header with timestamps and sequence number information using
        a method such as 802.11ag or in-situ OAM <xref
        target="I-D.ietf-ippm-ioam-data"></xref>, target="I-D.ietf-ippm-ioam-data" format="default"/> or as a part of the
        encapsulation protocol). This additional header information is not
        delivered to the endpoints and is typically removed at the egress of
        the maintenance domain.</t>
        <t>Although some types of measurements are supported, this approach
        does not cover the entire range of measurements described in this
        document. In some cases, it can be difficult to position measurement
        tools at the appropriate segments/nodes segments/nodes, and there can be challenges in
        correlating the downstream/upstream information when in-band OAM data
        is inserted by an on-path device.</t>
      </section>
      <section title="Use numbered="true" toc="default">
        <name>Use of OAM across Multiple Maintenance Domains"> Domains</name>
        <t>OAM information can also be added at the network layer by the
        sender as an IPv6 extension header or an IPv4 option, option or in an
        encapsulation/tunnel header that also includes an extension header or
        option. This information can be used across multiple network segments, segments
        or between the transport endpoints.</t>
        <t>One example is the IPv6 Performance and Diagnostic Metrics (PDM)
        destination option <xref target="RFC8250"></xref>. target="RFC8250" format="default"/>. This allows a
        sender to optionally include a destination option that carries header
        fields that can be used to observe timestamps and packet sequence
        numbers. This information could be authenticated by a receiving
        transport endpoint when the information is added at the sender and
        visible at the receiving endpoint, although methods to do this have
        not currently been proposed. This needs to be explicitly enabled at
        the sender.</t>
      </section>
    </section>
    <section title="Conclusions"> numbered="true" toc="default">
      <name>Conclusions</name>
      <t>Header authentication and encryption and strong integrity checks are being incorporated
      into new transport protocols and have important benefits. The pace of the
      development of transports using the WebRTC data channel, channel and the rapid
      deployment of the QUIC transport protocol, protocol can both be attributed to
      using the combination of UDP as a substrate while providing
      confidentiality and authentication of the encapsulated transport headers
      and payload.</t>
      <t>This document has described some current practises, and the
      implications for some stakeholders, when transport layer transport-layer header
      encryption is used. It does not judge whether these practises are
      necessary,
      necessary or endorse the use of any specific practise. Rather, the
      intent is to highlight operational tools and practises to consider when
      designing and modifying transport protocols, so protocol designers can
      make informed choices about what transport header fields to encrypt, encrypt and
      whether it might be beneficial to make an explicit choice to expose
      certain fields to devices on the network path. In making such a
      decision, it is important to balance: <list style="symbols">
          <t>User Privacy: The </t>
      <dl newline="true" spacing="normal">
        <dt>User Privacy:</dt>
	<dd>The less transport header information that is
          exposed to the network, the lower the risk of leaking metadata that
          might have user privacy implications. Transports that chose to
          expose some header fields need to make a privacy assessment to
          understand the privacy cost versus benefit trade-off in making that
          information available. The design of the QUIC spin bit to the
          network is an example of such considered analysis.</t>

          <t>Transport Ossification: Unencrypted analysis.</dd>
        <dt>Transport Ossification:</dt>
	<dd>Unencrypted transport header fields are
          likely to ossify rapidly, as network devices come to rely on their
          presence, making it difficult to change the transport in future.
          This argues that the choice to expose information to the network is
          made deliberately and with care, since it is essentially defining a
          stable interface between the transport and the network. Some
          protocols will want to make that interface as limited as possible;
          other protocols might find value in exposing certain information to
          signal to the network, network or in allowing the network to change certain
          header fields as signals to the transport. The visible wire image of
          a protocol should be explicitly designed.</t>

          <t>Network Ossification: While designed.</dd>
        <dt>Network Ossification:</dt>
	<dd>While encryption can reduce ossification of
          the transport protocol, it does not itself prevent ossification of
          the network service. People seeking to understand network traffic
          could still come to rely on pattern inferences and other heuristics
          or machine learning to derive measurement data and as the basis for
          network forwarding decisions <xref target="RFC8546"></xref>. target="RFC8546" format="default"/>. This
          creates dependencies on the transport protocol, protocol or the patterns of
          traffic it can generate, resulting in ossification of the
          service.</t>

          <t>Impact
          service.</dd>
        <dt>Impact on Operational Practice: The Practice:</dt>
	<dd>The network operations community
          has long relied on being able to understand Internet traffic
          patterns, both in aggregate and at the flow level, to support
          network management, traffic engineering, and troubleshooting.
          Operational practice has developed based on the information
          available from unencrypted transport headers. The IETF has supported
          this practice by developing operations and management specifications, interface
	  specifications, and associated Best
          Current Practises. Practices. Widespread deployment of transport protocols that
          encrypt their information will impact network operations, operations unless
          operators can develop alternative practises that work without access
          to the transport header.</t>

          <t>Pace header.</dd>
        <dt>Pace of Evolution: Removing Evolution:</dt>
	<dd>Removing obstacles to change can enable an
          increased pace of evolution. If a protocol changes its transport
          header format (wire image), image) or its transport behaviour, this can
          result in the currently deployed tools and methods becoming no
          longer relevant. Where this needs to be accompanied by development
          of appropriate operational support functions and procedures, it can
          incur a cost in new tooling to catch-up catch up with each change. Protocols
          that consistently expose observable data do not require such
          development,
          development but can suffer from ossification and need to consider
          if the exposed protocol metadata has privacy implications. There is
          no single deployment context, and therefore context; therefore, designers need to
          consider the diversity of operational networks (ISPs, enterprises,
          DDoS mitigation and firewall maintainers, etc.).</t> etc.).</dd>
        <!---->

          <t>Supporting

          <dt>Supporting Common Specifications: Common, Specifications:</dt>
	  <dd>Common, open, transport
          specifications can stimulate engagement by developers, users,
          researchers, and the broader community. Increased protocol diversity
          can be beneficial in meeting new requirements, but the ability to
          innovate without public scrutiny risks point solutions that optimise
          for specific cases, cases and that can accidentally disrupt operations
          of/in different parts of the network. The social contract that
          maintains the stability of the Internet relies on accepting common
          transport specifications, specifications and on it being possible to detect
          violations. The existence of independent measurements, transparency,
          and public scrutiny of transport protocol behaviour, help behaviour helps the
          community to enforce the social norm that protocol implementations
          behave fairly and conform (at least mostly) to the specifications.
          It is important to find new ways of maintaining that community trust
          as increased use of transport header encryption limits visibility
          into transport behaviour (see also <xref
          target="exposing"></xref>).</t>

          <t>Impact target="exposing" format="default"/>).</dd>
        <dt>Impact on Benchmarking and Understanding Feature Interactions: An Interactions:</dt>
	<dd>An appropriate vantage point for observation, coupled with timing
          information about traffic flows, provides a valuable tool for
          benchmarking network devices, endpoint stacks, and/or
          configurations. This can help understand complex feature
          interactions. An inability to observe transport header information
          can make it harder to diagnose and explore interactions between
          features at different protocol layers, a side-effect side effect of not allowing
          a choice of vantage point from which this information is observed.
          New approaches might have to be developed.</t>

          <t>Impact developed.</dd>
        <dt>Impact on Research and Development: Hiding Development:</dt>
	<dd>Hiding transport header
          information can impede independent research into new mechanisms,
          measurement
          measurements of behaviour, and development initiatives. Experience
          shows that transport protocols are complicated to design and complex
          to deploy, deploy and that individual mechanisms have to be evaluated while
          considering other mechanisms, mechanisms across a broad range of network
          topologies and with attention to the impact on traffic sharing the
          capacity. If increased use of transport header encryption results in
          reduced availability of open data, it could eliminate the
          independent checks to the standardisation process that have
          previously been in place from research and academic contributors
          (e.g., the role of the IRTF Internet Congestion Control Research
          Group (ICCRG) and research publications in reviewing new transport
          mechanisms and assessing the impact of their deployment).</t>
        </list></t> deployment).</dd>
      </dl>
      <t>Observable transport header information might be useful to various
      stakeholders. Other sets of stakeholders have incentives to limit what
      can be observed. This document does not make recommendations about what
      information ought to be exposed, to whom it ought to be observable, or
      how this will be achieved. There are also design choices about where
      observable fields are placed. For example, one location could be a part
      of the transport header outside of the encryption envelope, envelope; another
      alternative is to carry the information in a network-layer option or
      extension header. New transport protocol designs ought to explicitly
      identify any fields that are intended to be observed, consider if there
      are alternative ways of providing the information, and reflect on the
      implications of observable fields being used by on-path network devices, devices
      and how this might impact user privacy and protocol evolution when these
      fields become ossified.</t>
      <t>As <xref target="RFC7258"></xref> target="RFC7258" format="default"/> notes, "Making networks
      unmanageable to mitigate (pervasive monitoring) PM is not an acceptable
      outcome, but ignoring (pervasive monitoring) PM would go against the
      consensus documented here." Providing explicit information can help
      avoid traffic being inappropriately classified, impacting application
      performance. An appropriate balance will emerge over time as real
      instances of this tension are analysed <xref target="RFC7258"></xref>. target="RFC7258" format="default"/>.
      This balance between information exposed and information hidden ought to
      be carefully considered when specifying new transport protocols.</t>
    </section>
    <section anchor="Security" title="Security Considerations"> numbered="true" toc="default">
      <name>Security Considerations</name>
      <t>This document is about design and deployment considerations for
      transport protocols. Issues relating to security are discussed
      throughout this document.</t>
      <t>Authentication, confidentiality protection, and integrity protection
      are identified as Transport Features transport features by <xref target="RFC8095"></xref>. target="RFC8095" format="default"/>.
      As currently deployed in the Internet, these features are generally
      provided by a protocol or layer on top of the transport protocol <xref
      target="RFC8922"></xref>.</t> target="RFC8922" format="default"/>.</t>
      <t>Confidentiality and strong integrity checks have properties that can
      also be incorporated into the design of a transport protocol or to
      modify an existing transport. Integrity checks can protect an endpoint
      from undetected modification of protocol fields by on-path network
      devices, whereas encryption and obfuscation or greasing can further
      prevent these headers being utilised by network devices <xref
      target="RFC8701"></xref>. target="RFC8701"
      format="default"/>. Preventing observation of headers provides an
      opportunity for greater freedom to update the protocols and can ease
      experimentation with new techniques and their final deployment in
      endpoints. A protocol specification needs to weigh the costs of
      ossifying common headers, headers versus the potential benefits of exposing
      specific information that could be observed along the network path to
      provide tools to manage new variants of protocols.</t>
      <t>Header encryption can provide confidentiality of some or all of the
      transport header information. This prevents an on-path device from
      gaining knowledge of the header field. It therefore prevents mechanisms
      being built that directly rely on the information or seeks to infer
      semantics of an exposed header field. Reduced visibility into transport
      metadata can limit the ability to measure and characterise traffic, traffic and
      conversely can provide privacy benefits.</t>
      <t>Extending the transport payload security context to also include the
      transport protocol header protects both types of information with the
      same key. A privacy concern would arise if this key was shared with a
      third party, e.g., providing access to transport header information to
      debug a performance issue, issue would also result in exposing the transport
      payload data to the same third party. Such risks would be mitigated
      using a layered security design that provides one domain of protection
      and associated keys for the transport payload and encrypted transport
      headers;
      headers and a separate domain of protection and associated keys for any
      observable transport header fields.</t>
      <t>Exposed transport headers are sometimes utilised as a part of the
      information to detect anomalies in network traffic. As stated in <xref target="RFC7258"
      format="default"/>, "While PM is an
      attack, other forms of monitoring that might fit the definition of PM
      can be beneficial and not part of any attack, e.g., network management
      functions monitor packets or flows and anti-spam mechanisms need to see
      mail message content." <xref target="RFC7258"></xref>. This can be used
      as the first line of defence to identify potential threats from DoS or
      malware and redirect suspect traffic to dedicated nodes responsible for
      DoS analysis, for malware detection, or to perform packet "scrubbing" (the
      normalisation of packets so that there are no ambiguities in
      interpretation by the ultimate destination of the packet). These
      techniques are currently used by some operators to also defend from
      distributed DoS attacks.</t>
      <t>Exposed transport header fields can also form a part of the
      information used by the receiver of a transport protocol to protect the
      transport layer from data injection by an attacker. In evaluating this
      use of exposed header information, it is important to consider whether
      it introduces a significant DoS threat. For example, an attacker could
      construct a DoS attack by sending packets with a sequence number that
      falls within the currently accepted range of sequence numbers at the
      receiving endpoint. This would then introduce additional work at the
      receiving endpoint, even though the data in the attacking packet might
      not finally be delivered by the transport layer. This is sometimes known
      as a &ldquo;shadowing attack&rdquo;. "shadowing attack". An attack can, for example, disrupt
      receiver processing, trigger loss and retransmission, or make a
      receiving endpoint perform unproductive decryption of packets that
      cannot be successfully decrypted (forcing a receiver to commit
      decryption resources, or to update and then restore protocol state).</t>
      <t>One mitigation to off-path attack attacks is to deny knowledge of what header
      information is accepted by a receiver or obfuscate the accepted header
      information, e.g., setting a non-predictable nonpredictable initial value for a
      sequence number during a protocol handshake, as in <xref
      target="RFC3550"></xref> target="RFC3550" format="default"/>
      and <xref target="RFC6056"></xref>, target="RFC6056" format="default"/>, or a port
      value that cannot be predicted (see Section 5.1 of <xref
      target="RFC8085"></xref>). target="RFC8085" sectionFormat="of"
      section="5.1"/>). A receiver could also require additional
      information to be used as a part of a validation check before accepting
      packets at the transport layer (e.g., layer, e.g., utilising a part of the sequence
      number space that is encrypted; encrypted or by verifying an encrypted token not
      visible to an attacker). attacker. This would also mitigate against on-path
      attacks. An additional processing cost can be incurred when decryption
      is attempted before a receiver discards an injected packet.</t>
      <t>The existence of open transport protocol standards, standards and a research
      and operations community with a history of independent observation and
      evaluation of performance data, encourages data encourage fairness and conformance to
      those standards. This suggests careful consideration will be made over
      where, and when, measurement samples are collected. An appropriate
      balance between encrypting some or all of the transport header
      information needs to be considered. Open data, data and accessibility to
      tools that can help understand trends in application deployment, network
      traffic
      traffic, and usage patterns can all contribute to understanding security
      challenges.</t>
      <t>The Security security and Privacy Considerations privacy considerations in the "A Framework for
      Large-Scale Measurement of Broadband Performance (LMAP) (LMAP)" <xref
      target="RFC7594"></xref> target="RFC7594"
      format="default"/> contain considerations for Active and Passive
      measurement techniques and supporting material on measurement
      context.</t>
      <t>Addition of observable transport information to the path increases
      the information available to an observer and may, when this information
      can be linked to a node or user, reduce the privacy of the user. See the
      security considerations of <xref target="RFC8558"></xref>.</t> target="RFC8558" format="default"/>.</t>
    </section>
    <section anchor="IANA" title="IANA Considerations"> numbered="true" toc="default">
      <name>IANA Considerations</name>
      <t>This memo includes document has no request to IANA.</t> IANA actions.</t>
    </section>
  </middle>
  <back>

<displayreference target="I-D.trammell-plus-abstract-mech" to="PLUS-ABSTRACT-MECH"/>
<displayreference target="I-D.ietf-ippm-ioam-data" to="IOAM-DATA"/>
<displayreference target="I-D.ietf-quic-qlog-main-schema" to="QLOG"/>
<displayreference target="I-D.ietf-6man-ipv6-alt-mark" to="IPV6-ALT-MARK"/>
<displayreference target="I-D.ietf-tls-dtls13" to="DTLS"/>

    <references>
      <name>Informative References</name>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8866.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8684.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5426.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.0791.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2410.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2474.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2475.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2507.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2508.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2914.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3168.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3234.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3261.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3393.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3550.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3711.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4302.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4303.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4585.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4737.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4960.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5166.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5795.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5218.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5236.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8446.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5481.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5925.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6056.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6294.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6269.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6347.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6438.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6437.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6973.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7258.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7413.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7414.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7567.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7624.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7872.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7928.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7983.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7594.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7799.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8033.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8084.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8085.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8086.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8087.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8095.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8250.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8289.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8290.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8404.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8462.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8517.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8546.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8548.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8558.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7605.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7098.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7126.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6846.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8701.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.9000.xml"/>

<!-- [I-D.trammell-plus-abstract-mech] IESG state Expired  -->

      <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.trammell-plus-abstract-mech-00.xml"/>

<!-- [I-D.ietf-ippm-ioam-data] IESG state IESG Evaluation::Revised I-D Needed -->

      <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-ippm-ioam-data-12.xml"/>

      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8922.xml"/>

<!-- [I-D.ietf-tsvwg-rtcweb-qos] Published as RFC 8837 -->

      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8837.xml"/>

<!-- [I-D.ietf-quic-qlog-main-schema] IESG state I-D Exists  -->

      <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-quic-qlog-main-schema-00.xml"/>

<!-- [I-D.ietf-tls-dtls13] in MISSREF state -->
      <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.draft-ietf-tls-dtls13-43.xml"/>

<!-- [I-D.ietf-6man-ipv6-alt-mark] IESG state I-D Exists  -->

      <xi:include href="https://datatracker.ietf.org/doc/bibxml3/reference.I-D.ietf-6man-ipv6-alt-mark-06.xml"/>

      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3552.xml"/>
      <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8724.xml"/>

      <reference anchor="Measurement">
        <front>
          <title>Measurement-based Protocol Design</title>
          <author initials="G" surname="Fairhurst" fullname="Gorry Fairhurst"/>
          <author initials="M" surname="Kuehlewind" fullname="Mirja Kuehlewind"/>
          <author initials="D" surname="Lopez" fullname="Diego Lopez"/>
          <date month="June" year="2017"/>
        </front>
	<refcontent>European Conference on Networks and Communications, Oulu, Finland.</refcontent>
      </reference>

      <reference anchor="Latency">
        <front>
          <title>Reducing Internet Latency: A Survey of Techniques and Their
          Merits</title>
          <author initials="B" surname="Briscoe" fullname="Bob Briscoe"/>
	  <author initials="A" surname="Brunstrom" fullname="Anna Brunstrom"/>
	  <author initials="A" surname="Petlund" fullname="Andreas Petlund"/>
	  <author initials="D" surname="Hayes" fullname="David Hayes"/>
	  <author initials="D" surname="Ros" fullname="David Ros"/>
	  <author initials="I" surname="Tsang" fullname="Ing-Jyh Tsang"/>
	  <author initials="S" surname="Gjessing" fullname="Stein Gjessing"/>
	  <author initials="G" surname="Fairhurst" fullname="Gorry Fairhurst"/>
	  <author initials="C" surname="Griwodz" fullname="Carsten Griwodz"/>
	  <author initials="M" surname="Welzl" fullname="Michael Welzl"/>
          <date month="November" year="2014"/>
        </front>
	<seriesInfo name="DOI" value="10.1109/COMST.2014.2375213"/>
	<refcontent>IEEE Communications Surveys &amp; Tutorials, vol. 18, no. 3, pp. 2149-2196,
	thirdquarter 2016</refcontent>
      </reference>

      <reference anchor="bufferbloat">
        <front>
          <title>Bufferbloat: Dark Buffers in the Internet</title>
          <author initials="J" surname="Gettys" fullname="Jim Gettys"/>
          <author initials="K" surname="Nichols" fullname="Kathleen Nichols"/>
          <date month="January" year="2012"/>
        </front>
	<seriesInfo name="DOI" value="10.1145/2063176.2063196"/>
	<refcontent>Communications of the ACM, Vol. 55, no. 1, pp. 57-65</refcontent>
      </reference>

      <reference anchor="Quic-Trace" target="https://github.com/google/quic-trace">
        <front>
          <title>QUIC trace utilities
          </title>
          <author>
            <organization/>
          </author>
        </front>
      </reference>

      <reference anchor="PAM-RTT">
        <front>
          <title>Revisiting the Privacy Implications of Two-Way Internet
          Latency Data</title>
          <author initials="B." surname="Trammell" fullname="Brian Trammell">
            <organization/>
          </author>
          <author initials="M." surname="Kuehlewind" fullname="Mirja Kuehlewind">
            <organization/>
          </author>
          <date month="March" year="2018"/>
        </front>
	<refcontent>Passive and Active Measurement</refcontent>
      </reference>
    </references>
    <section anchor="Acknowledgements" title="Acknowledgements"> numbered="false" toc="default">
      <name>Acknowledgements</name>
      <t>The authors would like to thank Mohamed Boucadair, Spencer Dawkins,
      Tom Herbert, Jana Iyengar, Mirja Kuehlewind, Kyle Rose, Kathleen
      Moriarty, Al Morton, Chris Seal, Joe Touch, Brian Trammell, Chris Wood,
      Thomas Fossati, Mohamed Boucadair, Martin Thomson, David Black, Martin
      Duke, Joel Halpern <contact fullname="Mohamed Boucadair"/>, <contact
      fullname="Spencer Dawkins"/>, <contact fullname="Tom Herbert"/>, <contact fullname="Jana
      Iyengar"/>, <contact fullname="Mirja Kühlewind"/>, <contact fullname="Kyle Rose"/>,
      <contact fullname="Kathleen Moriarty"/>, <contact fullname="Al Morton"/>, <contact
      fullname="Chris Seal"/>, <contact fullname="Joe Touch"/>, <contact fullname="Brian
      Trammell"/>, <contact fullname="Chris Wood"/>,
      <contact fullname="Thomas Fossati"/>, <contact fullname="Mohamed Boucadair"/>, <contact
      fullname="Martin Thomson"/>, <contact fullname="David Black"/>, <contact fullname="Martin
      Duke"/>, <contact fullname="Joel Halpern"/>, and members of TSVWG for their comments and
      feedback.</t>
      <t>This work has received funding from the European Union&rsquo;s Union's
      Horizon 2020 research and innovation programme under grant agreement No
      688421,
      688421 and the EU Stand ICT Call 4. The opinions expressed and
      arguments employed reflect only the authors' view. views. The European
      Commission is not responsible for any use that might be made of that
      information.</t>
      <t>This work has received funding from the UK Engineering and Physical
      Sciences Research Council under grant EP/R04144X/1.</t>
    </section>
  </middle>

  <back>
    <references title="Informative References">
      &RFC4566;

      &RFC8684;

      &RFC5426;

      &RFC0791;

      &RFC2410;

      &RFC2474;

      &RFC2475;

      &RFC2507;

      &RFC2508;

      &RFC2914;

      &RFC3168;

      &RFC3234;

      &RFC3261;

      &RFC3393;

      &RFC3550;

      &RFC3711;

      &RFC4302;

      &RFC4303;

      &RFC4585;

      &RFC4737;

      &RFC4960;

      &RFC5166;

      &RFC5795;

      &RFC5218;

      &RFC5236;

      &RFC8446;

      &RFC5481;

      &RFC5925;

      &RFC6056;

      &RFC6294;

      &RFC6269;

      &RFC6347;

      &RFC6438;

      &RFC6437;

      &RFC6973;

      &RFC7258;

      &RFC7413;

      &RFC7414;

      &RFC7567;

      &RFC7624;

      &RFC7872;

      &RFC7928;

      &RFC7983;

      &RFC7594;

      &RFC7799;

      &RFC8033;

      &RFC8084;

      &RFC8085;

      &RFC8086;

      &RFC8087;

      &RFC8095;

      &RFC8200;

      &RFC8250;

      &RFC8289;

      &RFC8290;

      &RFC8404;

      &RFC8462;

      &RFC8517;

      &RFC8546;

      &RFC8548;

      &RFC8558;

      &RFC7605;
      &RFC7098;

      &RFC7126;

      &RFC6846;

      &RFC8701;

      &I-D.ietf-quic-transport;

      &I-D.trammell-plus-abstract-mech;

      &I-D.ietf-ippm-ioam-data;

      &RFC8922;

      &I-D.ietf-tsvwg-rtcweb-qos;

      &RFC8837;

      &I-D.marx-qlog-main-schema;

      &I-D.ietf-tls-dtls13;

      &I-D.ietf-6man-ipv6-alt-mark;

      &RFC3552;

      &RFC8724;

      <reference anchor="Measurement">
        <front>
          <title>Measurement-based Protocol Design, Eur. Conf. on Networks and
          Communications, Oulu, Finland.</title>

          <author initials="G" surname="Fairhurst"></author>

          <author initials="M" surname="Kuehlewind"></author>

          <author initials="D" surname="Lopez"></author>

          <date month="June" year="2017" />
        </front>
      </reference>

      <reference anchor="Latency">
        <front>
          <title>Reducing Internet Latency: A Survey of Techniques and Their
          Merits, IEEE Comm. Surveys &amp; Tutorials. 26;18(3)
          p2149-2196</title>

          <author initials="B" surname="Briscoe"></author>

          <date month="November" year="2014" />
        </front>
      </reference>

      <reference anchor="bufferbloat">
        <front>
          <title>Bufferbloat: dark buffers in the Internet. Communications of
          the ACM, 55(1):57-65</title>

          <author initials="J" surname="Gettys"></author>

          <author initials="K" surname="Nichols"></author>

          <date month="January" year="2012" />
        </front>
      </reference>

      <reference anchor="Quic-Trace">
        <front>
          <title>https:QUIC trace utilities
          //github.com/google/quic-trace</title>

          <author>
            <organization></organization>
          </author>

          <date />
        </front>
      </reference>

      <reference anchor="PAM-RTT">
        <front>
          <title>Revisiting the Privacy Implications of Two-Way Internet
          Latency Data (in Proc. PAM 2018)</title>

          <author initials="B." surname="Trammell">
            <organization></organization>
          </author>

          <author initials="M." surname="Kuehlewind">
            <organization></organization>
          </author>

          <date month="March" year="2018" />
        </front>
      </reference>
    </references>

    <section title="Revision information">
      <t>-00 This is an individual draft for the IETF community.</t>

      <t>-01 This draft was a result of walking away from the text for a few
      days and then reorganising the content.</t>

      <t>-02 This draft fixes textual errors.</t>

      <t>-03 This draft follows feedback from people reading this draft.</t>

      <t>-04 This adds an additional contributor and includes significant
      reworking to ready this for review by the wider IETF community Colin
      Perkins joined the author list.</t>

      <t>Comments from the community are welcome on the text and
      recommendations.</t>

      <t>-05 Corrections received and helpful inputs from Mohamed
      Boucadair.</t>

      <t>-06 Updated following comments from Stephen Farrell, and feedback via
      email. Added a draft conclusion section to sketch some strawman
      scenarios that could emerge.</t>

      <t>-07 Updated following comments from Al Morton, Chris Seal, and other
      feedback via email.</t>

      <t>-08 Updated to address comments sent to the TSVWG mailing list by
      Kathleen Moriarty (on 08/05/2018 and 17/05/2018), Joe Touch on
      11/05/2018, and Spencer Dawkins.</t>

      <t>-09 Updated security considerations.</t>

      <t>-10 Updated references, split the Introduction, and added a paragraph
      giving some examples of why ossification has been an issue.</t>

      <t>-01 This resolved some reference issues. Updated section on
      observation by devices on the path.</t>

      <t>-02 Comments received from Kyle Rose, Spencer Dawkins and Tom
      Herbert. The network-layer information has also been re-organised after
      comments at IETF-103.</t>

      <t>-03 Added a section on header compression and rewriting of sections
      referring to RTP transport. This version contains author editorial work
      and removed duplicate section.</t>

      <t>-04 Revised following SecDir Review</t>

      <t><list style="symbols">
          <t>Added some text on TLS story (additional input sought on relevant
          considerations).</t>

          <t>Section 2, paragraph 8 - changed to be clearer, in particular,
          added "Encryption with secure key distribution prevents"</t>

          <t>Flow label description rewritten based on PS/BCP RFCs.</t>

          <t>Clarify requirements from RFCs concerning the IPv6 flow label and
          highlight ways it can be used with encryption. (section 3.1.3)</t>

          <t>Add text on the explicit spin-bit work in the QUIC DT. Added
          greasing of spin-bit. (Section 6.1)</t>

          <t>Updated section 6 and added more explanation of impact on
          operators.</t>

          <t>Other comments addressed.</t>
        </list>-05 Editorial pass and minor corrections noted on TSVWG
      list.</t>

      <t>-06 Updated conclusions and minor corrections. Responded to request
      to add OAM discussion to Section 6.1.</t>

      <t><!--
          Three example scenarios illustrate different directions in which this could evolve:

          In one scenario, transport protocol designs expose the transport header and do not use confidentiality to protect the transport information. Middleboxes could utilise this information and could rely on the presence and format of any exposed information to build tooling and procedures that support troubleshooting, measurement and other functions. As the design evolves, these tools will have to be updated to reflect the format of the header information in updated versions of the protocol. The protocol could then experience unintentional impact from the middlebox dependencies either loosing functionality or requiring the middleboxes to be updated to track the protocol evolution. This could limit the ability to deploy changes to the protocol.

          In another scenario, transport protocols could be designed to intentionally expose information to the network as a part of the transport header. This design fixes the invariant format of the exposed information between versions of the protocol. Only the exposed part of the transport information can be utilised by an operator to support measurement and other operational procedures. Common approaches between versions of the protocol and between different operators could emerge based on the ossified header information, enabling consistent traffic management as the protocol evolves.

          In a third scenario, a protocol that encrypts all header information prevents tooling from directly using transport header information. This could lead to network operators acting independently from apps/transport developments to extract the information to operate and manage their network. A range of approaches could proliferate to support specific goals. For some applications, operators could introduce on addition of a shim header to each packet in a flow as the flow crosses a network segment; other operators/managers could develop heuristics and pattern recognition to derive information that classifies flows and estimates quality metrics for the service being used; some could decide to rate-limit or block traffic until new tooling is in place.

          Other scenarios could also prevail, and time will tell the final impact on network operation and evolution of the Internet.

          -->-07 Addressed feedback from Ruediger and Thomas.</t>

      <t>Section 2 deserved some work to make it easier to read and avoid
      repetition. This edit finally gets to this, and eliminates some
      duplication. This also moves some of the material from section 2 to
      reform a clearer conclusion. The scope remains focussed on the usage of
      transport headers and the implications of encryption - not on proposals
      for new techniques/specifications to be developed.</t>

      <t>-08 Addressed feedback and completed editorial work, including
      updating the text referring to RFC7872, in preparation for a WGLC.</t>

      <t>-09 Updated following WGLC. In particular, thanks to Joe Touch
      (specific comments and commentary on style and tone); Dimitri Tikonov
      (editorial); Christian Huitema (various); David Black (various). Amended
      privacy considerations based on SECDIR review. Emile Stephan (inputs on
      operations measurement); Various others.</t>

      <t>Added summary text and refs to key sections. Note to editors: The
      section numbers are hard-linked.</t>

      <t>-10 Updated following additional feedback from 1st WGLC. Comments
      from David Black; Tommy Pauly; Ian Swett; Mirja Kuehlewind; Peter
      Gutmann; Ekr; and many others via the TSVWG list. Some people thought
      that "needed" and "need" could</t>

      <t>represent requirements in the document, etc. this has been
      clarified.</t>

      <t>-11 Updated following additional feedback from Martin Thomson, and
      corrections from other reviewers.</t>

      <t>-12 Updated following additional feedback from reviewers.</t>

      <t>-13 Updated following 2nd WGLC with comments from D.L.Black; T.
      Herbert; Ekr; and other reviewers.</t>

      <t>-14 Update to resolve feedback to rev -13. This moves the general
      discussion of adding fields to transport packets to section 6, and
      discusses with reference to material in RFC8558.</t>

      <t>-15 Feedback from D.L. Black, T. Herbert, J. Touch, S. Dawkins and M.
      Duke. Update to add reference to RFC7605. Clarify a focus on immutable
      transport fields, rather than modifying middleboxes with Tom H.
      Clarified Header Compression discussion only provides a list of examples
      of HC methods for transport. Clarified port usage with Tom H/Joe T.
      Removed some duplicated sentences, and minor edits. Added NULL-ESP.
      Improved after initial feedback from Martin Duke.</t>

      <t>-16 Editorial comments from Mohamed Boucadair. Added DTLS 1.3.</t>

      <t>-17 Revised to satisfy ID-NITs and updates REFs to latest rev,
      updated HC Refs; cited IAB guidance on security and privacy within IETF
      specs.</t>

      <t>-18 Revised based on AD review.</t>

      <t>-19 Revised after additional AD review request, and request to
      restructure.</t>

      <t>-20 Revised after directorate reviews and IETF LC comments.</t>

      <t>Gen-ART:</t>

      <t><list style="symbols">
          <t>While section 2 does include a discussion of traffic
          mis-ordering, it does not include a discussion of ECMP, and the
          dependence of ECMP on flow identification to avoid significant
          packet mis-ordering.:: ECMP added as example.</t>

          <t>Section 5.1 of this document discusses the use of Hop-by-Hop IPv6
          options. It seems that it should acknowledge and discuss the
          applicability of the sentence "New hop-by-hop options are not
          recommended..." from section 4.8 of RFC 8200. I think a good
          argument can be made in this case as to why (based on the rest of
          the sentence from 8200) the recommendation does not apply to this
          proposal. The document should make the argument.:: Quoted RFC
          sentences directly to avoid interpretting them.</t>

          <t>I found the discussion of header compression slightly confusing.
          Given that the TCP / UDP header is small even compared to the IP
          header, it is difficult to see why encrypting it would have a
          significant impact on header compression efficacy. :: Added a
          preface that explains that HC methods are most effective for
          bit-congestive links.</t>

          <t>The wording in section 6.2 on adding header information to an IP
          packet has the drawback of seeming to imply that one could add (or
          remove) such information in the network, without adding an
          encapsulating header. That is not permitted by RFC 8200 (IPv6). It
          would be good to clarify the first paragraph. (The example, which
          talks about the sender putting in the information is, of course,
          fine.) :: Unintended - added a sentence of preface.</t>
        </list></t>

      <t>SECDIR:: Previous revisions were updated following Early Review
      comments.</t>

      <t>OPSEC:: No additional changes were requested in the OPSEC review.</t>

      <t>IETF LC:: Tom Herbert: Please refer to 8200 on EH :: addressed in
      response to Joel above. Michael Richardson, Fernando Gont, Tom Herbert:
      Continuation of discussion on domains where EH might be (or not) useful
      and the tussle on what information to reveal. Unclear yet what
      additional text should be changed within this ID.</t>

      <t>------------</t>

      <t>- 21 Revised after IESG review:</t>

      <t>Revision 21 includes revised text after comments from Zahed, Erik Kline, Rob Wilton, Eric Vyncke, Roman Danyliw, and Benjamin Kaduk.</t>
      <t></t>
    </section>
  </back>
</rfc>