Contact emails aric...@chromium.org, awil...@chromium.org, miketa...@chromium.org Explainer
None Specification None Summary This launch enables TCP port randomization on versions of Windows (2020 H1 or later) where we do not expect to see issues with re-use of prior ports occurring too fast (causing rejection due to timeouts on port re-use). The rapid port re-use issue arises from the Birthday problem <https://en.wikipedia.org/wiki/Birthday_problem>, where the probability of randomly re-picking a port already seen rapidly converges with 100% for each new port chosen when compared to port re-use in a sequential model. Blink component Blink>Network <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3ENetwork%22> TAG review None TAG review status Not applicable Motivation When port randomization is disabled (the default), sites are able to count the amount of connections opened by other tabs if they check the TCP port used for new connections before and after opening another window. This knowledge can be used to glean information about other sites like whether they are logged in or not. Risks Interoperability and Compatibility This launch only impacts Windows, and should not cause compatibility issues as Microsoft backported their port randomization fix <https://chromium-review.googlesource.com/c/chromium/src/+/5464674> to Windows 10, 2020 H1 and tested it in Edge. Chrome previously attempted to roll this out in 2021 but ran into (since resolved) issues where rapid port re-use caused network errors. Rollout on linux isn’t needed as port randomization is enabled by default while on macOS an issue similar to the one on Windows with rapid port re-use causing issues is still around. Gecko: Appears to inherit OS defaults <https://github.com/search?q=repo%3Amozilla-firefox%2Ffirefox+setsockopt&type=code&p=1> WebKit: Appears to inherit OS defaults <https://github.com/search?q=repo%3AWebKit%2FWebKit+setsockopt&type=code> Web developers: N/A Debuggability This will be gated behind the base::feature kTcpPortRandomizationWin, so if breakage is suspected that flag could be turned off to detect impact. For how to control feature flags, see this <https://source.chromium.org/chromium/chromium/src/+/main:base/feature_list.h;drc=159a65729cf8fca4d9f453d12d97ab6515360491;l=259> . Measurement The histogram Net.TCPSocket.PortReuseTimeWindows2.{IPType}.{Result} will be used to gauge whether port re-use timings fall too low, while Net.TcpConnectAttempt.Latency.{Result} will be used to detect increases in overall connection failure rates. Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, ChromeOS, Android, and Android WebView)? No, just Windows Is this feature fully tested by web-platform-tests? No, as this is a blink networking focused change browser tests or unit tests are more likely. Flag name on about://flags None Finch feature name kTcpPortRandomizationWin Rollout plan This will be rolled out slowly to detect issues early and either change the version target or roll back. We don’t believe an experiment is needed or desired as the issues we saw before were not very prevalent, we likely need to go beyond 1% to get enough data on Windows to know if there’s still a problem. Requires code in //chrome? No Tracking bug https://crbug.com/40744069 Estimated milestones 139 Link to entry on the Chrome Platform Status https://chromestatus.com/feature/5106900286570496 -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGpy5DJXnNbt4LMv8oD8BeRwxbD97tfCuB2o9d80_YvaDD-n1A%40mail.gmail.com.
