Protocol meta-properties

[raybellis]

Rather than use the protocol field to tag things like QUIC (see #10) should we consider using a couple of the reserved bits to indicate meta-properties of the original inbound query, e.g.

1. packet originated from an unspoofable source (US flag)
2. packet was encrypted (EN flag)

on the basis that policy decisions might be made based on those meta-properties rather than on the specific ports or protocols in use, hence:

• UDP - nothing
• UDP + cookies - US
• TCP - US
• TLS - US + EN
• QUIC - US + EN

[rgacogne]

Looks like a very good idea, yes!

[raybellis]

Peter and I discussed whether we should allow for some sort of generic "tag" mechanism either in addition or instead of the protocol and meta-property flags described above. This would allow for a hypothetical "xpf-tag-match" ACL in servers that would be more generic than one relying on the protocol properties.