Re: [quicwg/base-drafts] What needs to be checked for address validation (#3327)

Martin Thomson <> Tue, 18 February 2020 05:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4306B120074 for <>; Mon, 17 Feb 2020 21:27:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id geyCQtVPZQrI for <>; Mon, 17 Feb 2020 21:27:25 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 98B3612001A for <>; Mon, 17 Feb 2020 21:27:25 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id E8BE88C050E for <>; Mon, 17 Feb 2020 21:27:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1582003644; bh=5wlwF4U8503Iv+eAiEZ344i2BtmmtFsWuH7cSq2gdOU=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=wvFfSSpCgMgzIh60v4k8TYL9zKnDw+1YlvU3dKjIseWZI0BeatsGojfelOu4KM9tA k02X3MNlgBjst0ndtSgmcgCnk+NfBFuffAjSDkWplO47wDA7gchbGmOLKcJ9mhw78S Ez1Wa+yP5p+Y2GNWVos/LkbKdjcn/wNaGYyye2oE=
Date: Mon, 17 Feb 2020 21:27:24 -0800
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3327/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] What needs to be checked for address validation (#3327)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e4b75bcd8106_200a3f9f506cd96c289638"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 18 Feb 2020 05:27:27 -0000

martinthomson commented on this pull request.

> @@ -1834,9 +1834,18 @@ SHOULD include information that allows the server to verify that the source IP
 address and port in client packets remains constant.
 Servers might use tokens from NEW_TOKEN in deciding not to send a Retry packet,
-even if the client address has changed. Tokens sent in NEW_TOKEN frames SHOULD
-include information that allows the server to verify if the client address is
-stable, but might allow for different NAT bindings or ephemeral port selection.
+even if the client address has changed. Tokens sent in NEW_TOKEN frames MUST
+include information that allows the server to verify that the client IP address
+has not changed from when the token was issued.

That works.  I think that is better, though I want to be more precise about "address" vs. "IP address" here.  "Address" in this doc refers to IP+port, and I think that we do want to allow clients to choose different ephemeral ports or to be behind a NAT without absolutely requiring servers to use address validation.  I know that adds a bit of uncertainty to this, but it's a compromise.

I've replaced "address" with "IP address" and then replaced the long note with a shorter sentence explaining that IP alone is not perfect.  I think that we might need wider discussion on this one point.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: