Re: [quicwg/base-drafts] Let server abort on post-Retry packet number reset (#3990)

ekr <> Fri, 28 August 2020 20:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6FCCA3A0BA3 for <>; Fri, 28 Aug 2020 13:27:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MpRQudPqXK-8 for <>; Fri, 28 Aug 2020 13:27:38 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B45703A0B9F for <>; Fri, 28 Aug 2020 13:27:38 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 0BC9690001D for <>; Fri, 28 Aug 2020 13:27:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1598646458; bh=Fw7fvNR13v1kaJzZOQkVM/cYgmWz5UfkBBitxGOonos=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=RSF259xwzADOsk+KWfxvF/9SyK1++q7fZ6UcNAUw2mXFa/HvLgD32qBQuKr7BnFLG iBG7YjZk5Z5p8g14uxzyAJn+mn1kNooq/88vvBc+NOGSlyNOrh8uFrcD5X5EFG7EUG Lx5b0c+AGpxkBowjVE8Qek0+emyy+KrNxPZ+D+Mc=
Date: Fri, 28 Aug 2020 13:27:37 -0700
From: ekr <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3990/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Let server abort on post-Retry packet number reset (#3990)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f4968b9f0825_322a196411868"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ekr
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 28 Aug 2020 20:27:40 -0000

@ekr commented on this pull request.

> @@ -4807,6 +4807,8 @@ responding to a Retry packet. However, the data sent in these packets could be
 different than what was sent earlier. Sending these new packets with the same
 packet number is likely to compromise the packet protection for those packets
 because the same key and nonce could be used to protect different content.
+A server MAY abort the connection if it detects that the client reset the

> We certainly don't mention a general rule anywhere, but we can't stop an endpoint from enforcing MUSTs on its own.

Well, we can't stop them in the "no protocol police" sense, but we certainly can have a MUST-level rule that forbids it.

>  I think it's useful to explicitly call it out out here because this is the sort of place where we want to call explicit attention.


My general point is that text should do work. And if there is already a general rule permitting to you to error on MUST violations then why does this text need to be there? And working backward from that one might infer that no such rule exists.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: