Re: [quicwg/base-drafts] Don't Change Source CID After Retry (#1491)
ianswett <notifications@github.com> Wed, 27 June 2018 21:19 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 788D4124BE5 for <quic-issues@ietfa.amsl.com>; Wed, 27 Jun 2018 14:19:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.01
X-Spam-Level:
X-Spam-Status: No, score=-8.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dWa9JoGAff8O for <quic-issues@ietfa.amsl.com>; Wed, 27 Jun 2018 14:19:41 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F885130E2A for <quic-issues@ietf.org>; Wed, 27 Jun 2018 14:19:41 -0700 (PDT)
Date: Wed, 27 Jun 2018 14:19:40 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1530134380; bh=y0u1rvXWddlbEhTg4mclL6iDBQOPXkt6wMHRZevm/UI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=g42Kll3qxJvhbdqPyCcEiAmmI9qOpDP3dBIY+KIVUmSzcWJAPlvQfAjOLqh9hxWDY KqXJ6o+3lk+xwyOxK5acZPUjYakYOaBGugIpkdf0viJNpySKRONv8ideBe4DHJtofm eNYF+DL5FVkNNOVBzOqumpjO2Ze1THbL3Iszs/R8=
From: ianswett <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abe9abc9e0cba682b82cca0104145e2de84695bf1392cf00000001174bc16c92a169ce140bc75e@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1491/review/132613045@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1491@github.com>
References: <quicwg/base-drafts/pull/1491@github.com>
Subject: Re: [quicwg/base-drafts] Don't Change Source CID After Retry (#1491)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b33ff6c44c15_12913f928a7fef843327"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/2292Z6CTscEaC_jw5yNTm8bTteI>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jun 2018 21:19:44 -0000
ianswett commented on this pull request. Agreed, MUST NOT > @@ -633,7 +633,11 @@ If the client received a Retry packet from the server and sends an Initial packet in response, then it sets the Destination Connection ID to the value from the Source Connection ID in the Retry packet. Changing Destination Connection ID also results in a change to the keys used to protect the Initial packet. It also -sets the Token field to the token provided in the Retry. +sets the Token field to the token provided in the Retry. Additionally, the +client SHOULD NOT change the Source Connection ID because the server may include +the connection ID as part of its token validation logic. If the client changes +the Source Connection ID in this case, it would likely trigger a new Retry to be nit: would likely -> could > @@ -633,7 +633,11 @@ If the client received a Retry packet from the server and sends an Initial packet in response, then it sets the Destination Connection ID to the value from the Source Connection ID in the Retry packet. Changing Destination Connection ID also results in a change to the keys used to protect the Initial packet. It also -sets the Token field to the token provided in the Retry. +sets the Token field to the token provided in the Retry. Additionally, the +client SHOULD NOT change the Source Connection ID because the server may include MUST NOT -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/1491#pullrequestreview-132613045
- Re: [quicwg/base-drafts] Don't Change Source CID … MikkelFJ
- Re: [quicwg/base-drafts] Don't Change Source CID … Mike Bishop
- Re: [quicwg/base-drafts] Don't Change Source CID … Nick Banks
- Re: [quicwg/base-drafts] Don't Change Source CID … MikkelFJ
- [quicwg/base-drafts] Don't Change Source CID Afte… Nick Banks
- Re: [quicwg/base-drafts] Don't Change Source CID … Nick Banks
- Re: [quicwg/base-drafts] Don't Change Source CID … Kazuho Oku
- Re: [quicwg/base-drafts] Don't Change Source CID … ianswett
- Re: [quicwg/base-drafts] Don't Change Source CID … Martin Thomson
- Re: [quicwg/base-drafts] Don't Change Source CID … Martin Thomson
- Re: [quicwg/base-drafts] Don't Change Source CID … Martin Thomson
- Re: [quicwg/base-drafts] Don't Change Source CID … Martin Thomson