[quicwg/base-drafts] introduce a version alias transport parameter (#2573)

Marten Seemann <notifications@github.com> Mon, 01 April 2019 02:07 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id B0F00120046 for <quic-issues@ietfa.amsl.com>; Sun, 31 Mar 2019 19:07:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id EglhgpOIU-Ws for <quic-issues@ietfa.amsl.com>; Sun, 31 Mar 2019 19:07:56 -0700 (PDT)
Received: from out-3.smtp.github.com (out-3.smtp.github.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C34E412002E for <quic-issues@ietf.org>; Sun, 31 Mar 2019 19:07:55 -0700 (PDT)
Date: Sun, 31 Mar 2019 19:07:54 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1554084474; bh=lFrBsd6C+IVvuQr4HNdMF7LFPTBRhhP+Vu8+GfuoEqs=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=ds1ev75NQx6IskKyAbWRf457mgLRwgVRU+fLJbJ7T8cPEvMKuyQquNTO62lPj0QX4 QdUF9CrXqVJ6YxqCmRzIFnM33OWxk2GCiqBzrSqdCUi6uRy1jMXAhOWQkHYTIMnkcb sXpDkwP+O8xOCjgz109u6QrKd29tI2CYEhR+1RTo=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abf92d6e58b6da4c5662b1a1f09111c6d3fdaaa53092cf0000000118b9347a92a169ce197ad4b9@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2573@github.com>
Subject: [quicwg/base-drafts] introduce a version alias transport parameter (#2573)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ca1727a4d08a_7f783f8ed5cd45bc51649"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/2lAKISkIAeW1dCmSZgZ-_7pSXlU>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 02:07:58 -0000

This is an attempt to solve the QUIC version ossification that was discussed in Prague.

Servers can announce a list of version aliases in the transport parameters. A version alias can be any valid QUIC version number, and the server guarantees to accept this version number as an alias for the currently used version. Each version alias comes with a lifetime for which it is valid, as well as a salt for the encryption of the Initial.
On subsequent connections, clients can use a version alias to establish a connection to the same server.

If widely deployed, middleboxes will get used to version numbers from the whole version number space being used for QUIC connections. Since they are unaware of the Initial salt being used for alias versions, they can't even decrypt the Initial packet.

In the current form, this PR lacks some text about the privacy implications of this proposal. A version alias is (yet another) cookie, so it should have the same properties as a token, i.e. a client shouldn't use the same version alias more than once, in order to avoid being identifiable to on-path observers.
You can view, comment on, or merge this pull request online at:


-- Commit Summary --

  * draft some text about the version_aliases transport parameter
  * add an initial secret to the version alias
  * make the version alias lifetime a varint

-- File Changes --

    M draft-ietf-quic-transport.md (36)

-- Patch Links --


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: