Re: [quicwg/base-drafts] Prevent linkability from responding to migration (#2969)

Martin Thomson <> Thu, 15 August 2019 06:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 85C91120019 for <>; Wed, 14 Aug 2019 23:02:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rJxmf567i2zr for <>; Wed, 14 Aug 2019 23:02:53 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8EEBA120044 for <>; Wed, 14 Aug 2019 23:02:53 -0700 (PDT)
Date: Wed, 14 Aug 2019 23:02:52 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1565848972; bh=aXeO4HK/SVKYTtUSW8vCHZiGLYyF02GLGdjmd3JClrA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=x+CORKQ8TBVzOaZ2LK7C3TGS+Y0FfzIxmAcIXAsim9tUVsvmchysxxvM7oGQrftD+ lBoFtv6qUAUX9e8jeU6rHUyDES9KAvleOvl9QlBfoY5BeNjbG1vzjurQBLz634rixc 1gDRVYfxSRp0oH/0GCZcr1+v3M3kgbp7dCh6WBd8=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2969/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Prevent linkability from responding to migration (#2969)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d54f58cd404b_55823fd469acd9601164ab"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 15 Aug 2019 06:02:56 -0000

martinthomson commented on this pull request.

> @@ -2057,11 +2057,17 @@ linked by any other entity.
 At any time, endpoints MAY change the Destination Connection ID they send to a
 value that has not been used on another path.
-An endpoint MUST use a new connection ID if it initiates connection migration.
-Using a new connection ID eliminates the use of the connection ID for linking
-activity from the same connection on different networks.  Header protection
-ensures that packet numbers cannot be used to correlate activity.  This does not
-prevent other properties of packets, such as timing and size, from being used to
+An endpoint MUST use a new connection ID if it initiates connection migration as
+described in {{initiating-migration}}.  An endpoint MUST use a new
+connection ID in response to a connection migration if the packet that initiates
+migration uses a different connection ID to packets received on any previous

Maybe, but you are right, this could be better.  I just don't know how to word that without turning the sentence into an essay.  Suggestions sought.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: