Re: [quicwg/base-drafts] Server cannot proceed after invalid Retry token (#3396)

Martin Thomson <> Tue, 28 January 2020 11:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E205B120019 for <>; Tue, 28 Jan 2020 03:49:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.383
X-Spam-Status: No, score=-1.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aNGCaphSalvH for <>; Tue, 28 Jan 2020 03:49:44 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 72154120013 for <>; Tue, 28 Jan 2020 03:49:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=IKKxxuRyeRKdGfDHCR4KGRO5xwDWGYBCR4EQxTnP2U0=; b= BslQdFUOvsI5vwhJhRVdQ3zs9GcTRnwWOjifdHqChFX9fWx3gyc8LyeleL1VEd2b F1uRY1Lao3upsxrPs8N+wUS9R7jG4yDykpwWHOsPoaWY59a+FxzXqQrkwr/j8Tuw Oj27RHjEiHJ1f20RzPdcQPr1b5MwQgbfz5lA6bUEUyk=
Received: by with SMTP id filter2128p1mdw1-2017-5E30103D-1 2020-01-28 10:43:09.02783617 +0000 UTC m=+375121.845707548
Received: from ( []) by (SG) with ESMTP id f4Wut_JlSmmpHGlomBpSRA for <>; Tue, 28 Jan 2020 10:43:08.944 +0000 (UTC)
Date: Tue, 28 Jan 2020 10:43:09 +0000
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3396/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Server cannot proceed after invalid Retry token (#3396)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e3010376afd7_791a3f823fccd96c991fe"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak1EqYBcUNm+0dl4+MCdzSO/l6xydPGomZ5edc GsnOibQb94V2e8vVjMIvwkJmygDoN1zF0DICFZ8GHZ7BV4BkaZvvbFR8m050pDaa8JeCElcL7Lprxv ZyUGVKJEevBTqwBC0SuWuyTlhUCwQHJTHtY+Yi9HSpWcwUAFoaYhQXtxm6oZHz0VkkLY4WaA6WxCgv w=
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 28 Jan 2020 11:49:46 -0000

The problem here is that something that is identifiable as a Retry token as distinct from a NEW_TOKEN token will ultimately not be usable.  There's a bit of hedging necessary though as junk that appears to be a Retry token is still ultimately just junk.

To be concrete, let's say that you generate Retry tokens that start with "RETRY!!!" and NEW_TOKEN tokens start with "~~~NEW_TOKEN" The difference between those two is such that it would be unlikely for corruption to cause one to be mistaken for the other, and you have a way to distinguish the two even when all the subsequent bits can't be interpreted after you lose keys or something like that.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: