Re: [quicwg/base-drafts] enforce the active_connection_id_limit (#3201)

Marten Seemann <> Sat, 30 November 2019 02:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 273FC120108 for <>; Fri, 29 Nov 2019 18:24:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LJHmDmFHzTRu for <>; Fri, 29 Nov 2019 18:24:07 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 49FB512002F for <>; Fri, 29 Nov 2019 18:24:07 -0800 (PST)
Date: Fri, 29 Nov 2019 18:24:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1575080646; bh=WcsYzClE8YtLfm+L5H9RKWA2Rl+++tBDAvt4krgB5wQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=DcULotpc7rpg5PPmnKE8jbsVUy085krjVI4qsZcPGvCjYAe3RjO09SJgQpyoZ99b/ nKsyH7LT5b8xMfnJNBMDBa7HySejrWZAyWdxOmVk7r0Mpm8xHj7dp2KDlWAzOYi4D/ 8S+NBb5G5EPHWlApNi3H5R1RdriOwOhVZmEH/KfE=
From: Marten Seemann <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3201/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] enforce the active_connection_id_limit (#3201)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5de1d2c668c00_19873fa2470cd964831853"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 30 Nov 2019 02:24:09 -0000

marten-seemann commented on this pull request.

> @@ -999,8 +999,10 @@ retired are considered active; any active connection ID can be used.
 An endpoint SHOULD ensure that its peer has a sufficient number of available and
 unused connection IDs.  Endpoints store received connection IDs for future use
 and advertise the number of connection IDs they are willing to store with the
-active_connection_id_limit transport parameter.  An endpoint SHOULD NOT provide
-more connection IDs than the peer's limit.
+active_connection_id_limit transport parameter.  An endpoint MUST NOT provide
+more connection IDs than the peer's limit.  An endpoint that receives more
+connection IDs than its advertised active_connection_id_limit MUST close the
+connection with an error of type CONNECTION_ID_LIMIT_ERROR.

@huitema That doesn’t work well with Retire Prior To, since you still MUST retire that connection ID. So you need to track at least the sequence number of the CID.
It seems like you’re trying to build a way for a peer to (silently) revoke the limit it announced in its transport parameters. Building such a mechanism is possible (we’d need something like a MAX_CID frame), but we decided to not do this, mostly because we assumed that the number of requested connection IDs will be small (O(10)). If that argument still holds, I don’t think it’s too much to ask for to keep track of O(10) CID sequence numbers.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: