Re: [quicwg/base-drafts] Allow server to enforce post-Retry packet numbering (#3989)

Marten Seemann <> Wed, 02 September 2020 03:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C49163A0AE1 for <>; Tue, 1 Sep 2020 20:40:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id OmyjjWwcxUk8 for <>; Tue, 1 Sep 2020 20:40:58 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C0CA43A0ADE for <>; Tue, 1 Sep 2020 20:40:58 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id CD3BDE0D11 for <>; Tue, 1 Sep 2020 20:40:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1599018057; bh=+GYAP7A5Yd3xNjqgLEJdtQIxJf3wPLfqfiiMgWuNZBA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=brW+7DFLpffX9ud1O2ckQADDtRpMb18yr3FaAMWPM5M6UYDGAXQvvv8wks2MyPaRw R2NM7B498N0okBZFl3aOpDJRBq6GbioXYS2Q+S6gjJeCVAgKugp400eUvgWVKT/72q bQwdkEx3rLxm4KVBEHLsSgE6mkTiXx5LLkNj+/wY=
Date: Tue, 01 Sep 2020 20:40:57 -0700
From: Marten Seemann <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3989/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Allow server to enforce post-Retry packet numbering (#3989)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f4f1449bdd22_161319642163a1"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 Sep 2020 03:41:00 -0000

In my opinion, instead of a piecemeal solution as suggested here, it would make more sense to add a general statement like the following:

> An endpoint MAY abort the connection if it detects that the peer violated a protocol requirement. An endpoint MAY ignore a packet that would otherwise cause it to abort the connection only if the packet contents are unauthenticated (that is, for Initial, Version Negotiation and Retry packets).

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: