Re: [quicwg/base-drafts] Proposal to make Version Negotiation more like Retry to punt VN to QUICv2 (#2313)

Martin Thomson <> Mon, 11 February 2019 03:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 33774130F16 for <>; Sun, 10 Feb 2019 19:08:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.001
X-Spam-Status: No, score=-8.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Mq9xkV_KCTCI for <>; Sun, 10 Feb 2019 19:08:07 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B52BC130EE6 for <>; Sun, 10 Feb 2019 19:08:07 -0800 (PST)
Date: Sun, 10 Feb 2019 19:08:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1549854486; bh=yqLlYY0VF6b/QPPsIaccog8pDm++z1H/He6Y8dQvwbc=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=hOzcgzZudkmxL+mPqnxbTOfn01PpfX7Qx1K1lykpEApIt7Cg0ixpyPjZzxdqci7+q ao1yC7baRZsAufwq0q4cMnoBiThVZfwVMw5tKxhICOrBRYreKj7Y6cAQDf+/n6LPBW TPwu/jA3y0OsjTydbIFCZPPRdTV38+6AjEaP2sjo=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2313/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Proposal to make Version Negotiation more like Retry to punt VN to QUICv2 (#2313)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c60e7165f43d_c183ffb6ccd45b820425c7"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 11 Feb 2019 03:08:10 -0000

martinthomson requested changes on this pull request.

This needs an addition to the security considerations explaining that version downgrade protection is not provided.  While you might just excise the text and say that this is obvious, having downgrade protection is an expectation of a secure protocol.  That this does not provide that is - as we believe - acceptable so long as this is the only version in existence, or the worst version in existence, but it is nonetheless a possible surprise.

> @@ -1143,40 +1125,30 @@ expectation that it will eventually receive an Initial packet.
 ## Handling Version Negotiation Packets {#handle-vn}
-When the client receives a Version Negotiation packet, it first checks that the
-Destination and Source Connection ID fields match the Source and Destination
-Connection ID fields in a packet that the client sent.  If this check fails, the
-packet MUST be discarded.
+How a client reacts to receiving a Version Negotiation packet is left as future
+work defined by future versions of QUIC.  Future versions of QUIC that define

This isn't right.  This version needs to define what to do.

I recommend having clients abandon a connection attempt in the absence of better advice.

-A client MUST NOT change the version it uses unless it is in response to a
-Version Negotiation packet from the server.  Once a client receives a packet
-from the server which is not a Version Negotiation packet, it MUST discard other
-Version Negotiation packets on the same connection.  Similarly, a client MUST
-ignore a Version Negotiation packet if it has already received and acted on a
-Version Negotiation packet.
+When a draft implementation receives a Version Negotiation packet, it MAY use
+it to attempt a new connection with one of the supported versions.

it to attempt a new connection with one of the versions listed in the packet.

> @@ -4010,14 +3903,6 @@ language from Section 3 of {{!TLS13=RFC8446}}.
    } TransportParameter;
    struct {
-      select (Handshake.msg_type) {
-         case client_hello:
-            QuicVersion initial_version;

You missed the definition of QuicVersion at the top of this block.

> @@ -4010,14 +3903,6 @@ language from Section 3 of {{!TLS13=RFC8446}}.
    } TransportParameter;
    struct {
-      select (Handshake.msg_type) {
-         case client_hello:
-            QuicVersion initial_version;
-         case encrypted_extensions:
-            QuicVersion negotiated_version;
-            QuicVersion supported_versions<4..2^8-4>;
-      };
       TransportParameter parameters<0..2^16-1>;
    } TransportParameters;

This can now be a straight typedef: `TransportParameter TransportParameters<0..2^16-1>;`

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: