Re: [quicwg/base-drafts] Stronger migration handshake (#2370)

Kazuho Oku <> Mon, 28 January 2019 03:19 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DD67E130F09 for <>; Sun, 27 Jan 2019 19:19:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -12.553
X-Spam-Status: No, score=-12.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id gVgKeFXsaTfV for <>; Sun, 27 Jan 2019 19:19:32 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CB734130F32 for <>; Sun, 27 Jan 2019 19:19:31 -0800 (PST)
Date: Sun, 27 Jan 2019 19:19:31 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1548645571; bh=tfbxY+jY9NinP6FC2C8H6j8HsLUEHvzCQFKIn4o5bbw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=OKPhN3vx0A/QWKJUsRbgSDYi/N1E6YWKVu5YDMo5YIK7AQE48m0k51fge1VkYluyY 4SMFYYFj5odQPF/io7uAtPlLIaIRsajltJPS6CrOgxWMt8mlEMZSz0qz256+4QJ5mf v1yHSVBUJ9Qanb5psxWyeRa/eFhqZJefjPotgO9k=
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2370/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Stronger migration handshake (#2370)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c4e74c325e0b_6ca23f99eb6d45c494075"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 28 Jan 2019 03:19:34 -0000

kazuho commented on this pull request.

>  endpoints retaining a stable address for the duration of the handshake.
+An endpoint MUST NOT initiate connection migration before the handshake is
+finished for it and its peer and the endpoint has 1-RTT keys. This means
+that the server MUST NOT initiate connection migration before it has
+received at least one 1-RTT data from the client, and the client 
+MUST NOT initiate connection migration before receiving 
+acknowledgement by the server of at least one of its
+1-RTT messages.

> I really don't like the CRYPTO frames reference. There is no FIN mark on the crypto stream, and the QUIC engine proper does not know when "all crypto frames" have been received.  I was careful to use signals that the transport stack understand: obtaining keys, receiving packets, etc.

I am not sure if I agree with the observation. The requirement (i.e. "has both received and acknowledged all CRYPTO frames for that encryption level and when all CRYPTO frames for that encryption level have been acknowledged by its peer") can be implement as checking that 1-RTT read key is available and that the send buffer of CRYPTO frames in Handshake epoch is empty.

Anyways, I think using different events for starting the handshake key drop timer and permitting migration is an unnecessary complexity.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: