Re: [quicwg/base-drafts] Lift single-packet ClientHello requirement? (#2928)

David Benjamin <> Tue, 23 July 2019 19:42 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3E1831208E4 for <>; Tue, 23 Jul 2019 12:42:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.998
X-Spam-Status: No, score=-7.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wThpqo5XeQHZ for <>; Tue, 23 Jul 2019 12:42:15 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 504671208DC for <>; Tue, 23 Jul 2019 12:42:15 -0700 (PDT)
Date: Tue, 23 Jul 2019 12:42:14 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1563910934; bh=RqxH7hXD18BEZjomkZKrEXHVv7+5J+cD+eyfdNvThEI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=mr5/JBsFEXJRAln15SIm1pxnL+JhwW0lYW3NxnPHP1TTFLPvussfhEHnY4/mUmrDB RNZx4AijHz1p1o0LFK6YJC3YXaXLL47tqIRe9Go4LEmiDV++MUn3qcxjKQ1dhSwmzo VO1q6zH4JeYQb4iAmVUC/QpMVYbYt4ZUeQiNtfTU=
From: David Benjamin <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2928/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Lift single-packet ClientHello requirement? (#2928)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d37631661166_6393f9246ecd96c298325"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: davidben
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 23 Jul 2019 19:42:17 -0000

> I believe there was a concern about state at the server for connections that have not yet been established, if it receives only part of a ClientHello

Could you elaborate on this? There are other client messages than the initial ClientHello, which would all require state at the server for unestablished connections. There is certainly a need to statelessly do _something_ with unestablished connections, but there's a point where the server transitions to being stateful.

In the old TLS/QUIC embedding, yes, that point was at the first ClientHello and you needed the entire ClientHello to produce a HelloRetryRequest+cookie, which was the mechanism for statelessly bouncing a connection. That's no longer the case in the new embedding, as far as I can tell. The retry packets don't actually depend on the full ClientHello or interact with the TLS handshake at all. It should work equally well if that initial packet has a full ClientHello or half of one.

> As to post quantum, lets make another QUIC version in about 30-60 years or so.

This time estimate is not consistent with what people are already doing in this space.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: