Re: [quicwg/base-drafts] 5-tuple routing and SPA (#3608)

Mike Bishop <> Tue, 05 May 2020 17:54 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E33C03A0B2B for <>; Tue, 5 May 2020 10:54:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.48
X-Spam-Status: No, score=-1.48 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QjrNywruPu4B for <>; Tue, 5 May 2020 10:54:12 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3CB953A0B0A for <>; Tue, 5 May 2020 10:54:12 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E8EEF6E007C for <>; Tue, 5 May 2020 10:54:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1588701249; bh=RewDh+EoddIKw7FUtU4TUWnI6iUWaoDdOsU4lrlOoAs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=rHz2y+rFkKnAkeTbxGTfkoF25EDYXl4EE+CzoLy4ee+00HfuefwcqbHqc6w6e9VZm a7aBExPqY3UYCfVa5Suskd4/iYItUTTKc2kt1AWMr41TaCzBJIDzMQAO35PU8KwCt4 fL7aNP1etHR45314XYs70VM9Z8Un7UO/eRINBo34=
Date: Tue, 05 May 2020 10:54:09 -0700
From: Mike Bishop <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3608/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] 5-tuple routing and SPA (#3608)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5eb1a841d9f48_45a83f84d7ccd9683882b6"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 05 May 2020 17:54:15 -0000

> There is a mechanism to disable migration on the SPA, which is don't give out any more CIDs once they migrate.

Which, again, not only disables migration, it disables the ability to rotate CIDs.  That's not something we want servers to be doing.

@kazuho's argument is convincing that it's improbable for something which supports SPA to not be able to uniquely identify connections (whether by CID or because the SPA endpoint is unique).  Therefore, I'd support scoping disable_active_migration to the handshake address, and defer the ability to disable it on the SPA to an extension.

Loosening this definition doesn't make any current clients break, so I suspect it's bearable despite the schedule.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: