Re: [quicwg/base-drafts] Definition of "active connection ID" is misleading (or the name is) (#3200)

Kazuho Oku <notifications@github.com> Thu, 07 November 2019 02:38 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3A4512011B for <quic-issues@ietfa.amsl.com>; Wed, 6 Nov 2019 18:38:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Level:
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xTwzi798b8W8 for <quic-issues@ietfa.amsl.com>; Wed, 6 Nov 2019 18:38:56 -0800 (PST)
Received: from out-23.smtp.github.com (out-23.smtp.github.com [192.30.252.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFCDC12008F for <quic-issues@ietf.org>; Wed, 6 Nov 2019 18:38:56 -0800 (PST)
Received: from github-lowworker-c53a806.ac4-iad.github.net (github-lowworker-c53a806.ac4-iad.github.net [10.52.23.45]) by smtp.github.com (Postfix) with ESMTP id CF9A36607DC for <quic-issues@ietf.org>; Wed, 6 Nov 2019 18:38:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1573094335; bh=FvppjkXZ8HmLkEZD6OlDlTy1CD2cAWzBEK69uqVd7Nc=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=v6Fv99fM9FMk7x2HNZDKRhoLrkHKIyfDgWbolNUTFzLOWe+d0RBVWAsfs1HIeg3IV E8cMgbXe5uDhwUeOq41YJNb11MB53CU5t/SjN3mlwSf05ukb7O/gTV8pQJuVA7CloH AbQox17G5TuGUTlpDKfxniH76a3xXBtDLZPS8Hs0=
Date: Wed, 06 Nov 2019 18:38:55 -0800
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK77A5C4X4UO5BYHD4F32C3D7EVBNHHB53YOA4@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3200/550594170@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3200@github.com>
References: <quicwg/base-drafts/issues/3200@github.com>
Subject: Re: [quicwg/base-drafts] Definition of "active connection ID" is misleading (or the name is) (#3200)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dc383bfa789b_28fd3fd7ce2cd964436428"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ITU1wzH7URpHV1DH7WSZmWZx8CQ>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2019 02:38:59 -0000

FWIW, the alternative approach (that could better match people's intuition) would be to retain the definition of "active connection IDs" as _connection IDs that are issued and not retired are considered active_, and change the normative texts.

Actually, I think that might be a better choice, due to the following two reasons:
* Current text requires you to issue new CIDs under two conditions; i.e., when receiving a packet carrying a previously unused CID, or when receiving RETIRE_CID. We can get rid of the former.
* Current design has a potential DoS vector that could lead to memory exhaustion on the CID issuer. This is because the number of CIDs that the current text recommends an endpoint to retain is active_connection_id_limit + number_of_CIDs_in_use. The number of CIDs in use is something that the consumer of CIDs controls. Changing the number of CIDs to be retained to just the value of active_connection_id_limit eliminates that attack vector.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/3200#issuecomment-550594170