IETF Logo Mail Archive

Re: [quicwg/base-drafts] Add sequence number to NCID frame (#1821)

Mike Bishop <notifications@github.com> Tue, 02 October 2018 18:01 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E0FF131041 for <quic-issues@ietfa.amsl.com>; Tue, 2 Oct 2018 11:01:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.456
X-Spam-Level:
X-Spam-Status: No, score=-8.456 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.456, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I1hjI02jb6vJ for <quic-issues@ietfa.amsl.com>; Tue, 2 Oct 2018 11:01:06 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86525130EAA for <quic-issues@ietf.org>; Tue, 2 Oct 2018 11:01:05 -0700 (PDT)
Date: Tue, 02 Oct 2018 11:01:04 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1538503264; bh=3u+1c6a96QaLXKaXOaHwBakSEDusbxXc5abzRE4X7WI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=NCqKYVN9drV79vwP1txFg/ECeBQCsXlF47e5i7aK8Ts9yUYfyYFcbEIiVC2wm4UNO /PIJ4mFHiB7wkHGWEmuPITcvYI8Q9tdYYsqSphq464gWIoj1UaGk+7tRRERU54Gdzf ljE2vq98XVyEkj7hONZU9qSbnt/LMA7sddHLgfLc=
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abe525b1a30925a8ec1294bcbde53b318c46a080bb92cf0000000117cb746092a169ce15d05805@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1821/review/160848192@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1821@github.com>
References: <quicwg/base-drafts/pull/1821@github.com>
Subject: Re: [quicwg/base-drafts] Add sequence number to NCID frame (#1821)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bb3b260da2fe_5aac3ffd8aed45b451507d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/J3yhxyAgOzQnRcAwTZs2I4Dpcjc>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Oct 2018 18:01:10 -0000

MikeBishop requested changes on this pull request.

We either need a requirement that each CID be unique for the lifetime of a connection (potentially difficult to guarantee unless you're encrypting a payload with a counter inside), or we need sequence numbers in RETIRE as well.  Otherwise, it's possible for a delayed RETIRE to retire the wrong instance of a duplicate.  (My inclination is actually "both," but at a minimum we need one or the other.)

I recognize the problem of missing sequence numbers, but it's easy enough to say that the CID from the handshake is CID 0 and the sequence number from the SPA is CID 1 if present.  At that point, everything has a sequence number and we could save some bytes on RETIRE.

> @@ -3285,8 +3292,10 @@ zero-length Destination Connection ID MUST treat receipt of a NEW_CONNECTION_ID
 frame as a connection error of type PROTOCOL_VIOLATION.
 
 Transmission errors, timeouts and retransmissions might cause the same
-NEW_CONNECTION_ID frame to be received multiple times. Receipt of the same
-frame multiple times MUST NOT be treated as a connection error.
+NEW_CONNECTION_ID frame to be received multiple times.  Receipt of the same
+frame multiple times MUST NOT be treated as a connection error.  A receiver can
+use the sequence number supplied in the NEW_CONNECTION_ID frame to identify new
+connection IDs from old ones.

For the first, I think we need to require the sender to always increase by one.  That way, the receiver could assume they're in flight.  That's one argument for putting the sequence number on RETIRE, since you could preemptively retire CIDs that are in-flight but not yet received.  Otherwise, you wind up with gaps which the issuer could choose to fill at any time, and the recipient has to keep track of the sparse set of retired/available IDs.

For the second, I don't think it would be unreasonable to abort the connection if it still remembers what CID was with that sequence number, but we shouldn't require that behavior because it might have been forgotten.  Just drop based on the sequence number if it's a repeat.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1821#pullrequestreview-160848192

v2.35.0 | Report a Bug | By Email | System Status