Re: [quicwg/base-drafts] Describe a new version negotiation mechanism which allows for (#1755)

ianswett <> Thu, 27 September 2018 13:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 85F24130E98 for <>; Thu, 27 Sep 2018 06:28:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4jlAvWrhAE8d for <>; Thu, 27 Sep 2018 06:28:28 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E461D130E86 for <>; Thu, 27 Sep 2018 06:28:27 -0700 (PDT)
Date: Thu, 27 Sep 2018 06:28:25 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1538054907; bh=6C+tRJSYdZRijsTS38m1uepHwr0OA1WJjSUUib5IjpY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=DwmiQtbCVwbYEVJABzvnhldPhN+AQZiorC9imbMJaZA+g+tzlLpYQ8ANUrGK76/pA ORcFhn2DwErcQWDHk7Vp+Skb4K791AUOR4L3sZgIQpuUj0r2XwwPEM62dqj1RwpBsb wNCB4tEdf84bvcB1ixbG67GSoBRt73iB3zfYwmhY=
From: ianswett <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/1755/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Describe a new version negotiation mechanism which allows for (#1755)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bacdaf98dda6_5f993fb6d32d45b41064fa"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 27 Sep 2018 13:28:30 -0000

Kazuho, I think this approach only works if the server supports both the version the client tries intitially and another version the client offers.

The client can choose to only offer alternate versions it prefers, but does not know if the server supports.  I believe that mitigates the downgrade attack?  If the client tries v1 and the server only supports v0, the server is going to have to send a VN anyway I think?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: