Re: [quicwg/base-drafts] Clarify the state a client stores with a token (#3150)

Nick Harper <> Fri, 25 October 2019 03:22 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 18E0612006A for <>; Thu, 24 Oct 2019 20:22:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.999
X-Spam-Status: No, score=-2.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Xbb1wRdcEt8C for <>; Thu, 24 Oct 2019 20:22:32 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0D0FA120110 for <>; Thu, 24 Oct 2019 20:22:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=rNWz+hp4QP2Mj3DskmYOhE/NNLw=; b=YdJhomyxOu40I++Q xJD/AQ5NRD447OD6fPNlVSnAsCxWrTX8r/0PvCCOAzIbHCKQolJW5dtEa2/7zNSg zmAqN+oQEW/pwROwt083mPAKCIGs8xOqa75sS15o8W5VkHFGxr9C2eInsfDRFHM9 zkHonSyN1lcxCPNGMKrpPTeCPsw=
Received: by with SMTP id filter2071p1mdw1-27500-5DB267DA-18 2019-10-25 03:11:22.5178188 +0000 UTC m=+616621.353039197
Received: from ( []) by (SG) with ESMTP id VsuP4BVuRHuewJutrgjUIw for <>; Fri, 25 Oct 2019 03:11:22.442 +0000 (UTC)
Date: Fri, 25 Oct 2019 03:11:22 +0000
From: Nick Harper <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3150/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Clarify the state a client stores with a token (#3150)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5db267d5cfc8_61233fdefc4cd96410948a"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: nharper
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3EohbUI9MFOXzC20TjdGjqlHV0aXkiJ50KwU ided0vnqxE0T07WMBmSxLxbT341+k5DmVBY8REGMxbyR5TqGnuSaHiuONoQoIeEntY+BrxhCwcsUpD wpMLa6jamT3sjpdyiyWYfQbI/EY2jFmile88Cz6MF77lzdUxlDWnjT9wvwhMofcjs8lGB4jlctfGap w=
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 25 Oct 2019 03:22:37 -0000

> If I handed out a session ticket for 0-RTT, but I wouldn't accept 0-RTT without a token, would it be reasonable for me to put additional information about 0-RTT in the token?

The token is used for deciding whether the server believes the packet it's receiving actually comes from the address it says it's coming from. I could believe a server might trust a client only if it's doing a 1-RTT handshake, but not trust it if it's doing a 0-RTT handshake, so might encode that bit in the token. I don't think the server should be putting more specific bits like "this is the NST that should be used" or "here are the SETTINGS from the previous connection" in the token.

If the server doesn't like a token it receives with a 0-RTT handshake, it can send a Retry packet but still continue with the 0-RTT crypto handshake (even though it's now 1-RTT from a transport perspective). I don't see the need for there to be fate sharing between accepting a token and accepting 0-RTT - a server can reject one without rejecting the other.

I've created #3152 to express the problem statement as an issue.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: