IETF Logo Mail Archive

Re: [quicwg/base-drafts] allow dropping of Initial packets with invalid reserved bits (#2053)

Martin Thomson <notifications@github.com> Fri, 30 November 2018 04:08 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 757A11200B3 for <quic-issues@ietfa.amsl.com>; Thu, 29 Nov 2018 20:08:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0gjWHXAORBOm for <quic-issues@ietfa.amsl.com>; Thu, 29 Nov 2018 20:08:02 -0800 (PST)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0B1F124C04 for <quic-issues@ietf.org>; Thu, 29 Nov 2018 20:08:01 -0800 (PST)
Date: Thu, 29 Nov 2018 20:08:01 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1543550881; bh=jTkehr6iIvU7LiFjlPVNEYTOE1qA6uN3XBkcSp2el50=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1FpYJaQeUzupp1yHvjjWwi6Hx2h6oAPqgy5VUz1KzayN9hVCF3UJK56IYOSgpsCJj Llo8wKdScXcpFsKvNzNye0T22aE3PZQete67EnvyuzwJHJhkhtjPwnUCwO/whpgnU2 2DK2H384mRj+rWBG/z+DVNUw5OKng2RESiKOKi+c=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abc2b1536e4a1e6231152f05ec4dd674bdf975f69b92cf00000001181879a192a169ce16e78b2d@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2053/review/180115931@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2053@github.com>
References: <quicwg/base-drafts/pull/2053@github.com>
Subject: Re: [quicwg/base-drafts] allow dropping of Initial packets with invalid reserved bits (#2053)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c00b7a127b6b_4e443f80c76d45c08808b9"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/KFVgE5uPesUFKZstUQ4koJe0kCw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Nov 2018 04:08:03 -0000

martinthomson commented on this pull request.



> @@ -3278,9 +3278,10 @@ Reserved Bits (R):
 
 : The next two bits (those with a mask of 0x0c) of byte 0 are reserved.  These
   bits are protected using header protection (see Section 5.4 of {{QUIC-TLS}}).
-  The value included prior to protection MUST be set to 0.  An endpoint MUST
-  treat receipt of a packet that has a non-zero value for these bits after
-  removing protection as a connection error of type PROTOCOL_VIOLATION.
+  The value included prior to protection MUST be set to 0.  For Handshake and
+  0-RTT packets and endpoint MUST treat a non-zero value after removing
+  protection as a connection error of type PROTOCOL_VIOLATION. For Initial
+  packets, and endpoint MAY instead choose to drop the packet.

In the end, this might be simpler.  You can ignore the content of Initial packets entirely, with the exception of ACK, which you only use to drive retransmission of your own Initial packets.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2053#discussion_r237741634

v2.23.0 | Report a Bug | By Email