Re: [quicwg/base-drafts] Limit RCID state (#3547)

martinduke <notifications@github.com> Fri, 27 March 2020 00:12 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C2CC03A079C for <quic-issues@ietfa.amsl.com>; Thu, 26 Mar 2020 17:12:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.696
X-Spam-Level:
X-Spam-Status: No, score=-1.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id it0zLFztjAxD for <quic-issues@ietfa.amsl.com>; Thu, 26 Mar 2020 17:12:56 -0700 (PDT)
Received: from out-20.smtp.github.com (out-20.smtp.github.com [192.30.252.203]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1207E3A0CAA for <quic-issues@ietf.org>; Thu, 26 Mar 2020 17:12:56 -0700 (PDT)
Date: Thu, 26 Mar 2020 17:12:55 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1585267975; bh=EZLJau+NT6ngiKQqN/gd9vtNoWNYVZUkOfM2ix5WbsU=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=KMbzHfRu0aRjVLwa2NAGXpRDb8RZfSqhJWgFjKUml3mxK8s4cmppcXpPg88mxSC4B rr1JE2AIoKCE3mdE1qyXPySKyPvGQqRdAOuJinjareJcDPO6tY2eHi0QGMd9nUkWaU QCO1kbrizYPXXSiI+Tkafay8E0yWGF2mz+jPnZr0=
From: martinduke <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK65ZQZKVOD7C3H4RKN4RETAPEVBNHHCGFYIAU@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3547/review/382503751@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3547@github.com>
References: <quicwg/base-drafts/pull/3547@github.com>
Subject: Re: [quicwg/base-drafts] Limit RCID state (#3547)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e7d45073e136_48403fe7e4ecd9641395f3"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/KlDkdsmCY2gDbiprrjZLZz_jQcw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2020 00:12:58 -0000

@martinduke commented on this pull request.



> @@ -1069,6 +1069,18 @@ to cease using the connection IDs when requested can result in connection
 failures, as the issuing endpoint might be unable to continue using the
 connection IDs with the active connection.
 
+An endpoint MAY elect to only send or retransmit RETIRE_CONNECTION_ID frames
+with sequence numbers greater than or equal to the highest Retire Prior To field
+received minus its advertised active_connection_id_limit. This bounds the

I guess we're going to have this discussion in two places, but I'm not sure the non-RPT case is a valid threat model.

I am a little concerned with your formulation that the endpoint could make bad choices about which RCIDs it decides to stick with. For example, we might never increase RPT and for some reason have a low sequence number that sticks around and is still being used. The server really better actually send the RCID.

I'm happy to haggle about the exact threshold, but my formulation frees the endpoint of all the state only when the client is doing something legal but silly.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3547#discussion_r398965329