Re: [quicwg/base-drafts] Recommend discarding bad, unauthentication packets (#2141)

Kazuho Oku <> Thu, 13 December 2018 07:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3742E126CC7 for <>; Wed, 12 Dec 2018 23:34:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -9.459
X-Spam-Status: No, score=-9.459 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dORFPklvlW_Q for <>; Wed, 12 Dec 2018 23:34:57 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0930F128D0C for <>; Wed, 12 Dec 2018 23:34:57 -0800 (PST)
Date: Wed, 12 Dec 2018 23:34:55 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1544686495; bh=rL0NgSZonxedNzL9sI7FI4CF4qdqsKjNRh6q6Pvxm5U=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=cGijIQIMxI8hujfoCyF+bM1K6nZf77yFTfDprMejg3SoCIWG/awYoM1+q1Ilz4SuD e3j+NvX4h4qUCY20eJseeU9ELzgPhwPCB4wI/ExQOfYVgox1WQ/aDI+N6cXRqqce+G zgKW1eVRtWcS3LHGHPK09pi4B1yHjE6OiL3e71C4=
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2141/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Recommend discarding bad, unauthentication packets (#2141)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c120b9fe55aa_18d63f80436d45b867974f"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 13 Dec 2018 07:34:59 -0000

kazuho commented on this pull request.

> @@ -1000,6 +1000,12 @@ to more quickly identify when a connection becomes unusable.
 Packets that are matched to an existing connection, but for which the endpoint
 cannot remove packet protection, are discarded.
+Invalid packets without packet protection, such as Initial, Retry, or Version
+Negotiation, SHOULD be discarded without altering connection state.  An endpoint

I tend to agree with @marten-seemann. I wonder if we might rather say MAY here (or "can"), because people might wonder what the anticipated behavior is, without the definition of what "invalid" means (does it mean a packet with a broken encoding? or does it mean a frame containing a semantically invalid frame; i.e. ACK containing a PN that was never used); and my understanding is that we do not want to define "invalid."

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: