Re: [quicwg/base-drafts] rate-limiting of CID issuance needs to be allowed (#2436)

MikkelFJ <> Fri, 08 February 2019 09:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BC62012F1A2 for <>; Fri, 8 Feb 2019 01:00:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id p7x3VmclkI2i for <>; Fri, 8 Feb 2019 01:00:07 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 512221288BD for <>; Fri, 8 Feb 2019 01:00:07 -0800 (PST)
Date: Fri, 08 Feb 2019 01:00:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1549616406; bh=Uv2pKQ6MxNa9e44Z+rML8hX7OcHz3NP91MnYdDQaxEQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=PRhvCww+7zJPPwl0M6c4dg016N81nL0t5ejHmarPPyvvEjM1sx2PX5I7v6k2R/l6h jhSuKg7PaukPA50vLiPptW/Zy+mSHLNafMU0S++lsA9z9dFjx1H7inFIYBgmeMH5do zQ1XZ8bJsrU4HxbmtOAV2u5b8JGkEwx0rCnGo1HM=
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2436/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] rate-limiting of CID issuance needs to be allowed (#2436)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c5d45166b159_43b3fedd12d45c0884c8"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 08 Feb 2019 09:00:09 -0000

Scary numbers, but what is the problem with potential early reuse?
Say a server has 10000 connections and 20000 active CID's, and 30000 CID's total because peer has an extra.

A new CID is issued, and an old is retired. In counter mode, the CID's are cycled and can already generate conflicts after truncation to 32-bits. These conflicts can be checked against the 30K CID table. If a CID's rotate fast enough, conflicts happen faster, but they won't happen on any currently recognised CID's by that instance.

This is just from a 5-minute speculation, I could clearly be missing something important. But I think it  is important to consider how conflicts are dealt with.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: