Re: [quicwg/base-drafts] Describe a new version negotiation mechanism which allows for (#1755)

Martin Thomson <> Fri, 28 September 2018 18:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 15750130E81 for <>; Fri, 28 Sep 2018 11:15:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.456
X-Spam-Status: No, score=-8.456 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.456, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QyQe27c4b_yq for <>; Fri, 28 Sep 2018 11:15:32 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C3D16130E7F for <>; Fri, 28 Sep 2018 11:15:31 -0700 (PDT)
Date: Fri, 28 Sep 2018 11:15:30 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1538158530; bh=dzXowrswg2+v8/tG8Y3MDXQoNY8g6HpRRr38rP31RZE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=2PqmvCYmIv5MEn07EurIYfuXSLoIGMhmPsm7bPNmL1CCj0kHQFxDlEQ/vjZ0z3z/M LL8Cx25Ugjoy0i8Zc5f1YAIzJ2xdkl4I/rGtpRTAlS5644/PhPQCK4XMhzJsOKQzLd TDsAWm6s985mlD37dwi/ZhQI+nyn4TifRbETKI6Y=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/1755/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Describe a new version negotiation mechanism which allows for (#1755)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bae6fc276186_6be33f9343ed45c0643fa"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 28 Sep 2018 18:15:42 -0000

> If we want to let the server select the version, I think that we should require the client to send it's original version number using TP so that the server can determine if there was a downgrade attack.

This does.  The client lists all its supported versions.  We can - as is customary - insist that the client puts its preferences first.  But a consequence of this design is that the server ultimately decides which version is used.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: