[quicwg/base-drafts] Anti-deadlock PTO is spuriously set during 1-RTT (#3502)

Benjamin Saunders <notifications@github.com> Fri, 06 March 2020 04:11 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9250D3A12DD for <quic-issues@ietfa.amsl.com>; Thu, 5 Mar 2020 20:11:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.695
X-Spam-Level:
X-Spam-Status: No, score=-1.695 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nm2VVc6pZAOS for <quic-issues@ietfa.amsl.com>; Thu, 5 Mar 2020 20:11:06 -0800 (PST)
Received: from out-25.smtp.github.com (out-25.smtp.github.com [192.30.252.208]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A72A93A12DC for <quic-issues@ietf.org>; Thu, 5 Mar 2020 20:11:06 -0800 (PST)
Received: from github-lowworker-a6a2749.va3-iad.github.net (github-lowworker-a6a2749.va3-iad.github.net [10.48.16.62]) by smtp.github.com (Postfix) with ESMTP id D19922819F1 for <quic-issues@ietf.org>; Thu, 5 Mar 2020 20:11:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1583467865; bh=fSsRKZ91wykUY9bVY/L5+yVeQvAksDmmdupw665GPq4=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=X8bhpZpN09uaTW6Qcq7ThhhfjRN9E2vMJP7Y1zKWmYPbzdo2OzRE8pviV1mK1vgUC +qQVZKR64Ha0fjQUDE0QjPYYpws7ElqHtA/qDmcgMhG+JxVRXQaOTaWzkK3pQhfdGY AVCaHgOqijhXsYXqQm6X6TabY1UWb01qQ3vEbTrs=
Date: Thu, 05 Mar 2020 20:11:05 -0800
From: Benjamin Saunders <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK7LOGDAXXLSYYMQBL54NWXFTEVBNHHCEX4GHM@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3502@github.com>
Subject: [quicwg/base-drafts] Anti-deadlock PTO is spuriously set during 1-RTT (#3502)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e61cd59c1bc3_3fe13f9644ccd96c14607a"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: Ralith
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/Qd4SsYL1ZvdYqbg6ni_ubeR9oe4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2020 04:11:09 -0000

The recovery draft [states](https://quicwg.org/base-drafts/draft-ietf-quic-recovery.html#section-5.3-4):

> the client MUST set the probe timer if the client has not received an acknowledgement for one of its Handshake or 1-RTT packets.

This is consistent with the pseudocode, in particular `PeerNotAwaitingAddressValidation`.

When the server receives the client's final handshake flight, it discards handshake keys and hence cannot acknowledge it. When the client receives the resulting `HANDSHAKE_DONE`, the handshake is confirmed, but no Handshake or 1-RTT acknowledgements have necessarily been received. This results in a PTO being set even though the client's address has certainly been verified and there are no ack-eliciting packets in flight. As written, the pseudocode would in fact set a PTO for the Initial space at a garbage time.

I think this could be corrected by appending "and has not discarded handshake keys" or "and has not confirmed the handshake" to the language, and adding the analogous clause to the conditions checked in the final statement of `PeerNotAwaitingAddressValidation`.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/3502