Re: [quicwg/base-drafts] Allow connections to share a port by adding restrictions on zero-length connection IDs (#2851)

Igor Lubashev <notifications@github.com> Tue, 23 July 2019 20:03 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29EB81203C2 for <quic-issues@ietfa.amsl.com>; Tue, 23 Jul 2019 13:03:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Level:
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EYVoUNURf2Ve for <quic-issues@ietfa.amsl.com>; Tue, 23 Jul 2019 13:03:47 -0700 (PDT)
Received: from out-12.smtp.github.com (out-12.smtp.github.com [192.30.254.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 261E112036D for <quic-issues@ietf.org>; Tue, 23 Jul 2019 13:03:47 -0700 (PDT)
Date: Tue, 23 Jul 2019 13:03:46 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1563912226; bh=RXykwHi0oTooQ6fWRbVGcJnQ0P9gzw2E2BYKoP9ZDcs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=p9pMPjJFreaEHKd9+ZU4rRl2mPYxtgqDQBopja0iX4Ow2ZfsR8SnzufUZ0YQSeS19 WPd9l9LRf/Q/at2qH+mFmv4QN/sdDtJfoFOWsF7OV/G6PgfNxt3JKM+7wwuYupYwzL F59c+Tpl5mLsCtVrCmEr4hZbkzXtYpQInnkQq+u0=
From: Igor Lubashev <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKZPLGQBZCAMSD2YUY53ISNKFEVBNHHBW7JPKY@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2851/review/265644909@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2851@github.com>
References: <quicwg/base-drafts/pull/2851@github.com>
Subject: Re: [quicwg/base-drafts] Allow connections to share a port by adding restrictions on zero-length connection IDs (#2851)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d37682254aa9_51893fbf104cd95c577677"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: igorlord
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/T1I0M2SxDwiW-cK6fSsrRbKonHM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2019 20:03:49 -0000

igorlord commented on this pull request.



> -connection. An endpoint whose peer has selected a zero-length connection ID MUST
-continue to use a zero-length connection ID for the lifetime of the connection
-and MUST NOT send packets from any other local address.
+A zero-length connection ID can be used when a connection ID is not needed
+to route to the correct endpoint. An endpoint SHOULD NOT use a zero-length
+connection ID unless it can use only its IP address and port to identify a
+connection. The IP address and port used by a peer cannot be used for routing
+or connection identification as these values can change during a connection's
+lifetime, and the peer can reuse a given address and port for additional
+connections. Similarly, the peer's connection IDs cannot be used for routing
+or identification, as they are not transmitted in the short header packets
+they send. Note that multiplexing while using zero-length connection IDs and
+relying on the four-tuple of IP addresses and ports for routing will cause
+failures in the presence of connection migration, NAT rebinding, and client
+port reuse; and therefore MUST NOT be done unless an endpoint is certain that
+those protocol features are not in use.

Yes, editorial, but what about just this -- it captures to normative meaning without being redundant with other parts of the spec.

_A zero-length connection ID can be used when a connection ID is not needed to route to the correct endpoint. Since relying on the IP address and port of the peer for routing or connection identification will cause failures in the presence of connection migration, NAT rebinding, and client port reuse for multiple connections, an endpoint MUST NOT do so unless it is certain that those protocol features are not used by the peer._

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2851#discussion_r306507445