IETF Logo Mail Archive

Re: [quicwg/base-drafts] Stream0 dt output for merge (#1450)

ekr <notifications@github.com> Thu, 21 June 2018 14:17 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A199130E88 for <quic-issues@ietfa.amsl.com>; Thu, 21 Jun 2018 07:17:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Level:
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uso9NhCG5tBh for <quic-issues@ietfa.amsl.com>; Thu, 21 Jun 2018 07:17:45 -0700 (PDT)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6D7B1130E77 for <quic-issues@ietf.org>; Thu, 21 Jun 2018 07:17:45 -0700 (PDT)
Date: Thu, 21 Jun 2018 07:17:43 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1529590663; bh=ljJioyaiG9tLL+AIycUk9d2jw7m+12u9BxxTdY+UvGY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=gwI2/aXi0X/EymKKWJv23+rO1bG7/JA2pLTE/Bu0tlVjTCYvIdc3kpP6A7TxahObQ tNrApPm4BbV/8eZQR3QAm1AWZWWt7FdxpPoKINyNm1Ec2zxKUWd2fpjgQkUco8wbrW Py8XS+ioozTD81BXsGlQhG/ITykasjFnmAo7aagY=
From: ekr <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abebb1a60469ccdf83d8aa3746b157e9ed709fdedb92cf000000011743758792a169ce13d67a11@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1450/review/130837014@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1450@github.com>
References: <quicwg/base-drafts/pull/1450@github.com>
Subject: Re: [quicwg/base-drafts] Stream0 dt output for merge (#1450)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b2bb3876c530_6a672acb09b0af50434b4"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ekr
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/YOhw5uC_YgOZ2I7YDsgk3GDkzGU>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 14:17:47 -0000

ekr commented on this pull request.



> +been delivered to QUIC, it is QUIC's responsibility to deliver it
+reliably. Each chunk of data is associated with the then-current TLS
+sending keys, and if QUIC needs to retransmit that data, it MUST use
+the same keys even if TLS has already updated to newer keys.
+
+One important difference between TLS 1.3 records (used with TCP)
+and QUIC CRYPTO_HS frames is that in QUIC multiple frames may appear
+in the same QUIC packet as long as they are associated with the
+same encryption level. For instance, an implementation might
+bundle a Handshake message and an ACK for some Handshake
+data into the same packet.
+
+In general, the rules for which data can appear in packets of which
+encryption level are the same in QUIC as in TLS over TCP:
+
+- CRYPTO_HS frames MAY appear in packets of any encryption level.

@huitema: I don't understand what you are asking here, because those are different data namespaces.

So, for instance, SH will be sent with Handshake[Offset=0], and NST will be sent with Application[Offset=0]. They don't interact with each other.

The case that is an error is when data comes in at a given encryption level after the TLS state machine has moved on. For instance, if the server sends Handshake: [Offset=X, SFIN], Handshake: [Offset=X + len(SFIN), <something>]. This isn't valid because the TLS handshake is now reading at Application. As Kazuho says, this should generate an error, and the text requires that:

```
- If the packet is from a previously installed encryption level, it
  MUST not contain data which extends past the end of previously
  received data in that flow. Implementations MUST treat any
  violations of this requirement as a connection error of type
  PROTOCOL_VIOLATION.
```







-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1450#discussion_r197150080

v2.23.0 | Report a Bug | By Email