Re: [quicwg/base-drafts] Authenticating connection IDs (#3439)

martinduke <> Fri, 06 March 2020 18:44 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7175D3A040A for <>; Fri, 6 Mar 2020 10:44:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.554
X-Spam-Status: No, score=-1.554 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id H3YY9SLxaeys for <>; Fri, 6 Mar 2020 10:44:34 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 411823A0407 for <>; Fri, 6 Mar 2020 10:44:34 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 7150526171A for <>; Fri, 6 Mar 2020 10:44:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1583520273; bh=qKDDaNnBrNbKIHed9fzSnT7MTuTeSgyw/D1kB6TYiQE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=esGEQ/svN5tEE0i1VkdBm8lozO2Drbmam/hMmFBdW0gfxrtzyX++fSEhKlTvZF0nh w+OSCUXOqJW/iUZjxDNm+ffS/aU6geHh4iqE1pxjbHhmxcGYENVDD1XcfVKpxT0Z/A aBBjmgc9p24vDv0PkqS7Z86Xjem6xAy/XI6fg9+c=
Date: Fri, 06 Mar 2020 10:44:33 -0800
From: martinduke <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3439/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Authenticating connection IDs (#3439)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e629a112aa83_3f713fc6270cd96060848"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Mar 2020 18:44:36 -0000

I am still wondering why "servers MUST propose a new connection ID in the server Initial if they are going to include an ODCID TP" is insufficient.

I believe it solves the Retry case and doesn't create problems for Google. If the MITM is rewriting SCID on server Initials, doesn't this break the connection anyway?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: