Re: [quicwg/base-drafts] Server should not accept 1-RTT traffic before handshake completion (#3159)

MikkelFJ <> Thu, 31 October 2019 13:47 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0602B120044 for <>; Thu, 31 Oct 2019 06:47:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.454
X-Spam-Status: No, score=-6.454 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PP953sHtxlBm for <>; Thu, 31 Oct 2019 06:47:33 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D56C6120043 for <>; Thu, 31 Oct 2019 06:47:32 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id CF8FE960C9E for <>; Thu, 31 Oct 2019 06:47:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1572529651; bh=Dd/iX+gJpV9JXPqHZDRP5mZbFqWXXzGF+nuLZRnvVJ8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=SnvxdramMGcFxPrvlYgq74q3uaup+6ElVUmsneyXFhfoEk3LtMgLdMtUwCjQgTkrr 9qVm6wyg9obokzz3ROkJbF6MtAgTjj1QFpt9JFIX39EYGQRtw8FeblEK3yApNCx/Ng FygKT/QD/ykkTvlczaK9ja60YQsEMYAJ0oMFfWQE=
Date: Thu, 31 Oct 2019 06:47:31 -0700
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3159/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Server should not accept 1-RTT traffic before handshake completion (#3159)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dbae5f3c126f_46413fe8cdecd95c235225f"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 31 Oct 2019 13:47:35 -0000

Sure, you can't ACK or process a packet before the key space is valid, but you can buffer them. There is not point in buffering garbage. Forcing keys to only be available after the key space is confirmed amounts to babysitting and there are plenty other things any endpoint can do wrong. Receiving an early ACK is ofcourse a protocol violation.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: