Re: [quicwg/base-drafts] Speed handshake recovery when only undecryptable packets arrive (#1414)
Marten Seemann <notifications@github.com> Sat, 03 November 2018 07:13 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D9F8124BE5 for <quic-issues@ietfa.amsl.com>; Sat, 3 Nov 2018 00:13:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YQyTbRT7c-DP for <quic-issues@ietfa.amsl.com>; Sat, 3 Nov 2018 00:13:50 -0700 (PDT)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0F38129385 for <quic-issues@ietf.org>; Sat, 3 Nov 2018 00:13:48 -0700 (PDT)
Date: Sat, 03 Nov 2018 00:13:47 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1541229227; bh=dAmoAMiNl+0PoNT6V0LSp2hwIDd3rn0JxJ9PIfQLXjQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=X446IDMikfpp6xFjrPhjddto5BOKYPUQ4bNFADMzu2jRQUjCe2z1lf/DL/oeddGRF bI+1xl00rAfasm69JjYqS5BRBo35RUtteteHlUbwzJFPmhP1DU6nifAdcDQnN6j4v0 n+SH9eQKnZT16c/q/B9ShmsmC8zcR2zdQY6dlTyM=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab31c9c3dc42d646e0e4c945b516ec0eed751e874b92cf0000000117f50cab92a169ce13a1be5e@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1414/435566489@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1414@github.com>
References: <quicwg/base-drafts/issues/1414@github.com>
Subject: Re: [quicwg/base-drafts] Speed handshake recovery when only undecryptable packets arrive (#1414)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bdd4aabc4e43_7c243fbf43cd45b425406e"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/bBUAQGBKrYMMkEXWUqBw8H_GBqw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Nov 2018 07:13:53 -0000
There's another case where this is occurs. Consider a server that has a really big cert. It first sends its Server Hello (which is lost), and then begins sending the certificate in Handshake packets (until it is blocked by the 3x limit). The client can't decrypt the Handshake packets, so at some point it will retransmit the Client Hello. When receiving the second Client Hello, the server has no way to distinguish between the case described above (1.) , and the case where the RTT is so long that the client retransmits the Client Hello before any of the server's packets arrive (2.). For 1., the server would want to retransmit the ServerHello. For 2. the server could use the additional bytes received to increase the 3x limit and continue sending the certificate. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1414#issuecomment-435566489
- Re: [quicwg/base-drafts] Speed handshake recovery… Martin Thomson
- [quicwg/base-drafts] Speed handshake recovery whe… ianswett
- Re: [quicwg/base-drafts] Speed handshake recovery… Marten Seemann
- Re: [quicwg/base-drafts] Speed handshake recovery… Mark Nottingham