Re: [quicwg/base-drafts] Migration with zero-length CID is inadvisable (#3563)

David Schinazi <> Wed, 15 April 2020 03:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2BD4C3A1607 for <>; Tue, 14 Apr 2020 20:16:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.863
X-Spam-Status: No, score=-1.863 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.168, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id orMmkHIJefde for <>; Tue, 14 Apr 2020 20:16:51 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A2E523A0EA5 for <>; Tue, 14 Apr 2020 20:16:51 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 6DA0AC60481 for <>; Tue, 14 Apr 2020 20:16:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1586920610; bh=RtOgVLV2k/t/X7PkExbiupw5k5TcP4FWlTyKjGOYiNE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=txHyIO2ASsslXtDJ7IuYhdoIVs6jSx+rTQBDCchh28vSLNFgCXa5iSka0bc8S5rj7 S6yCp+o/k590RBqsRpl9mH81/1r34GLGy+8nmdeqQoMZ7ANmh6BnpMrpBzVEk+i+aw OlsordWYxajYL0Y1jADHsudPys30tRapXhd5Oga0=
Date: Tue, 14 Apr 2020 20:16:50 -0700
From: David Schinazi <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3563/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Migration with zero-length CID is inadvisable (#3563)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e967ca25ddd3_2d063faf5eccd95c12246d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: DavidSchinazi
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 15 Apr 2020 03:16:53 -0000

@DavidSchinazi commented on this pull request.

> @@ -2246,6 +2246,14 @@ that packet numbers cannot be used to correlate activity.  This does not prevent
 other properties of packets, such as timing and size, from being used to
 correlate activity.
+An endpoint SHOULD NOT initiate migration with a peer that uses a zero-length
+connection ID, for two reasons. First, if the peer routes incoming packets using

Here is a text proposal that addresses my concerns:

An endpoint SHOULD NOT initiate migration with a peer that uses a zero-length
connection ID, because traffic over the new path might be trivially linkable to
traffic over the old one. If the server is able to route packets with a
zero-length connection ID to the right connection, it means that the server is
using other information to demultiplex packets (for example, the server can
assign a unique destination address to the connection, by using the
preferred_address transport parameter; see {{preferred-address}}), and this
other information is not encrypted and can be used to link paths.

This provides the same normative guidance, but makes it clear to client implementors that the only motivation for this recommendation is linkability.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: