Re: [quicwg/base-drafts] Add note that middleboxes might change datagram boundaries (#3337)

Mike Bishop <> Tue, 14 January 2020 15:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D36B6120232 for <>; Tue, 14 Jan 2020 07:21:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id S6p36pX8h3KB for <>; Tue, 14 Jan 2020 07:21:30 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4FB7412022D for <>; Tue, 14 Jan 2020 07:21:30 -0800 (PST)
Date: Tue, 14 Jan 2020 07:21:29 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1579015289; bh=WtQbLKpDzmxqTgTGaOPQXKvlv6bxIf5va33M4Mhc9vM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=iN2NhDWcnZKoA/Lh90gpMv6r3+7ek7Hl6WOCoywtT1FzyB52cSyYLdWKS8BRIqf3H /07zwJjuDwIDkrk6z9zQ537hcOTCDSdUQkIZAP2ylyKhPgrx4uI+/AOb+paECAb7Hh onyzpwHzoLNRa7i3tULcBQXdUofoKlpt0wZvMLBA=
From: Mike Bishop <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3337/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Add note that middleboxes might change datagram boundaries (#3337)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e1ddc799b99d_54f13fd0ec4cd9641979e7"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 14 Jan 2020 15:21:36 -0000

MikeBishop approved this pull request.

+1 to Martin's suggestion that this go in the Security Considerations.

> @@ -3515,6 +3515,10 @@ A server MAY send a CONNECTION_CLOSE frame with error code PROTOCOL_VIOLATION in
 response to an Initial packet it receives from a client if the UDP datagram is
 smaller than 1200 bytes. It MUST NOT send any other frame type in response, or
 otherwise behave as if any part of the offending packet was processed as valid.
+Note that a middlebox might modify datagram boundaries when multiple QUIC
+packets have been coalesced into a single UDP datagram, causing the handshake to
+fail. This is considered a failure of the path to support datagrams of the size

I'm not sure this last sentence is entirely true, or necessary.  It looks to the client like its packets didn't get through, and there are many reasons that might happen (including path MTU); it looks to the server like the client is violating the protocol by sending undersized Initials.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: