[quicwg/base-drafts] Tokens are repeated in Initial packets (#4047)

Martin Thomson <notifications@github.com> Tue, 25 August 2020 06:39 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 1ED193A053E for <quic-issues@ietfa.amsl.com>; Mon, 24 Aug 2020 23:39:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.2
X-Spam-Status: No, score=-1.2 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id czzOXdKAE378 for <quic-issues@ietfa.amsl.com>; Mon, 24 Aug 2020 23:39:57 -0700 (PDT)
Received: from out-17.smtp.github.com (out-17.smtp.github.com []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D38A03A048D for <quic-issues@ietf.org>; Mon, 24 Aug 2020 23:39:56 -0700 (PDT)
Received: from github-lowworker-9d2806a.ash1-iad.github.net (github-lowworker-9d2806a.ash1-iad.github.net []) by smtp.github.com (Postfix) with ESMTP id D13815C03D2 for <quic-issues@ietf.org>; Mon, 24 Aug 2020 23:39:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1598337595; bh=kwtqlyTokdl5XmDSE9nlt1LM68xQaaGxt8eXFJF/LNk=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=UJTvzYdbfCbXFPczVnsCF5Uz224HTec5nNDGMVdMpaVfjQ5zsJo+CWBXF3AD1gWoo ATINcGvU6OaoeRiChIwEgK9oraBDGGWs1h4dST1X7VdilEgwTEYfBrfHyrMYWhp0Yb Eyd9smuLMMghbAVwynTiGGm+SwwkRQ+jpMty9d+M=
Date: Mon, 24 Aug 2020 23:39:55 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK7QTDAVKWPNZDPVMX55KCJTXEVBNHHCRV473E@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/4047@github.com>
Subject: [quicwg/base-drafts] Tokens are repeated in Initial packets (#4047)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f44b23bc166d_370519641241f2"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ln5CovyJrpRdp4f1F2SV3joYDlU>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2020 06:39:58 -0000

This issue has a long and storied history.  We were originally of the view that only one packet needed to include a token (which you can see in the discussion of #1649).  However, the resolution of that issue in #1794 was very clear: every Initial packet needs to include a token.

That introduced a regression as it grouped the token with the connection ID, and we caught that in #1830.  However, the fix to that in #1929 reverted the token changes along with the connection ID changes.  Since then, this error has gone unnoticed.

Most people will have seen the stronger normative requirement [here](https://quicwg.org/base-drafts/draft-ietf-quic-transport.html#section-8.1.2-1):

> This token MUST be repeated by the client in all Initial packets it sends for that connection after it receives the Retry packet. 

To my knowledge, every implementation includes the token in every Initial packet, changing only when a Retry is received.  We should reconcile the text.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: