Re: [quicwg/base-drafts] Allow server to enforce port-Retry packet numbering (#3989)

Kazuho Oku <> Tue, 11 August 2020 01:08 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 365AC3A0E73 for <>; Mon, 10 Aug 2020 18:08:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id blzwnQ33A2wD for <>; Mon, 10 Aug 2020 18:08:56 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 181753A0E6C for <>; Mon, 10 Aug 2020 18:08:56 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 18B14900087 for <>; Mon, 10 Aug 2020 18:08:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1597108135; bh=+GH2UxzifTWVfCBm5J+2aFkgNJYR37enZqnoDxRKtBw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=iCInl/Zs0l00sxtXRkLYbkOq8iJQq4650zyoo61OYq1zAkYoGped9OvAtTz/kUtRl dPYMEBeo8rI5C9ZPGKQsY638MYC76MKMi5hCtqgIVDo7FZ+YtawY1gXzvmPO8K4nHP wCT1b9MG55TCom78qmEg8H4Th21TFXHQX5rz9EUI=
Date: Mon, 10 Aug 2020 18:08:55 -0700
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3989/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Allow server to enforce port-Retry packet numbering (#3989)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f31efa74d1f_3c1a16f874412d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Aug 2020 01:08:57 -0000

Aside from it not being trivial to enforce, I am not sure how much I like the idea of enforcing correctness for Initial packets. And that is because injection of Initial packets is the way for middleboxes to disrupt the connection.

IIRC, we have allowed endpoints to ignore suspicious Initial packets, and I tend to think that we do not need to suggest that an endpoint can (IMO needlessly) strict.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: