From nobody Mon Aug 10 17:44:30 2020
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by ietfa.amsl.com (Postfix) with ESMTP id 7D6B73A0E65
 for <quic-issues@ietfa.amsl.com>; Mon, 10 Aug 2020 17:44:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level: 
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5
 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1,
 RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001]
 autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
 header.d=github.com
Received: from mail.ietf.org ([4.31.198.44])
 by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id SQYzMkdW9iyl for <quic-issues@ietfa.amsl.com>;
 Mon, 10 Aug 2020 17:44:27 -0700 (PDT)
Received: from out-25.smtp.github.com (out-25.smtp.github.com [192.30.252.208])
 (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ietfa.amsl.com (Postfix) with ESMTPS id 5C2BA3A0E62
 for <quic-issues@ietf.org>; Mon, 10 Aug 2020 17:44:27 -0700 (PDT)
Received: from github-lowworker-c5134a3.ac4-iad.github.net
 (github-lowworker-c5134a3.ac4-iad.github.net [10.52.23.55])
 by smtp.github.com (Postfix) with ESMTP id 64357840064
 for <quic-issues@ietf.org>; Mon, 10 Aug 2020 17:44:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com;
 s=pf2014; t=1597106666;
 bh=w+2FTuAe118O2IOpVn2y2s4tS2uzPSXbTJsoDH6H0Zw=;
 h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID:
 List-Archive:List-Post:List-Unsubscribe:From;
 b=uTpU8CgztZqfwOh7PovRIxePTtnjOv25TRx60IY4mMAqGs//hoJwhBqaPTxV6HE9p
 K1LXsOK7R/KAISefQHtV9VTw+hfF3pIxJZr7hxTQVuGxw99nbquNtg+7PKeA+ang7D
 K8XjpGzvY5QpHyzhBexgRXmu/iT2a5GlvI+YEbb4=
Date: Mon, 10 Aug 2020 17:44:26 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts
 <reply+AFTOJK3FTCSEQ43VTW7HQRN5HXFOVEVBNHHCPHGA74@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3955/c671659801@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3955@github.com>
References: <quicwg/base-drafts/pull/3955@github.com>
Subject: Re: [quicwg/base-drafts] Clarify HTTP/2 setting parameter reservation
 (#3955)
Mime-Version: 1.0
Content-Type: multipart/alternative;
 boundary="--==_mimepart_5f31e9ea5458a_21e816f823613c";
 charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/pHTGCR8eKNJjFSABL3PxmdTTmrM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG
 <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>,
 <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>,
 <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2020 00:44:29 -0000


----==_mimepart_5f31e9ea5458a_21e816f823613c
Content-Type: text/plain;
 charset=UTF-8
Content-Transfer-Encoding: 7bit

I'm going to argue that frames also need to definitely come from a peer.  If SETTINGS definitely comes from an immediate peer, then transport-level intermediation is not valid.  That is, you forward (HTTP) frames blindly at your own risk.

That is, if you indicate in SETTINGS that you understand an extension and then blindly forward frames related to that extension, you are responsible for the effects.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3955#issuecomment-671659801
----==_mimepart_5f31e9ea5458a_21e816f823613c
Content-Type: text/html;
 charset=UTF-8
Content-Transfer-Encoding: 7bit

<p></p>
<p>I'm going to argue that frames also need to definitely come from a peer.  If SETTINGS definitely comes from an immediate peer, then transport-level intermediation is not valid.  That is, you forward (HTTP) frames blindly at your own risk.</p>
<p>That is, if you indicate in SETTINGS that you understand an extension and then blindly forward frames related to that extension, you are responsible for the effects.</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">&mdash;<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/quicwg/base-drafts/pull/3955#issuecomment-671659801">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AFTOJK4U7PCJAEYOC2QTUDTSACH6VANCNFSM4PF3NEMQ">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AFTOJK32WJFVPINMG7MXB43SACH6VA5CNFSM4PF3NEM2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOFAELOGI.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/quicwg/base-drafts/pull/3955#issuecomment-671659801",
"url": "https://github.com/quicwg/base-drafts/pull/3955#issuecomment-671659801",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>
----==_mimepart_5f31e9ea5458a_21e816f823613c--