Re: [quicwg/base-drafts] Add Advice and Rules for CONN_CLOSE in Initial and Handshake (#1786)

martinduke <> Fri, 28 September 2018 21:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DF846129AB8 for <>; Fri, 28 Sep 2018 14:18:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EL0JHEkN5PmD for <>; Fri, 28 Sep 2018 14:18:30 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3810D127133 for <>; Fri, 28 Sep 2018 14:18:30 -0700 (PDT)
Date: Fri, 28 Sep 2018 14:18:29 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1538169509; bh=mOC6OYBCBIBMnALxT6xOhdEwXTZkoCMkkFVZoaJ17hg=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=holub3lydT2SzxAnZJT7rrJToUAtr7mh9nPUb1ISjGRascK2Gju9jCkCMiILkDJhC 7VgbrY0M+D8mmb02sI2wBhMGsfvXBiF0gixenVc/bOhRpxZhgekwCzYd7AjezgjrlW vFnwXX4cuztQpw8idd6Z/ALlC00dSBBylbgtVsgk=
From: martinduke <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/1786/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Add Advice and Rules for CONN_CLOSE in Initial and Handshake (#1786)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bae9aa57f881_5e7c3fdfd6cd45c4110539"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 28 Sep 2018 21:18:32 -0000

@ianswett Personally, I'm reluctant to cross the implicit ACK bridge. Messing with the ack and retransmission logic, at this point, could result in unforeseen consequences in the handshake. I would much rather restrict the weirdness to error cases in the just after the Initial phase, which is unlikely to be exercised often.

@kazuho I want to clarify an important distinction here. There is nothing we can do about injection attacks in the first 1.5 RTTs, and that is not the objection here. There is a further vulnerability, after handshake keys are employed, until we dispose of the keys. I am trying to close that hole without driving people to run their timers too short.

You may be right that people will do it anyway. But I'd like to spec to be consistent with best practice.

Do people think this is discussion is far enough along that they'd like to see a PR?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: