Re: [quicwg/base-drafts] Authenticate connection IDs (#3499)

[David Schinazi <notifications@github.com>]

@DavidSchinazi commented on this pull request.

@ekr's review prompted me to look at this closer, and I think we should resolve these discrepancies before merging.

> @@ -4609,10 +4662,9 @@ The following transport parameters are defined:
 original_connection_id (0x00):
 
 : The value of the Destination Connection ID field from the first Initial packet
-  sent by the client.  This transport parameter is only sent by a server.  This
-  is the same value sent in the "Original Destination Connection ID" field of a
-  Retry packet (see {{packet-retry}}).  A server MUST include the
-  original_connection_id transport parameter if it sent a Retry packet.
+  sent by the client; see {{cid-auth}}.  This transport parameter is only sent
+  by a server.  The value of this parameter depends on whether the server

I don't understand the sentence "The value of this parameter depends on whether the server sent a Retry packet". From reading the rest of this PR it sounds like this TP has the same value no matter what happened with RETRY. Am I missing something?

> @@ -4786,17 +4838,28 @@ active_connection_id_limit (0x0e):
   When a zero-length connection ID is being used, the active_connection_id_limit
   parameter MUST NOT be sent.
 
+initial_connection_id (0x0f):
+
+: The value that the endpoint included in the Source Connection ID field of the
+  first Initial packet it sends during the handshake; see {{cid-auth}}.

nit: I would s/packet it sends during the handshake/packet it sent on this connection/

> @@ -1475,6 +1475,49 @@ lifetime of a connection, especially in response to connection migration
 ({{migration}}); see {{issue-cid}} for details.
 
 
+## Authenticating Connection IDs {#cid-auth}
+
+The choice each endpoint makes about connection IDs during the handshake is
+authenticated by including all values in transport parameters; see
+{{transport-parameters}}. This ensures that all connection IDs used for the
+handshake are also authenticated by the cryptographic handshake.
+
+Each endpoint includes the value of the Source Connection ID field from the most

Should this be the "first packet it sent" as opposed to "most recent" for consistency?

> @@ -1475,6 +1475,49 @@ lifetime of a connection, especially in response to connection migration
 ({{migration}}); see {{issue-cid}} for details.
 
 
+## Authenticating Connection IDs {#cid-auth}
+
+The choice each endpoint makes about connection IDs during the handshake is
+authenticated by including all values in transport parameters; see
+{{transport-parameters}}. This ensures that all connection IDs used for the
+handshake are also authenticated by the cryptographic handshake.
+
+Each endpoint includes the value of the Source Connection ID field from the most
+recent Initial packet it sent in the initial_connection_id transport
+parameter; see {{transport-parameter-definitions}}. A server includes the
+Destination Connection ID field it receives in original Initial packets from the

I would rephrase this to "A server includes the Destination Connection ID field from the first Initial packet it received from the client in the original_connection_id transport parameter; note that if the server sent a Retry packet this refers to the first Initial packet received before sending the Retry packet."

> @@ -1475,6 +1475,49 @@ lifetime of a connection, especially in response to connection migration
 ({{migration}}); see {{issue-cid}} for details.
 
 
+## Authenticating Connection IDs {#cid-auth}
+
+The choice each endpoint makes about connection IDs during the handshake is
+authenticated by including all values in transport parameters; see
+{{transport-parameters}}. This ensures that all connection IDs used for the
+handshake are also authenticated by the cryptographic handshake.
+
+Each endpoint includes the value of the Source Connection ID field from the most
+recent Initial packet it sent in the initial_connection_id transport
+parameter; see {{transport-parameter-definitions}}. A server includes the
+Destination Connection ID field it receives in original Initial packets from the
+client - Initial packets received by the server prior to sending a Retry packet
+- in the original_connection_id transport parameter. After sending a Retry

I would s/After sending a/If it sent a/

> +The choice each endpoint makes about connection IDs during the handshake is
+authenticated by including all values in transport parameters; see
+{{transport-parameters}}. This ensures that all connection IDs used for the
+handshake are also authenticated by the cryptographic handshake.
+
+Each endpoint includes the value of the Source Connection ID field from the most
+recent Initial packet it sent in the initial_connection_id transport
+parameter; see {{transport-parameter-definitions}}. A server includes the
+Destination Connection ID field it receives in original Initial packets from the
+client - Initial packets received by the server prior to sending a Retry packet
+- in the original_connection_id transport parameter. After sending a Retry
+packet, a server also includes the Source Connection ID field from the Retry
+packet in the retry_connection_id transport parameter.
+
+The values provided by a peer for these transport parameters MUST match the
+values that an endpoint used in the Destination Connection ID field of Initial

This sentence appears to apply to all 3 transport parameters, but it mentions Destination CID. I would s/Destination/Source and Destination/

> @@ -4395,13 +4439,22 @@ A client MUST NOT reset the packet number for any packet number space after
 processing a Retry packet; {{packet-0rtt}} contains more information on this.
 
 A server acknowledges the use of a Retry packet for a connection using the
-original_connection_id transport parameter (see
-{{transport-parameter-definitions}}).  If the server sends a Retry packet, it
-MUST include the Destination Connection ID field from the client's first
-Initial packet in the transport parameter.
+retry_connection_id transport parameter; see
+{{transport-parameter-definitions}}.  If it sends a Retry packet, the server
+also subsequently includes the value of the Source Connection ID field from
+the Retry packet in its retry_connection_id transport parameter.
+
+A server always includes an original_connection_id transport parameter. If it

I think we can remove this entire paragraph as it appears to be redundant with other parts of this PR, and it seems to have discrepancies.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3499#pullrequestreview-408576300