Re: [quicwg/base-drafts] Pad rather than shift the header protection offset (#2030)
janaiyengar <notifications@github.com> Thu, 22 November 2018 00:23 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE181128CF3 for <quic-issues@ietfa.amsl.com>; Wed, 21 Nov 2018 16:23:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A2_3PCvNQdoo for <quic-issues@ietfa.amsl.com>; Wed, 21 Nov 2018 16:23:30 -0800 (PST)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3809A128CE4 for <quic-issues@ietf.org>; Wed, 21 Nov 2018 16:23:30 -0800 (PST)
Date: Wed, 21 Nov 2018 16:23:29 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1542846209; bh=ubMURIPlc/3+B3cD+ua4NLoQaCm0eBu+ZrhX+va6coQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=bSdYunPqqCd3fNBwQtRD1lnTWdn2g5L68MZwxKnayTQoSvFQ96ECUyXqo350cEbE5 9zq4Fj8CqBIE9poYBfYXmI7f9LWiCTcdnOtR9U990/KCrHpK8oT+vo1U8MnY6jjBnl aDloeehvYDu+ukK3okt2ZeI+rNHKVbUq0iXxaAEA=
From: janaiyengar <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abaf19559241a3313b63b0b2f8da2b5b57e7f9c2de92cf00000001180db90192a169ce16d361fa@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2030/review/177469014@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2030@github.com>
References: <quicwg/base-drafts/pull/2030@github.com>
Subject: Re: [quicwg/base-drafts] Pad rather than shift the header protection offset (#2030)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf5f70148333_65443fb260ad45c46904f5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: janaiyengar
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/tzckYomv-hJ4naVGPfSFit1xJz4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Nov 2018 00:23:33 -0000
janaiyengar commented on this pull request.
> @@ -905,27 +905,31 @@ of the ciphertext from the packet Payload field.
The same number of bytes are always sampled, but an allowance needs to be made
for the endpoint removing protection, which will not know the length of the
Packet Number field. In sampling the packet ciphertext, the Packet Number field
-is assumed to be 4 bytes long (its maximum possible encoded length), unless
-there is insufficient space in the packet for a complete sample. The starting
-offset for the sample is set to 4 bytes after the start of the Packet Number
-field, then is reduced until there are enough bytes to sample.
+is assumed to be 4 bytes long (its maximum possible encoded length).
+
+An endpoint MUST discard packets that are not long enough to contain a complete
+sample.
+
+To ensure that sufficient data is available for sampling, packets are padded so
+that the combined lengths of the encoded packet number and protected payload is
+at least 4 bytes longer than the sample required for header protection. For the
+AEAD functions defined in {{?TLS13}}, which have 16 byte expansion and 16 byte
```suggestion
AEAD functions defined in {{?TLS13}}, which have 16-byte expansions and 16-byte
```
> -is assumed to be 4 bytes long (its maximum possible encoded length), unless
-there is insufficient space in the packet for a complete sample. The starting
-offset for the sample is set to 4 bytes after the start of the Packet Number
-field, then is reduced until there are enough bytes to sample.
+is assumed to be 4 bytes long (its maximum possible encoded length).
+
+An endpoint MUST discard packets that are not long enough to contain a complete
+sample.
+
+To ensure that sufficient data is available for sampling, packets are padded so
+that the combined lengths of the encoded packet number and protected payload is
+at least 4 bytes longer than the sample required for header protection. For the
+AEAD functions defined in {{?TLS13}}, which have 16 byte expansion and 16 byte
+header protection samples, this results in needing at least 3 bytes of frames in
+the unprotected payload if the packet number is encoded on a single byte, or 2
+bytes of frames for a 2 byte packet number encoding.
Compound adjective.
```suggestion
bytes of frames for a 2-byte packet number encoding.
```
>
An endpoint SHOULD NOT send a stateless reset that is significantly larger than
the packet it receives. Endpoints MUST discard packets that are too small to be
valid QUIC packets. With the set of AEAD functions defined in {{QUIC-TLS}},
-packets less than 19 bytes long are never valid.
+packets less than 21 bytes long are never valid.
```suggestion
packets that are smaller than 21 bytes are never valid.
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2030#pullrequestreview-177469014
- Re: [quicwg/base-drafts] Pad rather than shift th… Marten Seemann
- [quicwg/base-drafts] Pad rather than shift the he… Martin Thomson
- Re: [quicwg/base-drafts] Pad rather than shift th… Martin Thomson
- Re: [quicwg/base-drafts] Pad rather than shift th… Martin Thomson
- Re: [quicwg/base-drafts] Pad rather than shift th… Kazuho Oku
- Re: [quicwg/base-drafts] Pad rather than shift th… MikkelFJ
- Re: [quicwg/base-drafts] Pad rather than shift th… Marten Seemann
- Re: [quicwg/base-drafts] Pad rather than shift th… MikkelFJ
- Re: [quicwg/base-drafts] Pad rather than shift th… MikkelFJ
- Re: [quicwg/base-drafts] Pad rather than shift th… Kazuho Oku
- Re: [quicwg/base-drafts] Pad rather than shift th… MikkelFJ
- Re: [quicwg/base-drafts] Pad rather than shift th… Mike Bishop
- Re: [quicwg/base-drafts] Pad rather than shift th… David Schinazi
- Re: [quicwg/base-drafts] Pad rather than shift th… janaiyengar
- Re: [quicwg/base-drafts] Pad rather than shift th… Martin Thomson
- Re: [quicwg/base-drafts] Pad rather than shift th… Martin Thomson
- Re: [quicwg/base-drafts] Pad rather than shift th… Martin Thomson
- Re: [quicwg/base-drafts] Pad rather than shift th… Martin Thomson