Re: [quicwg/base-drafts] Why does stateless reset have to be checked after MAC failure (#2152)

Christian Huitema <> Sun, 13 October 2019 03:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B817D120059 for <>; Sat, 12 Oct 2019 20:26:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.382
X-Spam-Status: No, score=-6.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id gMz93hHFlcC5 for <>; Sat, 12 Oct 2019 20:26:12 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F3CD912004F for <>; Sat, 12 Oct 2019 20:26:11 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 0E7EA2C0B97 for <>; Sat, 12 Oct 2019 20:26:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1570937171; bh=EjLjsLTCDupqReX3RjUGppJ+y+s5ZbPvgXEll5xo3jY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=14LoWKMQRGZ4suNq9mlboRnl/NBsXjVfMlPgaC/IB1TS4AVQmRjRN8XL8O4aIXcX8 66AGvzTDwTjOpPqomTkA1ljx13ZyS5OjT3Mll0WGcHffIx3qpsGy5c6dBnb+EHKpl3 T+V3kkBaAyt87BLC2wVzPwxKPF6eR03hi7t98sbk=
Date: Sat, 12 Oct 2019 20:26:10 -0700
From: Christian Huitema <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2152/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Why does stateless reset have to be checked after MAC failure (#2152)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5da29952f2cb6_5d423f9862acd96c24632e"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 13 Oct 2019 03:26:14 -0000

Can someone explain to a dumb guy like me why this is important? We have three paths:

1) Good packet: decrypt, validate, and then process the data in the packet.

2) Stateless reset: attempt to decrypt, fail, find a match for a registered reject token, kill connection.

3) Garbage: attempt to decrypt, fail, do not find a match, do nothing.

I content that (1) and (2) are observable no matter what. If the connection goes on as in (1), further packets can be observed. If the connection stops, absence of further packets can be observed. The behavior after (3) depends on the state -- if the connection is up, further data will come out as in (1). If the connection is down, nothing will happen.

What exactly is the concern?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: