Re: [quicwg/base-drafts] First byte changes (#2006)

Kazuho Oku <notifications@github.com> Mon, 19 November 2018 22:27 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A76C11252B7 for <quic-issues@ietfa.amsl.com>; Mon, 19 Nov 2018 14:27:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LZ8W0ronM4-E for <quic-issues@ietfa.amsl.com>; Mon, 19 Nov 2018 14:27:51 -0800 (PST)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C761124408 for <quic-issues@ietf.org>; Mon, 19 Nov 2018 14:27:51 -0800 (PST)
Date: Mon, 19 Nov 2018 14:27:49 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1542666469; bh=5tepV7+UIbLQYsOd6YpX2n7/ksiTrkkQbgcT0WZ4yKs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=nfWCKaw94fSQ0LSEjZhYE62JV0h4txO1XXss8YBb2j9XHgSOlBJg3q/0zixFwbWXx 4WVQCBCGMlCJy1toPylM4CPD9/TUvpeQIBuV6e3TZ5RluS89cfPm0QzLnIcM9ZA+Zo 2Xe3E2gLvbF0YPeoX4Xgg868DVCyXm+PVDtH2POM=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab5fa0d3d1b62c881fc31c6dd6b6079e1992f09d4e92cf00000001180afae592a169ce16b57ba1@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2006/review/176527345@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2006@github.com>
References: <quicwg/base-drafts/pull/2006@github.com>
Subject: Re: [quicwg/base-drafts] First byte changes (#2006)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf338e5bab14_5e1f3f7ef46d45b81033b9"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/yy8lN04se56PZTxC2fDoRnYy9ps>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Nov 2018 22:27:53 -0000

kazuho commented on this pull request.



>  
-: The fourth bit (0x10) of byte 0 is set to 1.
+: The next two bits (those with a mask of 0x18) of byte 0 are reserved.  These
+  bits are protected using header protection (see Section 5.4 of
+  {{QUIC-TLS}}).  The value included prior to protection MUST be set to 0.  An

@igorlord I think @marten-seemann is correct here.

If we say that the bits on the wire is hard-coded to zero, the bits face ossification.
If we say that the bits can be anything, it could be used by an endpoint for any purpose without peer's consent (which is a privacy risk as Marten points out).

By saying that the bits will be set to zero (before encryption) and then encrypted, we prevent ossification and also require peer's consent when an endpoint want to use the bit for other purposes.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2006#discussion_r234806010