Re: [quicwg/base-drafts] Can Initial/0-RTT CIDs safely be used for routing? (#2026)

Martin Thomson <> Wed, 21 November 2018 04:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E753A130EAA for <>; Tue, 20 Nov 2018 20:13:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 24tYu3pUReGu for <>; Tue, 20 Nov 2018 20:13:24 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 52AAA130DE4 for <>; Tue, 20 Nov 2018 20:13:24 -0800 (PST)
Date: Tue, 20 Nov 2018 20:13:23 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1542773603; bh=knu3fnxf2nkHcXZzbGDv7823QiDsqLdxm2cn1p/Nang=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=SoSlPsZtZUqMxD6gBWa2F3RBdglFyAADyiyqNLfzQFXakA+mGhlXlQjkGWLAWXitm aYNgLyJVjVobohBHocPASTNbf2vYeDl6HzSQKWtUk26NE91rKqsF/Bjl/+eK+x/OCk 56lj5Q1UoAmqFGdnwaIV9WTwZx9NpkRY0ZGSzVDA=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2026/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Can Initial/0-RTT CIDs safely be used for routing? (#2026)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf4db634cbac_40b13f88c16d45b4798f"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 21 Nov 2018 04:13:26 -0000

My answer is that both are true and that they can co-exist.  While the server can't rely on the randomized connection ID being good, it might choose to allow routing based on that value under normal circumstances.

The recommendation that a client not tamper with fields that might alter routing is a sensible one.  As is the recommendation that a server not attach too much significance to values chosen by clients.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: