IETF Logo Mail Archive

RE: [HTTP/3]Sending reserved frame before SETTINGS

Mike Bishop <mbishop@evequefou.be> Tue, 04 February 2020 09:44 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3207F12012A for <quic@ietfa.amsl.com>; Tue, 4 Feb 2020 01:44:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0YyN8SKkM73G for <quic@ietfa.amsl.com>; Tue, 4 Feb 2020 01:44:51 -0800 (PST)
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2094.outbound.protection.outlook.com [40.107.92.94]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 952C8120099 for <quic@ietf.org>; Tue, 4 Feb 2020 01:44:47 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k0QKKQ/DkUwtbNWy8fxjb5VbZPz+n5e8TMZSjR2Elwzx1gvd7IjV+LWDgHSs3qdFgEqY6YY/Z+jL/b4V2Ob30g7dLuzpZIcBhKc6Wi+yRMd1YXzZ6yFnOGO6hb8nZlMqPYmVFu74QnDi5/l5Foc1J7FDlAj1/Wgj0w3pffXbLZjt5mcAD/mX6SZN8ixVVOQ1cijRT20Gc6XDPimL9BmvNRPxfiV9SH/rejMKPAQ6zOumtURVHz5EopRtibq/yoLL8AWJOiWkVCzwje1gVFGl7jsoTryzCJOgwu1fbnuwrdihHzx7VScvW+PUOr6ubzMNYwnQehcXSLBOR7Qyowt34g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YoRF28FXZfhL3Iah4DGN0tzBhGSeQWVvgGrowbXPP2c=; b=QKYWJriSjEXGlfMsKgdfY5CPnG9+aprdPUL4aAQtBWHs2/XsYs8ofLKEJ1niIMfgdxtd/8g3VSTRyW4BklfLqpn4UkpvGb1/6NlIrwxM9XSxzYZoZFO7ONc8Qp+hUPInRyOrL4L0hrM1wR05gaXts6YypvuLbzlgVQgdhKtMKHDFShUeG6SinNSgdkYKAyiZ8AXl4Vh2742Kb2I0B5eqL8s94xyro6xCf6148zkSNP9/rk/exBuQgUfT8Qw1xO3IdcQalOygV+zmmuc2KFr6yE71Ee+OyF9a2R6NY2V4El0dosjcPpkYdHBcEfG0RURLP+JP08lcftiugc47UKiJ8g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YoRF28FXZfhL3Iah4DGN0tzBhGSeQWVvgGrowbXPP2c=; b=rrk/5sC9Z7JnVFkGIxWXE8CG0Q+JyC2CBURCS1IGMEpSy6uZEqQfRNbTCtDzk2ihyl0bP+WjcVsU9dOsNSDbLMwFQNw9MeGvbvcblJ5EGTSAz1sRI/cFyuD8MrXMPdEXOeEMVgGt9x3hH5ykCvzS2/h4gYjxZTve/qYmcZZQ0sU=
Received: from CH2PR22MB2086.namprd22.prod.outlook.com (20.180.11.136) by CH2PR22MB1880.namprd22.prod.outlook.com (10.141.57.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.29; Tue, 4 Feb 2020 09:44:44 +0000
Received: from CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::fc4c:de9:3fcd:96dd]) by CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::fc4c:de9:3fcd:96dd%7]) with mapi id 15.20.2686.031; Tue, 4 Feb 2020 09:44:44 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Lucas Pardue <lucaspardue.24.7@gmail.com>, Ian Swett <ianswett=40google.com@dmarc.ietf.org>
CC: IETF QUIC WG <quic@ietf.org>, Ryan Hamilton <ryan@optimism.cc>, Renjie Tang <renjietang=40google.com@dmarc.ietf.org>
Subject: RE: [HTTP/3]Sending reserved frame before SETTINGS
Thread-Topic: [HTTP/3]Sending reserved frame before SETTINGS
Thread-Index: AQHV2M65W8Z0mPI6iUGx1UM4nN84tagGg+gAgABuAgCAANXrgIADBSFQ
Date: Tue, 04 Feb 2020 09:44:44 +0000
Message-ID: <CH2PR22MB2086773FDD645B90E5C98B43DA030@CH2PR22MB2086.namprd22.prod.outlook.com>
References: <CAPOFeyhp5YE+Y2nSUfEwGUHamp19vL_XT1kJZ-krOm00i915Eg@mail.gmail.com> <CAKDhxQocLR9sotSRWFtM7Kup4zXk2dTP-bxehoYjxuJHFtXuRA@mail.gmail.com> <CAKcm_gNnsp1uWn5W7o5g_0ODfiqDk-1nAL7vPXUNHTf3wwN2DA@mail.gmail.com> <CALGR9oZjS0j8OcVaL7vSFKrJnC=iZyF=uhhY80S5GrhWpwzNiQ@mail.gmail.com>
In-Reply-To: <CALGR9oZjS0j8OcVaL7vSFKrJnC=iZyF=uhhY80S5GrhWpwzNiQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [2a00:79e1:abc:301:f1e8:a9fb:e811:10f3]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8ce5b8b2-f302-4eea-08d7-08d7a956ddb3
x-ms-traffictypediagnostic: CH2PR22MB1880:
x-microsoft-antispam-prvs: <CH2PR22MB18805A7DEDB872E87FE9A6AFDA030@CH2PR22MB1880.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 03030B9493
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(366004)(376002)(39830400003)(346002)(396003)(136003)(199004)(189003)(5660300002)(186003)(316002)(33656002)(52536014)(8936002)(110136005)(9686003)(4326008)(66476007)(54906003)(55016002)(2906002)(66556008)(66446008)(64756008)(508600001)(76116006)(7696005)(71200400001)(81156014)(81166006)(66946007)(8676002)(6506007)(86362001)(53546011); DIR:OUT; SFP:1102; SCL:1; SRVR:CH2PR22MB1880; H:CH2PR22MB2086.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: t5bjfN+MOauvOCLZpmsJwhW16K3KBzHB81tj70tt3gm3pEk/DD86svXoCizWY0HIu3f1wMO8bGq91jZCNwdBmMy/T/2+QDvoiMiYIrvCqgiTidmUtLJL28VLLoHEJZUpb6Akt3ldFq9Q/Ox6CFiLiWeuTufYewEjqdOovqK/BQ54g09Wta6ASC1eSmfAA87xaNBKUfUR6SXk9pXemCtDOuNTX3RQ4GSaKhUxuu7dgSkhTo+z9ZqAMduYbgr3ON21Igqsh3YRU8ONVgIGub16QKMHMdErNZCsDNWNNofWTc3Ex0HTqfwwgeh1bBrextr/CMQzlyluvLp2qIsCrHtEelZHoNH9XxGdfSemMX0e+1ZHN7y6sT0pwnSWt/uVUWk3KW5qyhU7yEe/DciHmqT9telhpyP+YcO1AvgBv9HCzNiOwWbY6Uj5KyublWJP1tuJBb2rIYVrBrk+LgGytkzNAOZFlMLPghIggef0Vf7qhqY/Ayel4XGZPjXsY2im79kMnXK7T9PK8qg7cuM7i9GM3A==
x-ms-exchange-antispam-messagedata: 8J5oC2M0r4eO+6g2sKa2gnyMQUdhxgq++cqmv0baxkO92b4K50fu4ICifbQYuKytYWcEvJKp/2csLenNOPHKo+tpZMQaN0WCYWdZ/BtbmfC6ci7w5b5E/2f4AMYyB6HGDlfoimeXiHPbJ12mPzJaZMGWRbia3g0I7E8yRzXZ/rq+f9pviLLceBFI4zBPQOP77e+8gFGjOhdneOADb0L+hQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CH2PR22MB2086773FDD645B90E5C98B43DA030CH2PR22MB2086namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 8ce5b8b2-f302-4eea-08d7-08d7a956ddb3
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Feb 2020 09:44:44.6271 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 9alAPYcYC8vq7j2/GQBo1HL1F1vbggEP80PVoRgDaO18+d32W9T4P+Xij6uXX0EByMXRIE5pxe9r7hWE8MZ+fA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR22MB1880
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/-bi9cwXDnj1jaynsOJuDvzxjFOU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Feb 2020 09:44:54 -0000

Yes, this text was added to record our decision when this question came up before.  An unknown frame is not SETTINGS.  If you define something new (EXTENDED_SETTINGS_REBORN), you can very well mandate that it be the next frame after SETTINGS, but it is not a SETTINGS frame and doesn’t satisfy the expectation to see a SETTINGS frame there.

From: QUIC <quic-bounces@ietf.org> On Behalf Of Lucas Pardue
Sent: Sunday, February 2, 2020 12:34 PM
To: Ian Swett <ianswett=40google.com@dmarc.ietf.org>
Cc: IETF QUIC WG <quic@ietf.org>; Ryan Hamilton <ryan@optimism.cc>; Renjie Tang <renjietang=40google.com@dmarc.ietf.org>
Subject: Re: [HTTP/3]Sending reserved frame before SETTINGS

I think the design of this is ok as is.

On Sat, 1 Feb 2020, 22:49 Ian Swett, <ianswett=40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf..org>> wrote:
Thanks for bringing this up Renjie.  I agree the subsequent text seems to clarify the answer.

However, is that the behavior we want, given it does limit extensibility in some small ways?

On Sat, Feb 1, 2020 at 11:25 AM Ryan Hamilton <ryan@optimism.cc<mailto:ryan@optimism.cc>> wrote:
Wow, interesting question!

6.2.1 requires the SETTINGS frame to be first on the control frame:


   If the first frame of the control stream is any other frame

   type, this MUST be treated as a connection error of type

   H3_MISSING_SETTINGS.

Whereas 7.2.9 says reserved frames have no semantic meaning:


   Frame types of the format "0x1f * N + 0x21" for integer values of N

   are reserved to exercise the requirement that unknown types be

   ignored (Section 9<https://tools.ietf.org/html/draft-ietf-quic-http-25#section-9>).  These frames have no semantics, and can be sent

   on any open stream when application-layer padding is desired.


This sounds like a conflict since something that has no semantics seems like it should not cause errors! However, looking Section 9 I think we find the resolution:

   Implementations MUST ignore unknown or unsupported values in all

   extensible protocol elements.  Implementations MUST discard frames

   and unidirectional streams that have unknown or unsupported types.

   This means that any of these extension points can be safely used by

   extensions without prior arrangement or negotiation.  However, where

   a known frame type is required to be in a specific location, such as

   the SETTINGS frame as the first frame of the control stream (see

   Section 6.2.1<https://tools.ietf.org/html/draft-ietf-quic-http-25#section-6....2.1>), an unknown frame type does not satisfy that

   requirement and SHOULD be treated as an error.



So it seems that it's illegal to send a GREASED frame before the SETTINGS frame. Does that sound right to you?



Cheers,



Ryan

On Fri, Jan 31, 2020 at 11:10 PM Renjie Tang <renjietang=40google.com@dmarc.ietf.org<mailto:40google.com@dmarc.ietf.org>> wrote:
Hi all,

When I was implementing greasing for HTTP/3 frames, I came across a potential confusion.

Presumably, if a non-reserved unknown frame is received before SETTINGS on a control stream, the connection should be closed.

But if a reserved frame is received before SETTINGS frame on a control stream, does it count as an error and close the connection? Or should it simply be ignored because it has no semantic meaning?

Thanks!
Renjie

v2.23.0 | Report a Bug | By Email