IETF Logo Mail Archive

Re: Alternative ways to keeps ODCID on the server

Kazuho Oku <kazuhooku@gmail.com> Mon, 27 January 2020 22:40 UTC

Return-Path: <kazuhooku@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 81F393A0F6E for <quic@ietfa.amsl.com>; Mon, 27 Jan 2020 14:40:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5kyxGZDAYsQW for <quic@ietfa.amsl.com>; Mon, 27 Jan 2020 14:40:00 -0800 (PST)
Received: from mail-vs1-xe35.google.com (mail-vs1-xe35.google.com [IPv6:2607:f8b0:4864:20::e35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B9FCE3A0B42 for <quic@ietf.org>; Mon, 27 Jan 2020 14:40:00 -0800 (PST)
Received: by mail-vs1-xe35.google.com with SMTP id b79so6821881vsd.9 for <quic@ietf.org>; Mon, 27 Jan 2020 14:40:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=95Ex9KZp1QlxmrdWjw5rIUq1fxV05bq+nwKU4JCbsrM=; b=AN6QS5Q2kl719tVskwrrKPgdQkszOw6D2E7cVNqGvJWJD2Teavfk/zwLqVCPs2pSE8 tP0zs6Q+RgIV2Zh77S9bbF3+dhGkkW9RWPNHmY9BO9/hQfz7gEYEATjKXCcPw8P6l189 9U4iJP9I3A+q7N5qsU4OYvwml/n6CB4diYGzZFTv+nx5tm6DkZ1vSrQA+e5FOQB6JHqY GI+rLKM6p9rM159lOpNcY63c8ZBLT6+NVMRFiAw7FC3wphGmnW265jUxL130mNw+dxFC Jbhj2kO9vcQA2PnTLiAblxGdGrkVziUjsTR5wXSTEeJ4wWGxWz7ifqKxBDlbFOmxuGnU DG/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=95Ex9KZp1QlxmrdWjw5rIUq1fxV05bq+nwKU4JCbsrM=; b=bxXc5VtjeLw33afiUbsky45ap10kjmeAC2t4rYyqX9q2CRj98MWiFHdrWa35+nPvkc SEp0NetaY2E9IaHEszrax5/kUlw5vUrsDu7zkiK8Q2pE8CqlTvaWb7ZH6ZtRsGFUsQXL Na1kge6WG1GBPwz1ixKP/EoFh2MSpox8j5zlM3j8NiqXRG4Q/yL/zpoTd7ojuBcRC8u+ 5BVsgwEfTDBeZ/0yoEI5fGEgMP63k1eaKAWdT4xMtJrfnSS7Ihbe3PYnETyx4o/FuqgS sLUryXUoYoZXhPinf78W1j/7lVU7+THRzJSN3jrNy9kNw1XnqBGY9m+K0ymgOmC4OQr9 JEyA==
X-Gm-Message-State: APjAAAWImymnKvcRKcpENTaZ9hEBee7YLbdEZtSEw3ht2Muzc9INCxOb /PsB8WzXZnZ2LiPL3/Icb0jlEU4H9zuDMib8iTo=
X-Google-Smtp-Source: APXvYqyKAT6mzBCuZtz0xjHSwX4BgM/9jRfLarmvQlv0kkaBEs9DK1iRPMYenDguB2eKbtiOs0UcJF0wmm/TFTkjRvk=
X-Received: by 2002:a67:f512:: with SMTP id u18mr12057911vsn.214.1580164799592; Mon, 27 Jan 2020 14:39:59 -0800 (PST)
MIME-Version: 1.0
References: <20200124222434.GA8279@ubuntu-dmitri> <7b228c14-c0d3-6458-77ab-945e713ef429@huitema.net> <CAOYVs2qhPBtbjrVEXE+oMXWUWRBqhzDfZsiOatRW5Zd67e1sWg@mail.gmail.com> <ee0f625b-b260-9e3d-12b6-80291fc110eb@huitema.net> <CAKcm_gNKu5b__cjy5212pWN=PKwdZKX23rXHs423-u8hZMjr+w@mail.gmail.com> <20200125135411.GA19655@ubuntu-dmitri>
In-Reply-To: <20200125135411.GA19655@ubuntu-dmitri>
From: Kazuho Oku <kazuhooku@gmail.com>
Date: Tue, 28 Jan 2020 07:39:48 +0900
Message-ID: <CANatvzyTHXog=46wwpmVshkYcY0YFGdvWXj0dGjKVUj0dXa7pA@mail.gmail.com>
Subject: Re: Alternative ways to keeps ODCID on the server
To: Ian Swett <ianswett=40google.com@dmarc.ietf.org>, Christian Huitema <huitema@huitema.net>, Marten Seemann <martenseemann@gmail.com>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000090fc33059d26c922"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/xQ-8af1uM7E9b8aHFw6nP9SsseI>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jan 2020 22:40:03 -0000

I am not sure if I agree with dropping the sentence.

IIRC, this sentence (i.e. "server MAY proceed with the connection without
verifying the token, though the server MUST NOT consider the client address
validated.") suggests that a server might proceed the handshake as if it
did not receive the token when that token cannot be used.

I think that is not an unreasonable thing to do along with the other two
stated option (i.e. discard packet, send CONNECTION_CLOSE without creating
state).

Maybe changing "verifying the token" to "as if there was no token being
attached" would clarify things?

2020年1月27日(月) 22:15 Dmitri Tikhonov <dtikhonov@litespeedtech.com>:

> After considering this for a few days, I now think that the "server
> MAY proceed" part should be removed from the draft.  This is because
> it is impossible to get ODCID from an invalid Retry token.  There is
> no other way reliably to associate an incoming packet with a previous
> packet (if the server were willing to stored ODCIDs in memory
> somewhere).
>
> Specifying that the server MAY proceed only makes the issue more
> confusing.
>
>   - Dmitri.
>
> On Sat, Jan 25, 2020 at 04:36:51PM -0500, Ian Swett wrote:
> > This is a bit of an edge case, so spelling out what's required to proceed
> > seems reasonable to me.
> >
> > On Sat, Jan 25, 2020 at 12:11 AM Christian Huitema <huitema@huitema.net>
> > wrote:
> >
> > >
> > > On 1/24/2020 8:41 PM, Marten Seemann wrote:
> > >
> > > Then it's not a *Retry* token, then it's a NEW_TOKEN token.
> > > It's a kind of subtle distinction (as I noted in
> > > https://github.com/quicwg/base-drafts/pull/3107#discussion_r349859380
> ).
> > >
> > >
> > > I understand that they are different. But look at the text in draft-25:
> > >
> > >    If a server receives a client Initial that can be unprotected but
> > >    contains an invalid Retry token, it knows the client will not accept
> > >    another Retry token.  The server can discard such a packet and allow
> > >    the client to time out to detect handshake failure, but that could
> > >    impose a significant latency penalty on the client.  A server MAY
> > >    proceed with the connection without verifying the token, though the
> > >    server MUST NOT consider the client address validated.  If a server
> > >    chooses not to proceed with the handshake, it SHOULD immediately
> > >    close (Section 10.3 <
> https://tools.ietf.org/html/draft-ietf-quic-transport-25#section-10.3>)
> the connection with an INVALID_TOKEN error.
> > >    Note that a server has not established any state for the connection
> > >    at this point and so does not enter the closing period.
> > >
> > > Invalid is invalid. An invalid token is something that the server
> cannot parse.
> > > The server does not know whether the client got the token from a retry
> packet
> > > or a new token frame, or just made it up with random bytes.
> > >
> > > -- Christian Huitema
> > >
> > >
>
>

-- 
Kazuho Oku

v2.23.0 | Report a Bug | By Email