Padding in Initial Packets

tim.jebb@bt.com Tue, 30 June 2020 10:16 UTC

Return-Path: <tim.jebb@bt.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9962C3A1173 for <quic@ietfa.amsl.com>; Tue, 30 Jun 2020 03:16:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bt.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CuO5IqYsTeOw for <quic@ietfa.amsl.com>; Tue, 30 Jun 2020 03:16:02 -0700 (PDT)
Received: from smtpe1.intersmtp.com (smtpe1.intersmtp.com [213.121.35.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42E133A116A for <quic@ietf.org>; Tue, 30 Jun 2020 03:16:00 -0700 (PDT)
Received: from tpw09926dag11e.domain1.systemhost.net (10.9.212.11) by BWP09926076.bt.com (10.36.82.107) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1713.5; Tue, 30 Jun 2020 11:15:33 +0100
Received: from tpw09926dag08h.domain1.systemhost.net (10.9.202.47) by tpw09926dag11e.domain1.systemhost.net (10.9.212.11) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 30 Jun 2020 11:15:58 +0100
Received: from bwp09926080.bt.com (10.36.82.111) by tpw09926dag08h.domain1.systemhost.net (10.9.202.47) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Tue, 30 Jun 2020 11:15:57 +0100
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (104.47.20.56) by smtpe1.intersmtp.com (10.36.82.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1713.5; Tue, 30 Jun 2020 11:15:37 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iy1rQP8MDR1kIDBHPDTiYYRzVq5OwTgc96YGEjLuRRrk92nSn56XVc2D/LBbUfZ2+iIs5+CegCmwnqCBcnco9DAIdJKVSpqZ+b+6JNFSK4d1iJPLsV0W2a7t/PQxLBDrtaz/SsSc3RAi4vF3vAPo3FMb55cKQx2bEaqo0Jd96fU7NHoDZZlEhhiGSBlIE1Y4u0pFi8OxiNh1MFAlx6qLaNkdsq9FULD+BoDpKL85qJMtNR9CtTgoGCbtzLQ9gxZHcmsqbkJyb6CrjKqgT4zG5Wovr7rtpW5HqFG2wwsjVmcjwoRsKj25w4aFgTOCqU+9ADts0tbYcegIj2elpkjCKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DlJGdPD9XG1LzA25SR1Zdt9GK0XTQEypdSz3xRmdPUU=; b=LXilIzuTnjnfIrj92nPiaQjuFU+4cNiweEQOpMxJIodDyMKfb25tW/ZFVjlqBTBAFWKGijWxTzEE0G25OPwvnSSBSZWEJ3nxlc+AiWTzkNv5k0RnHquaqP99eCzIILqn8tkrXF5coVuKuJltDa2cQJlkzFxUXNdDBWU3/9znYiztzQ+6VXGlTampfaWcd8oF7Op+KGFwr9u6K4CwSN5/tXlxfUhW79PsgNiSunv6m/6Ec0by9mcnfST2Kp3oXIBfLxP9kLLPItuie91gLc8/W9muLWxtwwA0Kym79wkaOcIun5Bo+ilzEjujLCykWPaFIBtt8t6iHCxirNuykHY7+w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bt.com; dmarc=pass action=none header.from=bt.com; dkim=pass header.d=bt.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bt.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DlJGdPD9XG1LzA25SR1Zdt9GK0XTQEypdSz3xRmdPUU=; b=W/jk3t0+eEv5A36W/kHxy51MegzwKpwYT+EVQtUb+gypvCr/SZfAT/lsyBMtPz4sSZ4Aq4N0m+ye1nmgDj/9I1pYu2i1axuKiHuatODI/JK9cBYP1vOkl/EbZlrYvpqJFDKV+GMB+dSiQ01bTx2cDlzlm4mSXOvSyn9EprqjWEA=
Received: from LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:dc::10) by LO2P123MB2096.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:c4::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20; Tue, 30 Jun 2020 10:15:53 +0000
Received: from LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM ([fe80::ec07:dcb5:1747:4632]) by LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM ([fe80::ec07:dcb5:1747:4632%7]) with mapi id 15.20.3131.028; Tue, 30 Jun 2020 10:15:53 +0000
From: <tim.jebb@bt.com>
To: <quic@ietf.org>
Subject: Padding in Initial Packets
Thread-Topic: Padding in Initial Packets
Thread-Index: AdZOuPMsC8HOn4IhREy6+3yKJlq+/g==
Date: Tue, 30 Jun 2020 10:15:52 +0000
Message-ID: <LNXP123MB24602880B0AE644B9B1F3F83F26F0@LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=bt.com;
x-originating-ip: [146.199.174.244]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b54a9350-303f-4871-808e-08d81cde9209
x-ms-traffictypediagnostic: LO2P123MB2096:
x-microsoft-antispam-prvs: <LO2P123MB2096F8824A68FF0A81D41609F26F0@LO2P123MB2096.GBRP123.PROD.OUTLOOK.COM>
x-antispam-2: 1
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 0450A714CB
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: NUHN7Xj4EdMbeF5QBMVoi4POlKOzDw6rOijxkcDgx9c+o0lRocaqLwokYMO0kDoSmUK/NHuRC6qYXRF7z9PFNrQFO0lTWJb/BZn9xZStQmfS56RlfC4Wcz/Nrg7e3rHHZxbUbNk4CpRzvBwU74E9Qf5/vYSwpEzJWoi/fyNNH4JyEuvZ7tLzPbALRk6olaX5anQmBTPjsIaVf5dqoOdYmxifH4FGTgdPbhEoRjLcuk9OzP3UVWIjAUXyaIUjpOayer7/BQsFsp9d1Vbv/B8eIgt5zqyETzBz5IFcN3cqFdoNeHYGAmjIowF9A+wrMdDUSZkEl/BcXr9zRqC9+z6oqg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(396003)(39860400002)(376002)(366004)(136003)(26005)(2906002)(5660300002)(6506007)(9326002)(8936002)(66476007)(64756008)(66556008)(66446008)(66946007)(8676002)(71200400001)(86362001)(9686003)(3480700007)(186003)(83380400001)(55016002)(7696005)(76116006)(478600001)(52536014)(33656002)(6916009)(316002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: NqRkKzMLJ2J/ZIsw2nf/MRntOTVSofYGqorHo70NDTokBK3LRHVn5DWhwAblnTgwjbr/gFVTZJJNXlx8mZXGk6xwHSWBg8RD+OzGi3IeRCXu5CnMizgkNLi1p7niklduKZj9kzjLIYXUAMzQoUeYVu81v7PxrjJpMlLMhrpoiP9xto5aeT57yIin3ZsKLnV6DAMmLFmS4LqXf9naszKNiVqwNdX7031obB9r3rdf8u0/aTLTQK6FSP3+iSn+BTkEBY2isewMthPxF/oVHrcgnAbjqjcAzCu9i3SBdtiZq7n+PC8TPQc49x3U0fhKx3hKgf9fYS+7yZv8Bsaa/PDxi7k8pyZWw0vlAqYXUUre63NxYDFoM9qj+hCv1XKm5TMPHXUuq2brla+qrk7YHfw0iRCwmkSmFP6KeMkc0e/U6ZDa6WUdScLQk7b8O+SaInMudzmtMvXo3XKMudOyjYA7hHbk43KCN0DyeXlzZxcpJWWldKiQ8a6611w0NcwerX8A
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_LNXP123MB24602880B0AE644B9B1F3F83F26F0LNXP123MB2460GBRP_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: b54a9350-303f-4871-808e-08d81cde9209
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jun 2020 10:15:53.0359 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a7f35688-9c00-4d5e-ba41-29f146377ab0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 5+5t5Yt2lhaplWn3djpgW48K78RtZWKEMCC5smli+9xztiwZv3wolqaWsE8dXfku
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB2096
X-OriginatorOrg: bt.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/7y9-Y9vw0pIYdDDtKYl9caXBFIk>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2020 10:18:10 -0000

Hi All,

I'm fairly new to QUIC so apologies if the questions in here are dumb.

I've been going through a QUIC pcap, which I captured from a Firefox implementation of IETF draft 27 QUIC, and am a little confused about the use of padding in the first Initial packet.  According to Wireshark,  the UDP datagram contains a QUIC packet of type initial, length 272, the payload of which is a Client Hello.

The remainder of the UDP datagram is 1055 zero bytes.  According to Wireshark these zero bytes constitute a QUIC IETF Packet.

However there doesn't seem to be a valid QUIC packet header for these bytes.  AIUI according to the QUIC spec padding bytes are frames within a packet, so these zero bytes seem to be just bytes in the UDP datagram outside of the QUIC payload.  Which would be fine as far as I can see, but:

Why does Wireshark say it's QUIC IETF?
Is there anything in any of the QUIC draft RFCs mandating this behaviour, if so where?
Why is it being done - can't see the point?
If padding is to be added surely it should be as part of a QUIC packet and encrypted - here there's just a load of plaintext zero bytes.


Here is Wireshark's analysis:

"QUIC IETF
    QUIC Connection information
    [Packet Length: 302]
    1... .... = Header Form: Long Header (1)
    .1.. .... = Fixed Bit: True
    ..00 .... = Packet Type: Initial (0)
    .... 00.. = Reserved: 0
    .... ..10 = Packet Number Length: 3 bytes (2)
    Version: draft-27 (0xff00001b)
    Destination Connection ID Length: 17
    Destination Connection ID: 76f81a5588b2f25c5ab6dbd461a8d749e1
    Source Connection ID Length: 3
    Source Connection ID: c5ef02
    Token Length: 0
    Length: 272
    Packet Number: 0
    Payload: 04f535177fcbcfd5f06d24ffde66edf10df79205666b1851...
    TLSv1.3 Record Layer: Handshake Protocol: Client Hello
        Frame Type: CRYPTO (0x0000000000000006)
        Offset: 0
        Length: 249
        Crypto Data
        Handshake Protocol: Client Hello
            Handshake Type: Client Hello (1)
            Length: 245
            Version: TLS 1.2 (0x0303)
            Random: b1b76126ddab3c639cdfaa7d92d6cabe2ea9c1a19ea86b8b...
            Session ID Length: 0
            Cipher Suites Length: 4
            Cipher Suites (2 suites)
            Compression Methods Length: 1
            Compression Methods (1 method)
            Extensions Length: 200
            Extension: server_name (len=15)
            Extension: extended_master_secret (len=0)
            Extension: renegotiation_info (len=1)
            Extension: supported_groups (len=20)
            Extension: application_layer_protocol_negotiation (len=8)
            Extension: status_request (len=5)
            Extension: key_share (len=38)
            Extension: supported_versions (len=3)
            Extension: signature_algorithms (len=16)
            Extension: psk_key_exchange_modes (len=2)
            Extension: record_size_limit (len=2)
            Extension: quic_transports_parameters (len=42)
QUIC IETF
    [Packet Length: 1055]
    Remaining Payload: 000000000000000000000000000000000000000000000000..."

Any comments or explanations?

Tim