Re: Increasing QUIC connection ID size

Marten Seemann <> Sat, 13 January 2018 04:53 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6691012D7EF for <>; Fri, 12 Jan 2018 20:53:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aTDa_u7iwQf7 for <>; Fri, 12 Jan 2018 20:53:37 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400c:c08::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6A91E12D7EC for <>; Fri, 12 Jan 2018 20:53:37 -0800 (PST)
Received: by with SMTP id g16so5417088ual.2 for <>; Fri, 12 Jan 2018 20:53:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ffHkQKtZSklVcT3LpMJ0iSuQcXlo1MSzYyjlNfzUNr8=; b=EqfhM5eXqwi9L9lccZbh4eU/7q0b7K3ztrgT54+P5+O00U44djVPqc58HRvaZTVCHC eMz6TZvyNxiP6ApOT/YyKg7cG/1HtSjlNeTpnUyXNH9ZGvAlJXUQCteLOAkYFm4OZ9rd y+cRX/1C/AJeLcnPtQNYHV+EzwATumKCS3pr41s9pITG9c++MD/jixAFKzO2pKlCwRnT 9kQ6SqpYS5Vwqrklf+O5/DU6NqqWqGGdTAKvijdfAyw2s4FUIwd0JT+3rf6LtQYFQ3/M by57zhk8TvsI10Ir/o0++Mr8rT5NaxqVM3a7yo30rAFdkfYeJCAUk2O/DqMOh6Nf8CR4 NYqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ffHkQKtZSklVcT3LpMJ0iSuQcXlo1MSzYyjlNfzUNr8=; b=KStXmiK+ASNXuHXldXd5ojCrPALh2OaIU+lVT36vFoOJ3pM14MnQdaI+maZQuDKA1F SP/0ZvNFnWavDqFvN70oWw/kFsHvbZZju9xOMxzhZ5emVNpgaRx9Sxm02G9ky556NYre BWY5lMEySBDDilONLTklsW6MfEn5O5wcdTpVRUvc4N5K05DZghJVDTB0WpSevt14adXU IVX8c6o26AT2OfFEJkM01lS36xZ/ThkTO/RYwtgylQ+89gA+V2hKeI7Xl+oN6Z/hjm7O zeH9GNnORrYo9RryRTyqJJ3MCT/q8DCVEWZPR0M0oqLrQlEWWEVJtJWz5r6aibHmkzsy 95EA==
X-Gm-Message-State: AKwxyteZaQO0s3ev8AkiTtvSmA5922I4/YuUqLt9+QkA8ruCAsZU2Cv7 kGfIckvle85s0WwKgTBZxnO7DtA4BD2YpzrCeQE=
X-Google-Smtp-Source: ACJfBovxM1cZOFZY47GU6m7YF6nFXPhOEifYIKSAu8vMkFQ98REYhO2u9B6CZkx3UNWfiHEKdzntksXawMLgUAN/PC8=
X-Received: by with SMTP id p11mr18171818uak.126.1515819216051; Fri, 12 Jan 2018 20:53:36 -0800 (PST)
MIME-Version: 1.0
References: <> <> <> <> <> <> <>
In-Reply-To: <>
From: Marten Seemann <>
Date: Sat, 13 Jan 2018 04:53:24 +0000
Message-ID: <>
Subject: Re: Increasing QUIC connection ID size
To: Christian Huitema <>
Cc: IETF QUIC WG <>, Jana Iyengar <>, Victor Vasiliev <>
Content-Type: multipart/alternative; boundary="089e08288ceceaa2ee0562a1292b"
Archived-At: <>
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 13 Jan 2018 04:53:39 -0000

I’m corcerned about the overhead. In the p2p use case, there’s no need for
encoding any routing information into the connection ID, and since every
node just handles a small number of connections, even 4 bytes would be more
than enough to distinguish between connections.
I can see the use case for 128 bit connection IDs, but in order to reduce
the overhead for other applications, we should either do some kind of
negotiation or a varlen encoding.

On Sat 13. Jan 2018 at 09:12, Christian Huitema <> wrote:

> On 1/12/2018 3:06 PM, Jana Iyengar wrote:
> > I'm not entirely convinced of the overhead concern. In the common HTTP
> > case, we expect server->client to not carry CIDs, so this is a NOP in
> > the commonly bandwidth-limited case.
> Not just the transmission overhead. You are also increasing the memory
> footprint of the connection context, which stores at least 2 CNX-ID, and
> maybe more if we want to support migration.
> But I agree that this is not the end of the world.
> Also, following Victor's message, I was doing the maths on the size of
> the ID. 64 bits allows for 24 bits of server ID, 32 bits of client
> nonce, and 8 bits of zero -- for checking. 8 bits check will still let
> 0.4% of forged packets through, which is probably OK since the server
> acts as a backstop. 24 bits would work for 16M servers, which should be
> OK, but assumes that servers have a unique serial ID, which is not
> necessarily OK. Then 32 bits look like they allow 4G connections per
> server, but we start seeing collisions after 65K connections per server,
> which seems not good. So, yes, 64 bits probably will be very tight if we
> want the router to be stateless.
> > I do think that this makes CID generation at servers substantially
> > simpler -- you can simply add 1 to the current CID to generate a new
> > one, and encryption makes it unlinkable to the previous one. This is a
> > substantial benefit.
> Yes, you can do that without relying on a secure random generator, and
> thus without exposing more of the state of the crypto PRNG. Which is
> nice. Another advantage, if the router can reliably map connection-ID to
> servers, then we don't need to have the same reset secret for every server.
> Just one request. If we do make a change, please go for a fixed size.
> -- Christian Huitema