Long Headers and Version Negotiation

Martin Duke <martin.h.duke@gmail.com> Fri, 05 January 2018 22:38 UTC

Return-Path: <martin.h.duke@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE5C712D88D for <quic@ietfa.amsl.com>; Fri, 5 Jan 2018 14:38:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xL5R7rZB9HUe for <quic@ietfa.amsl.com>; Fri, 5 Jan 2018 14:38:54 -0800 (PST)
Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE9131205D3 for <quic@ietf.org>; Fri, 5 Jan 2018 14:38:54 -0800 (PST)
Received: by mail-wm0-x22d.google.com with SMTP id r78so4978522wme.5 for <quic@ietf.org>; Fri, 05 Jan 2018 14:38:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=gq6blhxEHIgj2tO06+MQB7AEBiikKgmMYCPaaHvfnx4=; b=kGPmjATqbu77uX4DdT0UX7YDo6gO6cZ9opPIxhwzu2AhPH1o4KfV+IHzNTNlb7Ni3u tJNmGznzf8tfqHhvUUGQUavBUBql8QEvQ/VEyklFiDW5kH89C9zIXPfgId8cwkX7Fzp4 qI4QbMMQUYCbguVUviJZJV6YfK1fwWbyZ1/ltJo1OoG06eJN00kSYh41KjHY0K0YtwJq E8XweF5IKCmXvplsTaOeV5TsOr2NOwTH0V00wEbWt/fhOpxQjAEZvToG9kqgBF8wOZlE Lf28u4GkJNoLq1nlr5RpvCunEAtAlOwABSSZJHSr90M+4NBBdqGRE/46h1pC+uADMW2L L5uA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=gq6blhxEHIgj2tO06+MQB7AEBiikKgmMYCPaaHvfnx4=; b=XZUOH0jGab7cYkUl/Bg2YnBvCT7YHpJBndwod5xAcO7PDF1KJ2uAPrb0DOnIXL18UE rOvG8ZKHzVqdM9n2KNhIql4id2mpQSx0BcdZLIw7vmf5X69N8GfobHbFLif3ZbJ3gF52 Ul8aY7L/zZ+uRbj/AdxdhcEi+YYUmXWqDv2QyCv67krJvoOf0GydGBvIyJmp084c/bkS 8zF6PP2XMPwjEcKV2SSoJSuIjq0kMPgFGt+owZIrVEchpBskGc4Eum+9Nzorvzxas8Sw Zns1QSaxq5ceCjgeSRJq0T7gTpr+frIR2MwCeHW+LsoeSiPW3HHcZkKRRrnbfxzZih9R 2g2Q==
X-Gm-Message-State: AKwxytddJ3YDyyp+cjLi52P8+soWWDoPzZKqQJEjUz0QmJoNbfl7Pyrj IrrB8Nirq4+Io4EwqdIa0ctwHvuNpdVlyjXsjdx4tA==
X-Google-Smtp-Source: ACJfBoutQclDFVP1UsfdaTzNZ6NzqsOnqURcYHJEafwP3dFMRpfv0v8x5QgTpB9VqQKxePkS4ygurPXmbPGJBuk8NOw=
X-Received: by 10.28.214.68 with SMTP id n65mr3052015wmg.18.1515191932877; Fri, 05 Jan 2018 14:38:52 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.128.1 with HTTP; Fri, 5 Jan 2018 14:38:52 -0800 (PST)
From: Martin Duke <martin.h.duke@gmail.com>
Date: Fri, 5 Jan 2018 14:38:52 -0800
Message-ID: <CAM4esxRroE5rOXEHgqJ-_5Vdm-=odN7VmWBweKQgTnT5pU87XA@mail.gmail.com>
Subject: Long Headers and Version Negotiation
To: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="001a1146f69aed031105620f1c58"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/z8LKkTCqAik_H4MX17dWk6b4Bok>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2018 22:38:57 -0000

The invariants draft
<https://tools.ietf.org/html/draft-thomson-quic-invariants-00> only
reserves the 0x80 and 0x40 codepoints in the first byte of the packet.

The transport draft suggests that only initial packets should trigger
version negotiation. However, the Initial Packet byte (0xff) is not
invariant. So for version negotiation to work at all, servers must send VN
packets for *any* long header type where the version is unsupported --
otherwise, QUICv2 might select 0xe3 as the Initial Packet and v1 servers
would ignore it.

On the other hand, in 0RTT cases this might create a storm of VN packets if
the version is wrong. I suppose clients are probably not sending 0RTT if
they don't know the supported versions.

Am I thinking about this correctly? If so, I'm happy to file an issue, and
a PR if we agree that the correct solution is to reply with VN to all long
headers with unsupported versions.

- Martin Duke