@@ -522,6 +522,10 @@ from the triggering client packet. This allows clients some assurance that the
522
522
server received the packet and that the Version Negotiation packet was not
523
523
carried in a packet with a spoofed source address.
524
524
525
+ A Version Negotiation packet is never explicitly acknowledged in an ACK frame by
526
+ a client. Receiving another Client Initial packet implicitly acknowledges a
527
+ Version Negotiation packet.
528
+
525
529
The payload of the Version Negotiation packet is a list of 32-bit versions which
526
530
the server supports, as shown below.
527
531
@@ -570,11 +574,11 @@ the packet contents increment the packet number by one, see
570
574
({{packet-numbers}}).
571
575
572
576
The payload of a Client Initial packet consists of a STREAM frame (or frames)
573
- for stream 0 containing a cryptographic handshake message, plus any PADDING
574
- frames necessary to ensure that the packet is at least the minimum PMTU size
575
- (see {{packetization}}). The stream in this packet always starts at an offset
576
- of 0 (see {{stateless-retry}}) and the complete cyptographic handshake message
577
- MUST fit in a single packet (see {{handshake}}).
577
+ for stream 0 containing a cryptographic handshake message, with enough PADDING
578
+ frames that the packet is at least 1200 octets (see {{packetization}}). The
579
+ stream in this packet always starts at an offset of 0 (see {{stateless-retry}})
580
+ and the complete cyptographic handshake message MUST fit in a single packet (see
581
+ {{handshake}}).
578
582
579
583
The client uses the Client Initial Packet type for any packet that contains an
580
584
initial cryptographic handshake message. This includes all cases where a new
@@ -595,6 +599,10 @@ The packet number and connection ID fields echo the corresponding fields from
595
599
the triggering client packet. This allows a client to verify that the server
596
600
received its packet.
597
601
602
+ A Server Stateless Retry packet is never explicitly acknowledged in an ACK frame
603
+ by a client. Receiving another Client Initial packet implicitly acknowledges a
604
+ Server Stateless Retry packet.
605
+
598
606
After receiving a Server Stateless Retry packet, the client uses a new Client
599
607
Initial packet containing the next cryptographic handshake message. The client
600
608
retains the state of its cryptographic handshake, but discards all transport
@@ -1084,11 +1092,17 @@ idle_timeout (0x0003):
1084
1092
: The idle timeout is a value in seconds that is encoded as an unsigned 16-bit
1085
1093
integer. The maximum value is 600 seconds (10 minutes).
1086
1094
1087
- stateless_reset_token (0x0005) :
1095
+ A server MUST include the following transport parameters :
1096
+
1097
+ stateless_reset_token (0x0006) :
1088
1098
1089
1099
: The Stateless Reset Token is used in verifying a stateless reset, see
1090
1100
{{stateless-reset}}. This parameter is a sequence of 16 octets.
1091
1101
1102
+ A client MUST NOT include a stateless reset token. A server MUST treat receipt
1103
+ of a stateless_reset_token transport parameter as a connection error of type
1104
+ TRANSPORT_PARAMETER_ERROR.
1105
+
1092
1106
An endpoint MAY use the following transport parameters :
1093
1107
1094
1108
omit_connection_id (0x0004) :
@@ -1106,7 +1120,7 @@ max_packet_size (0x0005):
1106
1120
the endpoint is willing to receive, encoded as an unsigned 16-bit integer.
1107
1121
This indicates that packets larger than this limit will be dropped. The
1108
1122
default for this parameter is the maximum permitted UDP payload of 65527.
1109
- Values below 1252 are invalid. This limit only applies to protected packets
1123
+ Values below 1200 are invalid. This limit only applies to protected packets
1110
1124
({{packet-protected}}).
1111
1125
1112
1126
@@ -1199,6 +1213,15 @@ client MUST terminate with a VERSION_NEGOTIATION_ERROR error code if
1199
1213
version negotiation occurred but it would have selected a different version
1200
1214
based on the value of the supported_versions list.
1201
1215
1216
+ When an endpoint accepts multiple QUIC versions, it can potentially interpret
1217
+ transport parameters as they are defined by any of the QUIC versions it
1218
+ supports. The version field in the QUIC packet header is authenticated using
1219
+ transport parameters. The position and the format of the version fields in
1220
+ transport parameters MUST either be identical across different QUIC versions, or
1221
+ be unambiguously different to ensure no confusion about their interpretation.
1222
+ One way that a new format could be introduced is to define a TLS extension with
1223
+ a different codepoint.
1224
+
1202
1225
1203
1226
# # Stateless Retries {#stateless-retry}
1204
1227
@@ -1918,6 +1941,10 @@ Unlike TCP SACKs, QUIC ACK blocks are irrevocable. Once a packet has
1918
1941
been acknowledged, even if it does not appear in a future ACK frame,
1919
1942
it remains acknowledged.
1920
1943
1944
+ A client MUST NOT acknowledge Version Negotiation or Server Stateless Retry
1945
+ packets. These packet types contain packet numbers selected by the client, not
1946
+ the server.
1947
+
1921
1948
QUIC ACK frames contain a timestamp section with up to 255 timestamps.
1922
1949
Timestamps enable better congestion control, but are not required for correct
1923
1950
loss recovery, and old timestamps are less valuable, so it is not guaranteed
@@ -2268,19 +2295,18 @@ An endpoint MUST NOT reduce their MTU below this number, even if it receives
2268
2295
signals that indicate a smaller limit might exist.
2269
2296
2270
2297
Clients MUST ensure that the first packet in a connection, and any
2271
- retransmissions of those octets, has a QUIC packet size of least 1232 octets for
2272
- an IPv6 packet and 1252 octets for an IPv4 packet. In the absence of extensions
2273
- to the IP header, padding to exactly these values will result in an IP packet
2274
- that is 1280 octets.
2298
+ retransmissions of those octets, has a QUIC packet size of least 1200 octets.
2299
+ The packet size for a QUIC packet includes the QUIC header and integrity check,
2300
+ but not the UDP or IP header.
2275
2301
2276
- The initial client packet SHOULD be padded to exactly these values unless the
2302
+ The initial client packet SHOULD be padded to exactly 1200 octets unless the
2277
2303
client has a reasonable assurance that the PMTU is larger. Sending a packet of
2278
2304
this size ensures that the network path supports an MTU of this size and helps
2279
2305
reduce the amplitude of amplification attacks caused by server responses toward
2280
2306
an unverified client address.
2281
2307
2282
2308
Servers MUST ignore an initial plaintext packet from a client if its total size
2283
- is less than 1232 octets for IPv6 or 1252 octets for IPv4 .
2309
+ is less than 1200 octets.
2284
2310
2285
2311
If a QUIC endpoint determines that the PMTU between any pair of local and remote
2286
2312
IP addresses has fallen below 1280 octets, it MUST immediately cease sending
@@ -3193,8 +3219,22 @@ Issue and pull request numbers are listed with a leading octothorp.
3193
3219
3194
3220
## Since draft-ietf-quic-transport-04
3195
3221
3196
- - Introduce STOP_SENDING frame (#165)
3197
- - Removed GOAWAY (#696)
3222
+ - Introduce STOP_SENDING frame, RST_STREAM only resets in one direction (#165)
3223
+ - Removed GOAWAY; application protocols are responsible for graceful shutdown
3224
+ (#696)
3225
+ - Reduced the number of error codes (#96, #177, #184, #211)
3226
+ - Version validation fields can't move or change (#121)
3227
+ - Removed versions from the transport parameters in a NewSessionTicket message
3228
+ (#547)
3229
+ - Clarify the meaning of "bytes in flight" (#550)
3230
+ - Public reset is now stateless reset and not visible to the path (#215)
3231
+ - Reordered bits and fields in STREAM frame (#620)
3232
+ - Clarifications to the stream state machine (#572, #571)
3233
+ - Increased the maximum length of the Largest Acknowledged field in ACK frames
3234
+ to 64 bits (#629)
3235
+ - truncate_connection_id is renamed to omit_connection_id (#659)
3236
+ - CONNECTION_CLOSE terminates the connection like TCP RST (#330, #328)
3237
+ - Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642)
3198
3238
3199
3239
## Since draft-ietf-quic-transport-03
3200
3240
0 commit comments