Skip to content

Commit

Permalink
polish
Browse files Browse the repository at this point in the history 
Co-authored-by: Jana Iyengar <jri.ietf@gmail.com>
  • Loading branch information
@martinthomson @janaiyengar
martinthomson and janaiyengar committed Oct 30, 2020
1 parent 818b6c4 commit 5d6285f
Showing 1 changed file with 15 additions and 13 deletions.
28 changes: 15 additions & 13 deletions draft-ietf-quic-transport.md
View file
Expand Up @@ -2962,19 +2962,21 @@ connections. An endpoint that wishes to communicate a fatal connection error
MUST use a CONNECTION_CLOSE frame if it is able.

To support this process, an endpoint issues a stateless reset token, which is a
16 byte value that is hard to guess. If that endpoint sends a stateless reset,
a UDP datagram that ends in the stateless reset token, the recipient will
immediately end the connection.

A stateless reset token is issued by including the value in the Stateless Reset
Token field of a NEW_CONNECTION_ID frame. Servers can also issue a
stateless_reset_token transport parameter during the handshake that applies to
the connection ID that it selected during the handshake; clients cannot use
this transport parameter because their transport parameters do not have
confidentiality protection. These exchanges are protected by encryption, so
only client and server know their value. Tokens are invalidated when their
associated connection ID is retired via a RETIRE_CONNECTION_ID frame
({{frame-retire-connection-id}}).
16-byte value that is hard to guess. If the peer subsequently receives a
stateless reset, which is a UDP datagram that ends in that stateless reset
token, the peer will immediately end the connection.

A stateless reset token is specific to a connection ID. An endpoint issues a
stateless reset token by including the value in the Stateless Reset Token field
of a NEW_CONNECTION_ID frame. Servers can also issue a stateless_reset_token
transport parameter during the handshake that applies to the connection ID that
it selected during the handshake. These exchanges are protected by encryption,
so only client and server know their value. Note that clients cannot use the
stateless_reset_token transport parameter because their transport parameters do
not have confidentiality protection.

Tokens are invalidated when their associated connection ID is retired via a
RETIRE_CONNECTION_ID frame ({{frame-retire-connection-id}}).

An endpoint that receives packets that it cannot process sends a packet in the
following layout:
Expand Down

0 comments on commit 5d6285f

Please sign in to comment.