Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ben Kaduk's TLS Comment 28 #4504

Closed
LPardue opened this issue Jan 6, 2021 · 3 comments · Fixed by #4694
Closed

Ben Kaduk's TLS Comment 28 #4504

LPardue opened this issue Jan 6, 2021 · 3 comments · Fixed by #4694
Labels
-tls editorial An issue that does not affect the design of the protocol; does not require consensus. iesg An issue raised during IESG review.
Milestone
tls-iesg

Comments

@LPardue
Copy link
Member

LPardue commented Jan 6, 2021

@kaduk said:

Appendix A.2

The client sends an Initial packet. The unprotected payload of this
packet contains the following CRYPTO frame, plus enough PADDING
frames to make a 1162 byte payload:
[...]
The unprotected header includes the connection ID and a 4-byte packet
number encoding for a packet number of 2:

c300000001088394c8f03e5157080000449e00000002

If I'm reading this correctly, the variable-length integer encoding of
the packet Length is 0x449e which would indicate a 1182-byte payload
(including packet number), not 1162.
@LPardue LPardue added -tls iesg An issue raised during IESG review. labels Jan 6, 2021
@LPardue LPardue added this to the tls-iesg milestone Jan 6, 2021
@martinthomson
Copy link
Member

I should have put money on @kaduk validating the examples...

The use of "payload" refers to the frames contained in the packet, which are 1182 - 4 (packet number length) - 16 (aead expansion). Would "The frames carried by this packet includes the following CRYPTO frame, plus enough PADDING frames to reach 1162 bytes." be better?

@martinthomson martinthomson added the editorial An issue that does not affect the design of the protocol; does not require consensus. label Jan 6, 2021
@MikeBishop MikeBishop mentioned this issue Jan 7, 2021
Merged
@kaduk
Copy link
Contributor

kaduk commented Jan 10, 2021

Ah, of course, the authentication tag. (I only remembered that the packet number length was included as an afterthought, but 4 != 20 and I didn't pause to think what might be adding 16 other bytes.)
Thanks for the PR, @MikeBishop !

I am not sure who would take the other end of that bet, though ... I seem to have a track record of putting DISCUSSes on for examples that don't match the protocol spec.

@janaiyengar
Copy link
Contributor

I will say that examples are important, so thank you for going through them, @kaduk!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
-tls editorial An issue that does not affect the design of the protocol; does not require consensus. iesg An issue raised during IESG review.
Projects
None yet
Milestone
tls-iesg
Development

Successfully merging a pull request may close this issue.

Relationship of payload and length quicwg/base-drafts
4 participants
@martinthomson @kaduk @LPardue @janaiyengar