From c0f9f0ff19e946f2821b5a1cb0220b8066405187 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Tue, 6 Mar 2018 16:24:12 +1100 Subject: [PATCH] Move version ahead of connection IDs Closes #1166 --- draft-ietf-quic-invariants.md | 25 ++++++++++++-------- draft-ietf-quic-transport.md | 44 +++++++++++++++++++---------------- 2 files changed, 39 insertions(+), 30 deletions(-) diff --git a/draft-ietf-quic-invariants.md b/draft-ietf-quic-invariants.md index 62ca05291c..c1d5ed71b4 100644 --- a/draft-ietf-quic-invariants.md +++ b/draft-ietf-quic-invariants.md @@ -135,15 +135,17 @@ version-specific semantics are marked with an X. ~~~ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -|1|X X X X X X X|DCIL(4)|SCIL(4)| ++-+-+-+-+-+-+-+-+ +|1|X X X X X X X| ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +| Version (32) | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +|DCIL(4)|SCIL(4)| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -| Version (32) | -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~~~ @@ -152,6 +154,8 @@ version-specific semantics are marked with an X. A QUIC packet with a long header has the high bit of the first octet set to 1. All other bits in that octet are version specific. +The next four octets include a 32-bit Version field (see {{version}}). + The next octet contains the length in octets of the two Connection IDs (see {{connection-id}}) that follow. Each length is encoded as a 4 bit unsigned integer. The length of the Destination Connection ID (DCIL) occupies the high @@ -167,8 +171,7 @@ ID associated with the recipient of the packet (the Destination Connection ID) is followed by the connection ID associated with the sender of the packet (the Source Connection ID). -After both Connection IDs, a 32-bit Version (see {{version}}) is followed by a -version-specific payload. +The remainder of the packet contains version-specific content. ## Short Header @@ -240,15 +243,17 @@ Version field, which is set to 0x00000000. ~~~ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -|1|X X X X X X X| DL(4) | SL(4) | ++-+-+-+-+-+-+-+-+ +|1|X X X X X X X| ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +| Version (32) = 0 | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +| DL(4) | SL(4) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -| Version (32) = 0 | -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Supported Version 1 (32) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | [Supported Version 2 (32)] | diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index a386a42523..da29b3d65e 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -367,15 +367,17 @@ keys are established. ~~~~~ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -|1| Type (7) |DCIL(4)|SCIL(4)| ++-+-+-+-+-+-+-+-+ +|1| Type (7) | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +| Version (32) | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +|DCIL(4)|SCIL(4)| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -| Version (32) | -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Packet Number (32) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Payload (*) ... @@ -401,6 +403,12 @@ Long Packet Type: indicate one of 128 packet types. The types specified for this version are listed in {{long-packet-types}}. +Version: + +: The QUIC Version is a 32-bit field that follows the Type. This field + indicates which version of QUIC is in use and determines how the rest of the + protocol fields are interpreted. + DCIL and SCIL: : Octet 1 contains the lengths of the two connection ID fields that follow it. @@ -425,15 +433,9 @@ Source Connection ID: length or between 8 and 22 octets. {{connection-id}} describes the use of this field in more detail. -Version: - -: The QUIC Version is a 32-bit field that follows the Source Connection - ID. This field indicates which version of QUIC is in use and determines how - the rest of the protocol fields are interpreted. - Packet Number: -: The Packet Number is a 32-bit field that follows the Version. +: The Packet Number is a 32-bit field that follows the two connection IDs. {{packet-numbers}} describes the use of packet numbers. Payload: @@ -557,9 +559,9 @@ versions of QUIC are interpreted. ## Version Negotiation Packet {#packet-version} A Version Negotiation packet is inherently not version-specific, and does not -use the packet headers defined above. Upon receipt by a client, it will appear -to be a packet using the long header, but will be identified as a Version -Negotiation packet based on the Version field. +use the long packet header (see {{long-header}}. Upon receipt by a client, it +will appear to be a packet using the long header, but will be identified as a +Version Negotiation packet based on the Version field having a value of 0. The Version Negotiation packet is a response to a client packet that contains a version that is not supported by the server, and is only sent by servers. @@ -569,15 +571,17 @@ The layout of a Version Negotiation packet is: ~~~ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -|1| Unused (7) |DCIL(4)|SCIL(4)| ++-+-+-+-+-+-+-+-+ +|1| Unused (7) | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +| Version (32) | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +|DCIL(4)|SCIL(4)| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Connection ID (0/64..176) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -| Version (32) | -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Supported Version 1 (32) ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | [Supported Version 2 (32)] ... @@ -591,6 +595,8 @@ The layout of a Version Negotiation packet is: The value in the Unused field is selected randomly by the server. +The Version field of a Version Negotiation packet MUST be set to 0x00000000. + The server MUST include the value from the Source Connection ID field of the packet it receives in the Destination Connection ID field. The value for Source Connection ID MUST be copied from the Destination Connection ID of the received @@ -599,8 +605,6 @@ connection IDs gives clients some assurance that the server received the packet and that the Version Negotiation packet was not generated by an off-path attacker. -The Version field of a Version Negotiation packet MUST be set to 0x00000000. - The remainder of the Version Negotiation packet is a list of 32-bit versions which the server supports.