Change text that describes version negotiation in terms of crypto keys. #141
Conversation
janaiyengar
added
-transport
editorial
There was a problem hiding this comment.
I support the change Martin was trying to make, but I think it could use a bit more clarification, as the existing text is a bit confusing, because it doesn't explain why the version must be specified, even though version negotiation has technically completed.
As such, I'd support a merge of the functional change Martin made with some combined text?
| @@ -411,8 +411,7 @@ have the VERSION bit set. This bit is always set on packets that are sent prior | |||
| to connection establishment. When receiving a packet that is not associated | |||
| with an existing connection, packets without a VERSION bit MUST be discarded. | |||
|
|
|||
| While there might be similarities between different versions of this protocol, | |||
| implementations have to assume that a version that it does not support uses a | |||
| Implementations have to assume that a version that it does not support uses a | |||
There was a problem hiding this comment.
nit: How about "Implementations must assume an unsupported version may use a different packet format."?
There was a problem hiding this comment.
Done, with a minor edit.
| protected packets can include a version. A client MUST NOT change the version | ||
| it uses unless it is in response to a version negotiation packet from the | ||
| server. | ||
| The client MUST set the VERSION flag on all packets until version negotiation |
There was a problem hiding this comment.
Is this section just a rollback?
|
My goal is to separate this functional change into a separate smaller PR, separate from the additions to the draft that have happened in the other PR. Technically, if we aren't requiring TLS in the QUIC document, talking about 0-RTT and 1-RTT keys pre-supposes a specific mechanism, which, if universal, ought to be documented in the "Crypto Handshake Requirements", or should be removed. Either ways, this should happen separately, so I'm changing the text back to what it described, modulo Martin's nice editorializing. |
| The client MUST set the VERSION flag on all packets until version negotiation | ||
| concludes. Version negotiation successfully concludes when the client receives a | ||
| packet from the server with the VERSION flag unset. All subsequent packets sent | ||
| by the client MUST have the VERSION flag unset. |
There was a problem hiding this comment.
Now that I've discussed this more, how about just changing this to SHOULD, since the MUST is not enforcable anyway.
There was a problem hiding this comment.
It is absolutely enforceable. Unless your point is that the presence of absence of the version field isn't authenticated, in which case I guess I'd have to concede that you don't want an attacker ADDING a version to your packet so that you would kill the connection.
If we are going with a SHOULD here, we need to explain why (and the consequences if the SHOULD is not respected, I'll open a small PR).
No description provided.