From f8c12c96f83a858f129a3fcde09500de0bb5ea2d Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Wed, 8 Aug 2018 11:35:42 +1000 Subject: [PATCH 1/2] Fixed length CID or encode length somehow Closes #1639. --- draft-ietf-quic-transport.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index dc41c27fc2..97d779298b 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2679,7 +2679,9 @@ endpoint receives. This design relies on the peer always sending a connection ID in its packets so that the endpoint can use the connection ID from a packet to reset the connection. An endpoint that uses this design cannot allow its peers to send -packets with a zero-length destination connection ID. +packets with a zero-length destination connection ID and need to either use a +the same connection ID length for all connections or ensure that the connection +ID encodes its own length in a common fixed portion. Revealing the Stateless Reset Token allows any entity to terminate the connection, so a value can only be used once. This method for choosing the From 587e55b5a0149c380951ee182a80dfd35e941f95 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Thu, 9 Aug 2018 07:22:40 +1000 Subject: [PATCH 2/2] Reword to be less prescriptive --- draft-ietf-quic-transport.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 97d779298b..2af7ab111d 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -2679,9 +2679,9 @@ endpoint receives. This design relies on the peer always sending a connection ID in its packets so that the endpoint can use the connection ID from a packet to reset the connection. An endpoint that uses this design cannot allow its peers to send -packets with a zero-length destination connection ID and need to either use a -the same connection ID length for all connections or ensure that the connection -ID encodes its own length in a common fixed portion. +packets with a zero-length destination connection ID and need to either use +the same connection ID length for all connections or encode the length of +the connection ID such that it can be recovered without state. Revealing the Stateless Reset Token allows any entity to terminate the connection, so a value can only be used once. This method for choosing the