New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixed length CID or encode length somehow #1640
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2679,9 +2679,9 @@ endpoint receives. | |
This design relies on the peer always sending a connection ID in its packets so | ||
that the endpoint can use the connection ID from a packet to reset the | ||
connection. An endpoint that uses this design cannot allow its peers to send | ||
packets with a zero-length destination connection ID and need to either use a | ||
the same connection ID length for all connections or ensure that the connection | ||
ID encodes its own length in a common fixed portion. | ||
packets with a zero-length destination connection ID and need to either use | ||
the same connection ID length for all connections or encode the length of | ||
the connection ID such that it can be recovered without state. | ||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It is not necessary to have a fixed portion. You can use bit 7 of each octet to indicate if there is more. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yeah, that might be a little more specific than is needed. You could just say "...connection ID encodes its own length in a method the server can recover without state." There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Agreed, you could even use trial decryption if you really wanted :) |
||
Revealing the Stateless Reset Token allows any entity to terminate the | ||
connection, so a value can only be used once. This method for choosing the | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Late to the party, but this is pretty hard to read. I believe that it is intended to say:
(1) must not use a zero-length CID
(2) must have CID length be either (a) constant or (b) encoded in the CID itself
But the use of "cannot allow" might instead say you can't do both of these together instead. I would instead suggest.
"an endpoint that uses this design MUST either use the same connection ID length for all connections or encode the length of the connection ID such that it can be recovered without state. In addition, it MUST NOT provide zero-length destination connection IDs to its peers".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, a better formulation. Pushed to master.