From 8d344bd9b1e0b8fb390c7c606d0fb0f8d1b7747b Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Fri, 14 Dec 2018 13:08:37 +1100 Subject: [PATCH 1/2] The first Initial needs to fit into a single IP packet Not sure if this needs to address IP fragmentation. --- draft-ietf-quic-transport.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 358fa99d60..a7802844d8 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -3081,14 +3081,14 @@ corrupt ECN codepoints in the IP header. The QUIC packet size includes the QUIC header and protected payload, but not the UDP or IP header. -Clients MUST ensure they send the first Initial packet in a UDP datagram that is -at least 1200 bytes. The payload of a UDP datagram carrying the Initial packet -MUST be expanded to at least 1200 bytes, by adding PADDING frames to the Initial -packet and/or by combining the Initial packet with a 0-RTT packet (see -{{packet-coalesce}}). Sending a UDP datagram of this size ensures that the -network path supports a reasonable Maximum Transmission Unit (MTU), and helps -reduce the amplitude of amplification attacks caused by server responses toward -an unverified client address, see {{address-validation}}. +Clients MUST ensure they send the first Initial packet in single IP packet. The +payload of a UDP datagram carrying the first Initial packet MUST be expanded to +at least 1200 bytes, by adding PADDING frames to the Initial packet and/or by +combining the Initial packet with a 0-RTT packet (see {{packet-coalesce}}). +Sending a UDP datagram of this size ensures that the network path supports a +reasonable Maximum Transmission Unit (MTU), and helps reduce the amplitude of +amplification attacks caused by server responses toward an unverified client +address, see {{address-validation}}. The datagram containing the first Initial packet from a client MAY exceed 1200 bytes if the client believes that the Path Maximum Transmission Unit (PMTU) From a326fecbd2945809f20848dc0901ab55eef409f7 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Mon, 17 Dec 2018 13:49:53 +1100 Subject: [PATCH 2/2] Also applies after Retry --- draft-ietf-quic-transport.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index a7802844d8..4c33badea3 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -3081,9 +3081,12 @@ corrupt ECN codepoints in the IP header. The QUIC packet size includes the QUIC header and protected payload, but not the UDP or IP header. -Clients MUST ensure they send the first Initial packet in single IP packet. The -payload of a UDP datagram carrying the first Initial packet MUST be expanded to -at least 1200 bytes, by adding PADDING frames to the Initial packet and/or by +Clients MUST ensure they send the first Initial packet in single IP packet. +Similarly, the first Initial packet sent after receiving a Retry packet MUST be +sent in a single IP packet. + +The payload of a UDP datagram carrying the first Initial packet MUST be expanded +to at least 1200 bytes, by adding PADDING frames to the Initial packet and/or by combining the Initial packet with a 0-RTT packet (see {{packet-coalesce}}). Sending a UDP datagram of this size ensures that the network path supports a reasonable Maximum Transmission Unit (MTU), and helps reduce the amplitude of