-
Notifications
You must be signed in to change notification settings - Fork 204
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
forbid empty NEW_TOKEN frames #2977
forbid empty NEW_TOKEN frames #2977
Conversation
draft-ietf-quic-transport.md
Outdated
@@ -4843,7 +4843,8 @@ Token Length: | |||
|
|||
Token: | |||
|
|||
: An opaque blob that the client may use with a future Initial packet. | |||
: An opaque blob that the client may use with a future Initial packet. The token | |||
MUST NOT be empty. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you want to specify the connection close error to use if it's empty?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd use a FRAME_ENCODING_ERROR error here. However, for other invalid frame errors we use PROTOCOL_VIOLATION. Not sure if that's something we want to address at some point.
Like @ianswett, I would like the spec to specify the error code. I don't care which it is. |
Consensus was declared on this PR a couple of days ago. Can we get this merged, and deal with the error code requested by @ianswett and @martinduke as part of #3027? |
Closes #2978.
If we allow empty NEW_TOKEN frames, the receiver would have to check that the token is not empty before saving and reusing it, so it seems slightly easier to forbid this nonsensical edge case.