Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

minimum valid packet size is an example #4396

Merged
merged 1 commit into from Nov 21, 2020
Merged

minimum valid packet size is an example #4396

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 changes: 3 additions & 3 deletions draft-ietf-quic-transport.md
View file
Open in desktop
Expand Up @@ -3056,9 +3056,9 @@ An endpoint MUST NOT send a stateless reset that is three times or more larger
than the packet it receives to avoid being used for amplification.
{{reset-looping}} describes additional limits on stateless reset size.

Endpoints MUST discard packets that are too small to be valid QUIC packets.
With the set of AEAD functions defined in {{QUIC-TLS}}, packets that are smaller
than 21 bytes are never valid.
Endpoints MUST discard packets that are too small to be valid QUIC packets. To
give an example, with the set of AEAD functions defined in {{QUIC-TLS}}, short
header packets that are smaller than 21 bytes are never valid.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this new text, but I think we need to be explicit about what the minimum length is for long headers (including VN).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if we can provide exact limits, because the minimum valid size of packets depend on:

  • packet type
  • CID being used by the endpoint
  • extensions being negotiated

In practice, I'd assume that endpoints do not hard-code the numbers provided here (e.g., 21), but rather try to parse the structure of the packets, and discard if they fail. Assuming that's the way people implement, it is not important to explain what the numbers are.


Endpoints MUST send stateless reset packets formatted as a packet with a short
header. However, endpoints MUST treat any packet ending in a valid stateless
Expand Down