From 7b35e1d40f9703e094dfb484b8d897675b7cf843 Mon Sep 17 00:00:00 2001 From: EKR Date: Tue, 6 Jun 2017 14:29:32 +0200 Subject: [PATCH] Require the client to detect partly bogus version negotiation packets in which the server sends back the client's version, as servers aren't supposed to do this. --- draft-ietf-quic-transport.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 7cd2f9e4de..4cd704f107 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -933,7 +933,10 @@ proceeds with the handshake ({{handshake}}). This commits the server to the version that the client selected. When the client receives a Version Negotiation packet from the server, it should -select an acceptable protocol version. If the server lists an acceptable +select an acceptable protocol version. If the packet contains the version that +the client initially offered, the client MUST terminate the connection +using a QUIC_INVALID_VERSION_NEGOTIATION_PACKET error. +If the server lists an acceptable version, the client selects that version and reattempts to create a connection using that version. Though the contents of a packet might not change in response to version negotiation, a client MUST increase the packet number it