Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QUIC-TLS Extension and version negotiation #99

Closed
wants to merge 4 commits into from
Closed

QUIC-TLS Extension and version negotiation #99

wants to merge 4 commits into from

Conversation

MikeBishop
Copy link
Contributor

Proposal on how to define the TLS extension for QUIC, and thereby fix up some of the version negotiation issues (#89, #97).

Key changes:

  • TLS doc does define the QUIC extension, but it simply contains an opaque blob transported for whichever QUIC version is being used.
  • Parameters encoding is specified, and is more "TLS-y" than the current protocol -- an enum of possible parameters, carried as numbers rather than strings where appropriate, etc. Plenty of room to add additional parameters, but unrecognized parameters here will be fatal unless we add an explicit length.
  • Server's version list is always required in TLS extension, even if no Version Negotiation packet was sent. Client MAY open a new connection immediately if it discovers the server would have supported a newer version, and SHOULD use the newer version next time.
  • Server SHOULD pick an application protocol supported by the client's proposed version; Version Negotiation only if no overlap on the current version.

@MikeBishop MikeBishop mentioned this pull request Dec 23, 2016
Closed
@martinthomson
Copy link
Member

I think that this is better off moved to the -transport document. If it's OK with you, I plan to move your text there. I think that keeps the separation of concerns cleaner.

This was referenced Jan 4, 2017
Merged
Merged
@MikeBishop
Copy link
Contributor Author

I kind of disagree -- I was trying to keep anything TLS-specfic out of the Transport doc. Remember that QUIC doesn't know that the crypto protocol is necessarily TLS. Defining that any handshake MUST be able to transport a blob and then defining how TLS will transport the opaque data keeps the components separate.

@martinthomson
Copy link
Member

Actually, I made that comment without really reading what you had done. I prefer this structure. I've built on and fleshed it out more in #122.

@MikeBishop MikeBishop mentioned this pull request Jan 14, 2017
Closed
ghedo
ghedo reviewed Jan 15, 2017
View reviewed changes
draft-ietf-quic-tls.md
MUST abort the connection. A client MUST abort a connection if the server picks
an incompatible version of QUIC version and ALPN.
If the server cannot select a compatible combination of ALPN identifier and QUIC
version, it MUST abort the connection. A client MUST abort a connection if the
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this specify which error to use?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, generally we need to identify error codes. But until we have #37 fixed, I think that we can afford to be a little bit lenient on PRs that describe error conditions.

@martinthomson martinthomson mentioned this pull request Jan 24, 2017
Closed
@martinthomson
Copy link
Member

Since we have #122 and this is bitrotten, closing this.

@MikeBishop MikeBishop deleted the version_negotiation branch February 7, 2017 21:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinthomson martinthomson martinthomson left review comments

@ghedo ghedo ghedo left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@MikeBishop @martinthomson @ghedo