Skip to content

Commit

Permalink
Script updating gh-pages from eed767a. [ci skip]
Browse files Browse the repository at this point in the history
  • Loading branch information
ID Bot committed Oct 30, 2020
1 parent 7ffc13a commit a6bffc6
Show file tree
Hide file tree
Showing 2 changed files with 229 additions and 161 deletions.
56 changes: 34 additions & 22 deletions draft-ietf-quic-load-balancers.html
View file
Expand Up @@ -1884,6 +1884,14 @@ <h3 id="name-shared-state-retry-service">
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Client IP Address (128) +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ODCIL | RSCIL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Original Destination Connection ID (0..160) |
Expand All @@ -1895,14 +1903,6 @@ <h3 id="name-shared-state-retry-service">
| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Client IP Address (128) +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Timestamp (64) +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Expand Down Expand Up @@ -1966,18 +1966,26 @@ <h4 id="name-service-requirements-2">
<h4 id="name-server-requirements-2">
<a href="#section-6.3.3" class="section-number selfRef">6.3.3. </a><a href="#name-server-requirements-2" class="section-name selfRef">Server Requirements</a>
</h4>
<p id="section-6.3.3-1">The server MUST validate all tokens that arrive in Initial packets, as they
may have bypassed the Retry service. It SHOULD use the date-time field to apply
its expiration limits for tokens. This need not be synchronized with the retry
service. However, servers MAY allow retry tokens marked as being a few seconds
in the future, due to possible clock synchronization issues.<a href="#section-6.3.3-1" class="pilcrow"></a></p>
<p id="section-6.3.3-2">After decrypting the token, the server uses the corresponding fields to
<p id="section-6.3.3-1">When issuing Retry or NEW_TOKEN tokens, the server MUST encode the client IP
address in the first 16 octets and encrypt that block with the token key. It
MAY use any format or encryption for the remainder of the token. However, it
MUST include a means of distinguishing service-generated Retry tokens,
server-generated Retry tokens (if different), and NEW_TOKEN tokens.<a href="#section-6.3.3-1" class="pilcrow"></a></p>
<p id="section-6.3.3-2">The server MUST validate all tokens that arrive in Initial packets, as they
may have bypassed the Retry service.<a href="#section-6.3.3-2" class="pilcrow"></a></p>
<p id="section-6.3.3-3">For Retry tokens that follow the format above, servers SHOULD use the date-time
field to apply its expiration limits for tokens. This need not be precisely
synchronized with the retry service. However, servers MAY allow retry tokens
marked as being a few seconds in the future, due to possible clock
synchronization issues.<a href="#section-6.3.3-3" class="pilcrow"></a></p>
<p id="section-6.3.3-4">After decrypting the token, the server uses the corresponding fields to
populate the original_destination_connection_id transport parameter, with a
length equal to ODCIL, and the retry_source_connection_id transport parameter,
with length equal to RSCIL.<a href="#section-6.3.3-2" class="pilcrow"></a></p>
<p id="section-6.3.3-3">For QUIC versions the service not support, the server MAY use any token format.<a href="#section-6.3.3-3" class="pilcrow"></a></p>
<p id="section-6.3.3-4">As discussed in <span>[<a href="#QUIC-TRANSPORT" class="xref">QUIC-TRANSPORT</a>]</span>, a server MUST NOT send a Retry packet in
response to an Initial packet that contains a retry token.<a href="#section-6.3.3-4" class="pilcrow"></a></p>
with length equal to RSCIL.<a href="#section-6.3.3-4" class="pilcrow"></a></p>
<p id="section-6.3.3-5">For QUIC versions the service does not support, the server MAY use any token
format.<a href="#section-6.3.3-5" class="pilcrow"></a></p>
<p id="section-6.3.3-6">As discussed in <span>[<a href="#QUIC-TRANSPORT" class="xref">QUIC-TRANSPORT</a>]</span>, a server MUST NOT send a Retry packet in
response to an Initial packet that contains a retry token.<a href="#section-6.3.3-6" class="pilcrow"></a></p>
</section>
</div>
</section>
Expand Down Expand Up @@ -2433,13 +2441,17 @@ <h2 id="name-since-draft-ietf-quic-load-">
<a href="#section-c.1" class="section-number selfRef">C.1. </a><a href="#name-since-draft-ietf-quic-load-" class="section-name selfRef">since draft-ietf-quic-load-balancers-04</a>
</h2>
<ul class="normal">
<li class="normal" id="section-c.1-1.1">Eliminated zero padding from the test vectors<a href="#section-c.1-1.1" class="pilcrow"></a>
<li class="normal" id="section-c.1-1.1">Rearranged the shared-state retry token to simplify token processing<a href="#section-c.1-1.1" class="pilcrow"></a>
</li>
<li class="normal" id="section-c.1-1.2">More compact timestamp in shared-state retry token<a href="#section-c.1-1.2" class="pilcrow"></a>
</li>
<li class="normal" id="section-c.1-1.3">Revised server requirements for shared-state retries<a href="#section-c.1-1.3" class="pilcrow"></a>
</li>
<li class="normal" id="section-c.1-1.2">Added server use bytes to the test vectors<a href="#section-c.1-1.2" class="pilcrow"></a>
<li class="normal" id="section-c.1-1.4">Eliminated zero padding from the test vectors<a href="#section-c.1-1.4" class="pilcrow"></a>
</li>
<li class="normal" id="section-c.1-1.3">Additional compliant DCID criteria<a href="#section-c.1-1.3" class="pilcrow"></a>
<li class="normal" id="section-c.1-1.5">Added server use bytes to the test vectors<a href="#section-c.1-1.5" class="pilcrow"></a>
</li>
<li class="normal" id="section-c.1-1.4">More compact timestamp in Retry token<a href="#section-c.1-1.4" class="pilcrow"></a>
<li class="normal" id="section-c.1-1.6">Additional compliant DCID criteria<a href="#section-c.1-1.6" class="pilcrow"></a>
</li>
</ul>
</section>
Expand Down

0 comments on commit a6bffc6

Please sign in to comment.