New section on SNI parsing and appendix on Google QUIC #124
Conversation
This PR adds a new section on extracting the SNI. I also copied (most of) the pseudo code from Davids document into the appendix. We need to decide if we want to keep this and if so, potentially add some more explanation there. Also we could further strengthen the point out that both the 5-tuple and conn ID can change (as in David's doc). There is already text directly following the new SNI section on "flow association". If we want stronger text there, maybe we can capture that in a separate issue though.
There was a problem hiding this comment.
thanks for this! one major comment agreeing with @martinthomson: the appendix should drop some details of parsing Google QUIC, especially crypto frame extraction. otherwise a few nits.
draft-ietf-quic-manageability.md
Outdated
|
|
||
| # Appendix | ||
|
|
||
| ## Handling of Google QUIC {#sec-google-version} |
There was a problem hiding this comment.
I agree with @martinthomson here: beyond this section (mentioning the version numbers) and its first subsection (explaining how to differentiate Google and IETF QUIC), I'd scrub references to Google QUIC from the rest of the pseudocode, and split the appendix in two (first appendix: recognizing google quic; second appendix: initial salt (IETF only) and crypto frame extraction (IETF only)
There was a problem hiding this comment.
Okay, I removed the salt section entirely (because I think that value should be in the tls draft and only there) and cut down the crypto frame part to IETF QUIC only.
|
|
||
| This sections contains algorithms that allows parsing versions from both | ||
| Google QUIC and IETF QUIC. These mechanisms will become | ||
| irrelevant when IETF QUIC is fully deployed and Google QUIC is deprecated. |
There was a problem hiding this comment.
Add something here noting that the rest of this document says nothing about Google QUIC.
Co-authored-by: Brian Trammell <ietf@trammell.ch> Co-authored-by: Martin Thomson <mt@lowentropy.net>
|
fixes #75 |
This PR adds a new section on extracting the SNI. I also copied (most of) the pseudo code from Davids document into the appendix. We need to decide if we want to keep this and if so, potentially add some more explanation there.
Also we could further strengthen the point out that both the 5-tuple and conn ID can change (as in David's doc). There is already text directly following the new SNI section on "flow association". If we want stronger text there, maybe we can capture that in a separate issue though.