draft-ietf-quic-transport-21.txt   draft-ietf-quic-transport-22.txt 
QUIC J. Iyengar, Ed. QUIC J. Iyengar, Ed.
Internet-Draft Fastly Internet-Draft Fastly
Intended status: Standards Track M. Thomson, Ed. Intended status: Standards Track M. Thomson, Ed.
Expires: January 9, 2020 Mozilla Expires: January 10, 2020 Mozilla
July 08, 2019 July 09, 2019
QUIC: A UDP-Based Multiplexed and Secure Transport QUIC: A UDP-Based Multiplexed and Secure Transport
draft-ietf-quic-transport-21 draft-ietf-quic-transport-22
Abstract Abstract
This document defines the core of the QUIC transport protocol. This document defines the core of the QUIC transport protocol.
Accompanying documents describe QUIC's loss detection and congestion Accompanying documents describe QUIC's loss detection and congestion
control and the use of TLS for key negotiation. control and the use of TLS for key negotiation.
Note to Readers Note to Readers
Discussion of this draft takes place on the QUIC working group Discussion of this draft takes place on the QUIC working group
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 9, 2020. This Internet-Draft will expire on January 10, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 4, line 22 skipping to change at page 4, line 22
14.3. Datagram Packetization Layer PMTU Discovery . . . . . . 78 14.3. Datagram Packetization Layer PMTU Discovery . . . . . . 78
14.3.1. PMTU Probes Containing Source Connection ID . . . . 78 14.3.1. PMTU Probes Containing Source Connection ID . . . . 78
15. Versions . . . . . . . . . . . . . . . . . . . . . . . . . . 79 15. Versions . . . . . . . . . . . . . . . . . . . . . . . . . . 79
16. Variable-Length Integer Encoding . . . . . . . . . . . . . . 80 16. Variable-Length Integer Encoding . . . . . . . . . . . . . . 80
17. Packet Formats . . . . . . . . . . . . . . . . . . . . . . . 80 17. Packet Formats . . . . . . . . . . . . . . . . . . . . . . . 80
17.1. Packet Number Encoding and Decoding . . . . . . . . . . 81 17.1. Packet Number Encoding and Decoding . . . . . . . . . . 81
17.2. Long Header Packets . . . . . . . . . . . . . . . . . . 82 17.2. Long Header Packets . . . . . . . . . . . . . . . . . . 82
17.2.1. Version Negotiation Packet . . . . . . . . . . . . . 84 17.2.1. Version Negotiation Packet . . . . . . . . . . . . . 84
17.2.2. Initial Packet . . . . . . . . . . . . . . . . . . . 86 17.2.2. Initial Packet . . . . . . . . . . . . . . . . . . . 86
17.2.3. 0-RTT . . . . . . . . . . . . . . . . . . . . . . . 88 17.2.3. 0-RTT . . . . . . . . . . . . . . . . . . . . . . . 88
17.2.4. Handshake Packet . . . . . . . . . . . . . . . . . . 89 17.2.4. Handshake Packet . . . . . . . . . . . . . . . . . . 90
17.2.5. Retry Packet . . . . . . . . . . . . . . . . . . . . 90 17.2.5. Retry Packet . . . . . . . . . . . . . . . . . . . . 91
17.3. Short Header Packets . . . . . . . . . . . . . . . . . . 93 17.3. Short Header Packets . . . . . . . . . . . . . . . . . . 93
17.3.1. Latency Spin Bit . . . . . . . . . . . . . . . . . . 94 17.3.1. Latency Spin Bit . . . . . . . . . . . . . . . . . . 95
18. Transport Parameter Encoding . . . . . . . . . . . . . . . . 96 18. Transport Parameter Encoding . . . . . . . . . . . . . . . . 96
18.1. Transport Parameter Definitions . . . . . . . . . . . . 97 18.1. Transport Parameter Definitions . . . . . . . . . . . . 97
19. Frame Types and Formats . . . . . . . . . . . . . . . . . . . 100 19. Frame Types and Formats . . . . . . . . . . . . . . . . . . . 100
19.1. PADDING Frame . . . . . . . . . . . . . . . . . . . . . 100 19.1. PADDING Frame . . . . . . . . . . . . . . . . . . . . . 101
19.2. PING Frame . . . . . . . . . . . . . . . . . . . . . . . 100 19.2. PING Frame . . . . . . . . . . . . . . . . . . . . . . . 101
19.3. ACK Frames . . . . . . . . . . . . . . . . . . . . . . . 101 19.3. ACK Frames . . . . . . . . . . . . . . . . . . . . . . . 101
19.3.1. ACK Ranges . . . . . . . . . . . . . . . . . . . . . 102 19.3.1. ACK Ranges . . . . . . . . . . . . . . . . . . . . . 103
19.3.2. ECN Counts . . . . . . . . . . . . . . . . . . . . . 104 19.3.2. ECN Counts . . . . . . . . . . . . . . . . . . . . . 105
19.4. RESET_STREAM Frame . . . . . . . . . . . . . . . . . . . 105 19.4. RESET_STREAM Frame . . . . . . . . . . . . . . . . . . . 106
19.5. STOP_SENDING Frame . . . . . . . . . . . . . . . . . . . 105 19.5. STOP_SENDING Frame . . . . . . . . . . . . . . . . . . . 106
19.6. CRYPTO Frame . . . . . . . . . . . . . . . . . . . . . . 106 19.6. CRYPTO Frame . . . . . . . . . . . . . . . . . . . . . . 107
19.7. NEW_TOKEN Frame . . . . . . . . . . . . . . . . . . . . 107 19.7. NEW_TOKEN Frame . . . . . . . . . . . . . . . . . . . . 108
19.8. STREAM Frames . . . . . . . . . . . . . . . . . . . . . 107 19.8. STREAM Frames . . . . . . . . . . . . . . . . . . . . . 108
19.9. MAX_DATA Frame . . . . . . . . . . . . . . . . . . . . . 109 19.9. MAX_DATA Frame . . . . . . . . . . . . . . . . . . . . . 110
19.10. MAX_STREAM_DATA Frame . . . . . . . . . . . . . . . . . 109 19.10. MAX_STREAM_DATA Frame . . . . . . . . . . . . . . . . . 110
19.11. MAX_STREAMS Frames . . . . . . . . . . . . . . . . . . . 110 19.11. MAX_STREAMS Frames . . . . . . . . . . . . . . . . . . . 111
19.12. DATA_BLOCKED Frame . . . . . . . . . . . . . . . . . . . 111 19.12. DATA_BLOCKED Frame . . . . . . . . . . . . . . . . . . . 112
19.13. STREAM_DATA_BLOCKED Frame . . . . . . . . . . . . . . . 112 19.13. STREAM_DATA_BLOCKED Frame . . . . . . . . . . . . . . . 113
19.14. STREAMS_BLOCKED Frames . . . . . . . . . . . . . . . . . 112 19.14. STREAMS_BLOCKED Frames . . . . . . . . . . . . . . . . . 113
19.15. NEW_CONNECTION_ID Frame . . . . . . . . . . . . . . . . 113 19.15. NEW_CONNECTION_ID Frame . . . . . . . . . . . . . . . . 114
19.16. RETIRE_CONNECTION_ID Frame . . . . . . . . . . . . . . . 115 19.16. RETIRE_CONNECTION_ID Frame . . . . . . . . . . . . . . . 116
19.17. PATH_CHALLENGE Frame . . . . . . . . . . . . . . . . . . 115 19.17. PATH_CHALLENGE Frame . . . . . . . . . . . . . . . . . . 116
19.18. PATH_RESPONSE Frame . . . . . . . . . . . . . . . . . . 116 19.18. PATH_RESPONSE Frame . . . . . . . . . . . . . . . . . . 117
19.19. CONNECTION_CLOSE Frames . . . . . . . . . . . . . . . . 116 19.19. CONNECTION_CLOSE Frames . . . . . . . . . . . . . . . . 117
19.20. Extension Frames . . . . . . . . . . . . . . . . . . . . 117 19.20. Extension Frames . . . . . . . . . . . . . . . . . . . . 118
20. Transport Error Codes . . . . . . . . . . . . . . . . . . . . 118 20. Transport Error Codes . . . . . . . . . . . . . . . . . . . . 119
20.1. Application Protocol Error Codes . . . . . . . . . . . . 119 20.1. Application Protocol Error Codes . . . . . . . . . . . . 120
21. Security Considerations . . . . . . . . . . . . . . . . . . . 119 21. Security Considerations . . . . . . . . . . . . . . . . . . . 120
21.1. Handshake Denial of Service . . . . . . . . . . . . . . 119 21.1. Handshake Denial of Service . . . . . . . . . . . . . . 120
21.2. Amplification Attack . . . . . . . . . . . . . . . . . . 120 21.2. Amplification Attack . . . . . . . . . . . . . . . . . . 121
21.3. Optimistic ACK Attack . . . . . . . . . . . . . . . . . 121 21.3. Optimistic ACK Attack . . . . . . . . . . . . . . . . . 122
21.4. Slowloris Attacks . . . . . . . . . . . . . . . . . . . 121 21.4. Slowloris Attacks . . . . . . . . . . . . . . . . . . . 122
21.5. Stream Fragmentation and Reassembly Attacks . . . . . . 121 21.5. Stream Fragmentation and Reassembly Attacks . . . . . . 122
21.6. Stream Commitment Attack . . . . . . . . . . . . . . . . 122 21.6. Stream Commitment Attack . . . . . . . . . . . . . . . . 123
21.7. Explicit Congestion Notification Attacks . . . . . . . . 122 21.7. Explicit Congestion Notification Attacks . . . . . . . . 123
21.8. Stateless Reset Oracle . . . . . . . . . . . . . . . . . 123 21.8. Stateless Reset Oracle . . . . . . . . . . . . . . . . . 124
21.9. Version Downgrade . . . . . . . . . . . . . . . . . . . 123 21.9. Version Downgrade . . . . . . . . . . . . . . . . . . . 124
21.10. Targeted Attacks by Routing . . . . . . . . . . . . . . 123 21.10. Targeted Attacks by Routing . . . . . . . . . . . . . . 124
22. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 124 22. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 125
22.1. QUIC Transport Parameter Registry . . . . . . . . . . . 124 22.1. QUIC Transport Parameter Registry . . . . . . . . . . . 125
22.2. QUIC Frame Type Registry . . . . . . . . . . . . . . . . 125 22.2. QUIC Frame Type Registry . . . . . . . . . . . . . . . . 126
22.3. QUIC Transport Error Codes Registry . . . . . . . . . . 126 22.3. QUIC Transport Error Codes Registry . . . . . . . . . . 127
23. References . . . . . . . . . . . . . . . . . . . . . . . . . 128 23. References . . . . . . . . . . . . . . . . . . . . . . . . . 129
23.1. Normative References . . . . . . . . . . . . . . . . . . 129 23.1. Normative References . . . . . . . . . . . . . . . . . . 130
23.2. Informative References . . . . . . . . . . . . . . . . . 130 23.2. Informative References . . . . . . . . . . . . . . . . . 131
Appendix A. Sample Packet Number Decoding Algorithm . . . . . . 132 Appendix A. Sample Packet Number Decoding Algorithm . . . . . . 133
Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 132 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 133
B.1. Since draft-ietf-quic-transport-20 . . . . . . . . . . . 133 B.1. Since draft-ietf-quic-transport-21 . . . . . . . . . . . 134
B.2. Since draft-ietf-quic-transport-19 . . . . . . . . . . . 134 B.2. Since draft-ietf-quic-transport-20 . . . . . . . . . . . 134
B.3. Since draft-ietf-quic-transport-18 . . . . . . . . . . . 134 B.3. Since draft-ietf-quic-transport-19 . . . . . . . . . . . 135
B.4. Since draft-ietf-quic-transport-17 . . . . . . . . . . . 135 B.4. Since draft-ietf-quic-transport-18 . . . . . . . . . . . 135
B.5. Since draft-ietf-quic-transport-16 . . . . . . . . . . . 135 B.5. Since draft-ietf-quic-transport-17 . . . . . . . . . . . 136
B.6. Since draft-ietf-quic-transport-15 . . . . . . . . . . . 137 B.6. Since draft-ietf-quic-transport-16 . . . . . . . . . . . 136
B.7. Since draft-ietf-quic-transport-14 . . . . . . . . . . . 137 B.7. Since draft-ietf-quic-transport-15 . . . . . . . . . . . 138
B.8. Since draft-ietf-quic-transport-13 . . . . . . . . . . . 137 B.8. Since draft-ietf-quic-transport-14 . . . . . . . . . . . 138
B.9. Since draft-ietf-quic-transport-12 . . . . . . . . . . . 138 B.9. Since draft-ietf-quic-transport-13 . . . . . . . . . . . 138
B.10. Since draft-ietf-quic-transport-11 . . . . . . . . . . . 139 B.10. Since draft-ietf-quic-transport-12 . . . . . . . . . . . 139
B.11. Since draft-ietf-quic-transport-10 . . . . . . . . . . . 139 B.11. Since draft-ietf-quic-transport-11 . . . . . . . . . . . 140
B.12. Since draft-ietf-quic-transport-09 . . . . . . . . . . . 140 B.12. Since draft-ietf-quic-transport-10 . . . . . . . . . . . 140
B.13. Since draft-ietf-quic-transport-08 . . . . . . . . . . . 140 B.13. Since draft-ietf-quic-transport-09 . . . . . . . . . . . 141
B.14. Since draft-ietf-quic-transport-07 . . . . . . . . . . . 141 B.14. Since draft-ietf-quic-transport-08 . . . . . . . . . . . 141
B.15. Since draft-ietf-quic-transport-06 . . . . . . . . . . . 142 B.15. Since draft-ietf-quic-transport-07 . . . . . . . . . . . 142
B.16. Since draft-ietf-quic-transport-05 . . . . . . . . . . . 142 B.16. Since draft-ietf-quic-transport-06 . . . . . . . . . . . 143
B.17. Since draft-ietf-quic-transport-04 . . . . . . . . . . . 142 B.17. Since draft-ietf-quic-transport-05 . . . . . . . . . . . 143
B.18. Since draft-ietf-quic-transport-03 . . . . . . . . . . . 143 B.18. Since draft-ietf-quic-transport-04 . . . . . . . . . . . 143
B.19. Since draft-ietf-quic-transport-02 . . . . . . . . . . . 143 B.19. Since draft-ietf-quic-transport-03 . . . . . . . . . . . 144
B.20. Since draft-ietf-quic-transport-01 . . . . . . . . . . . 144 B.20. Since draft-ietf-quic-transport-02 . . . . . . . . . . . 144
B.21. Since draft-ietf-quic-transport-00 . . . . . . . . . . . 146 B.21. Since draft-ietf-quic-transport-01 . . . . . . . . . . . 145
B.22. Since draft-hamilton-quic-transport-protocol-01 . . . . . 146 B.22. Since draft-ietf-quic-transport-00 . . . . . . . . . . . 147
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 147 B.23. Since draft-hamilton-quic-transport-protocol-01 . . . . . 147
Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 147 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 148
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 147 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 148
1. Introduction 1. Introduction
QUIC is a multiplexed and secure general-purpose transport protocol QUIC is a multiplexed and secure general-purpose transport protocol
that provides: that provides:
o Stream multiplexing o Stream multiplexing
o Stream and connection-level flow control o Stream and connection-level flow control
skipping to change at page 34, line 25 skipping to change at page 34, line 25
When an Initial packet is sent by a client that has not previously When an Initial packet is sent by a client that has not previously
received an Initial or Retry packet from the server, it populates the received an Initial or Retry packet from the server, it populates the
Destination Connection ID field with an unpredictable value. This Destination Connection ID field with an unpredictable value. This
MUST be at least 8 bytes in length. Until a packet is received from MUST be at least 8 bytes in length. Until a packet is received from
the server, the client MUST use the same value unless it abandons the the server, the client MUST use the same value unless it abandons the
connection attempt and starts a new one. The initial Destination connection attempt and starts a new one. The initial Destination
Connection ID is used to determine packet protection keys for Initial Connection ID is used to determine packet protection keys for Initial
packets. packets.
The client populates the Source Connection ID field with a value of The client populates the Source Connection ID field with a value of
its choosing and sets the SCIL field to indicate the length. The its choosing and sets the SCID Len field to indicate the length.
first flight of 0-RTT packets use the same Destination and Source
The first flight of 0-RTT packets use the same Destination and Source
Connection ID values as the client's first Initial. Connection ID values as the client's first Initial.
Upon first receiving an Initial or Retry packet from the server, the Upon first receiving an Initial or Retry packet from the server, the
client uses the Source Connection ID supplied by the server as the client uses the Source Connection ID supplied by the server as the
Destination Connection ID for subsequent packets, including any Destination Connection ID for subsequent packets, including any
subsequent 0-RTT packets. That means that a client might change the subsequent 0-RTT packets. That means that a client might change the
Destination Connection ID twice during connection establishment, once Destination Connection ID twice during connection establishment, once
in response to a Retry and once in response to the first Initial in response to a Retry and once in response to the first Initial
packet from the server. Once a client has received an Initial packet packet from the server. Once a client has received an Initial packet
from the server, it MUST discard any packet it receives with a from the server, it MUST discard any packet it receives with a
skipping to change at page 57, line 20 skipping to change at page 57, line 20
protected by encryption, so only client and server know this value. protected by encryption, so only client and server know this value.
Tokens are invalidated when their associated connection ID is retired Tokens are invalidated when their associated connection ID is retired
via a RETIRE_CONNECTION_ID frame (Section 19.16). via a RETIRE_CONNECTION_ID frame (Section 19.16).
An endpoint that receives packets that it cannot process sends a An endpoint that receives packets that it cannot process sends a
packet in the following layout: packet in the following layout:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0|1| Unpredictable Bits (182..) ... |0|1| Unpredictable Bits (198..) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ + + +
| | | |
+ Stateless Reset Token (128) + + Stateless Reset Token (128) +
| | | |
+ + + +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 57, line 45 skipping to change at page 57, line 45
header. header.
A stateless reset uses an entire UDP datagram, starting with the A stateless reset uses an entire UDP datagram, starting with the
first two bits of the packet header. The remainder of the first byte first two bits of the packet header. The remainder of the first byte
and an arbitrary number of bytes following it that are set to and an arbitrary number of bytes following it that are set to
unpredictable values. The last 16 bytes of the datagram contain a unpredictable values. The last 16 bytes of the datagram contain a
Stateless Reset Token. Stateless Reset Token.
To entities other than its intended recipient, a stateless reset will To entities other than its intended recipient, a stateless reset will
appear to be a packet with a short header. For the packet to appear appear to be a packet with a short header. For the packet to appear
as valid, the Unpredictable Bits field needs to include at least 182 as valid, the Unpredictable Bits field needs to include at least 198
bits of data (or 23 bytes, less the two fixed bits). This is bits of data (or 25 bytes, less the two fixed bits). This is
intended to allow for a Destination Connection ID of the maximum intended to allow for a Destination Connection ID of the maximum
length permitted, with a minimal packet number, and payload. The length permitted, with a minimal packet number, and payload. The
Stateless Reset Token corresponds to the minimum expansion of the Stateless Reset Token corresponds to the minimum expansion of the
packet protection AEAD. More unpredictable bytes might be necessary packet protection AEAD. More unpredictable bytes might be necessary
if the endpoint could have negotiated a packet protection scheme with if the endpoint could have negotiated a packet protection scheme with
a larger minimum AEAD expansion. a larger minimum AEAD expansion.
An endpoint SHOULD NOT send a stateless reset that is significantly An endpoint SHOULD NOT send a stateless reset that is significantly
larger than the packet it receives. Endpoints MUST discard packets larger than the packet it receives. Endpoints MUST discard packets
that are too small to be valid QUIC packets. With the set of AEAD that are too small to be valid QUIC packets. With the set of AEAD
skipping to change at page 61, line 18 skipping to change at page 61, line 18
in packets eventually being too small to trigger a response. in packets eventually being too small to trigger a response.
An endpoint can remember the number of Stateless Reset packets that An endpoint can remember the number of Stateless Reset packets that
it has sent and stop generating new Stateless Reset packets once a it has sent and stop generating new Stateless Reset packets once a
limit is reached. Using separate limits for different remote limit is reached. Using separate limits for different remote
addresses will ensure that Stateless Reset packets can be used to addresses will ensure that Stateless Reset packets can be used to
close connections when other peers or connections have exhausted close connections when other peers or connections have exhausted
limits. limits.
Reducing the size of a Stateless Reset below the recommended minimum Reducing the size of a Stateless Reset below the recommended minimum
size of 39 bytes could mean that the packet could reveal to an size of 41 bytes could mean that the packet could reveal to an
observer that it is a Stateless Reset. Conversely, refusing to send observer that it is a Stateless Reset. Conversely, refusing to send
a Stateless Reset in response to a small packet might result in a Stateless Reset in response to a small packet might result in
Stateless Reset not being useful in detecting cases of broken Stateless Reset not being useful in detecting cases of broken
connections where only very small packets are sent; such failures connections where only very small packets are sent; such failures
might only be detected by other means, such as timers. might only be detected by other means, such as timers.
An endpoint can increase the odds that a packet will trigger a An endpoint can increase the odds that a packet will trigger a
Stateless Reset if it cannot be processed by padding it to at least Stateless Reset if it cannot be processed by padding it to at least
40 bytes. 42 bytes.
11. Error Handling 11. Error Handling
An endpoint that detects an error SHOULD signal the existence of that An endpoint that detects an error SHOULD signal the existence of that
error to its peer. Both transport-level and application-level errors error to its peer. Both transport-level and application-level errors
can affect an entire connection (see Section 11.1), while only can affect an entire connection (see Section 11.1), while only
application-level errors can be isolated to a single stream (see application-level errors can be isolated to a single stream (see
Section 11.2). Section 11.2).
The most appropriate error code (Section 20) SHOULD be included in The most appropriate error code (Section 20) SHOULD be included in
skipping to change at page 82, line 14 skipping to change at page 82, line 14
17.2. Long Header Packets 17.2. Long Header Packets
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|1|1|T T|X X X X| |1|1|T T|X X X X|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (32) | | Version (32) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DCIL(4)|SCIL(4)| | DCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0/32..144) ... | Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0/32..144) ... | SCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 9: Long Header Packet Format Figure 9: Long Header Packet Format
Long headers are used for packets that are sent prior to the Long headers are used for packets that are sent prior to the
establishment of 1-RTT keys. Once both conditions are met, a sender establishment of 1-RTT keys. Once both conditions are met, a sender
switches to sending packets using the short header (Section 17.3). switches to sending packets using the short header (Section 17.3).
The long form allows for special packets - such as the Version The long form allows for special packets - such as the Version
Negotiation packet - to be represented in this uniform fixed-length Negotiation packet - to be represented in this uniform fixed-length
packet format. Packets that use the long header contain the packet format. Packets that use the long header contain the
skipping to change at page 82, line 49 skipping to change at page 82, line 51
of byte 0 contain a packet type. Packet types are listed in of byte 0 contain a packet type. Packet types are listed in
Table 5. Table 5.
Type-Specific Bits (X): The lower four bits (those with a mask of Type-Specific Bits (X): The lower four bits (those with a mask of
0x0f) of byte 0 are type-specific. 0x0f) of byte 0 are type-specific.
Version: The QUIC Version is a 32-bit field that follows the first Version: The QUIC Version is a 32-bit field that follows the first
byte. This field indicates which version of QUIC is in use and byte. This field indicates which version of QUIC is in use and
determines how the rest of the protocol fields are interpreted. determines how the rest of the protocol fields are interpreted.
DCIL and SCIL: The byte following the version contains the lengths DCID Len: The byte following the version contains the lengths of the
of the two connection ID fields that follow it. These lengths are two connection ID fields that follow it. These lengths are
encoded as two 4-bit unsigned integers. The Destination encoded as two 4-bit unsigned integers. The Destination
Connection ID Length (DCIL) field occupies the 4 high bits of the Connection ID Length (DCIL) field occupies the 4 high bits of the
byte and the Source Connection ID Length (SCIL) field occupies the byte and the Source Connection ID Length (SCIL) field occupies the
4 low bits of the byte. An encoded length of 0 indicates that the 4 low bits of the byte. An encoded length of 0 indicates that the
connection ID is also 0 bytes in length. Non-zero encoded lengths connection ID is also 0 bytes in length. Non-zero encoded lengths
are increased by 3 to get the full length of the connection ID, are increased by 3 to get the full length of the connection ID,
producing a length between 4 and 18 bytes inclusive. For example, producing a length between 4 and 18 bytes inclusive. For example,
a byte with the value 0x50 describes an 8-byte Destination a byte with the value 0x50 describes an 8-byte Destination
Connection ID and a zero-length Source Connection ID. Connection ID and a zero-length Source Connection ID.
Destination Connection ID: The Destination Connection ID field Destination Connection ID: The Destination Connection ID field
follows the connection ID lengths and is either 0 bytes in length follows the DCID Len and is between 0 and 20 bytes in length.
or between 4 and 18 bytes. Section 7.2 describes the use of this Section 7.2 describes the use of this field in more detail.
field in more detail.
SCID Len: The byte following the Destination Connection ID contains
the length in bytes of the Source Connection ID field that follows
it. This length is encoded as a 8-bit unsigned integer. In QUIC
version 1, this value MUST NOT exceed 20 bytes. Endpoints that
receive a version 1 long header with a value larger than 20 MUST
drop the packet. Servers SHOULD be able to read longer connection
IDs from other QUIC versions in order to properly form a version
negotiation packet.
Source Connection ID: The Source Connection ID field follows the Source Connection ID: The Source Connection ID field follows the
Destination Connection ID and is either 0 bytes in length or SCID Len and is between 0 and 20 bytes in length. Section 7.2
between 4 and 18 bytes. Section 7.2 describes the use of this describes the use of this field in more detail.
field in more detail.
In this version of QUIC, the following packet types with the long In this version of QUIC, the following packet types with the long
header are defined: header are defined:
+------+-----------+----------------+ +------+-----------+----------------+
| Type | Name | Section | | Type | Name | Section |
+------+-----------+----------------+ +------+-----------+----------------+
| 0x0 | Initial | Section 17.2.2 | | 0x0 | Initial | Section 17.2.2 |
| | | | | | | |
| 0x1 | 0-RTT | Section 17.2.3 | | 0x1 | 0-RTT | Section 17.2.3 |
skipping to change at page 85, line 12 skipping to change at page 85, line 12
The layout of a Version Negotiation packet is: The layout of a Version Negotiation packet is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|1| Unused (7) | |1| Unused (7) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (32) | | Version (32) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DCIL(4)|SCIL(4)| | DCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0/32..144) ... | Destination Connection ID (0..2040) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0/32..144) ... | SCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0..2040) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Supported Version 1 (32) ... | Supported Version 1 (32) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| [Supported Version 2 (32)] ... | [Supported Version 2 (32)] ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
... ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| [Supported Version N (32)] ... | [Supported Version N (32)] ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 85, line 46 skipping to change at page 85, line 48
The server MUST include the value from the Source Connection ID field The server MUST include the value from the Source Connection ID field
of the packet it receives in the Destination Connection ID field. of the packet it receives in the Destination Connection ID field.
The value for Source Connection ID MUST be copied from the The value for Source Connection ID MUST be copied from the
Destination Connection ID of the received packet, which is initially Destination Connection ID of the received packet, which is initially
randomly selected by a client. Echoing both connection IDs gives randomly selected by a client. Echoing both connection IDs gives
clients some assurance that the server received the packet and that clients some assurance that the server received the packet and that
the Version Negotiation packet was not generated by an off-path the Version Negotiation packet was not generated by an off-path
attacker. attacker.
As future versions of QUIC may support Connection IDs larger than the
version 1 limit, Version Negotiation packets could carry Connection
IDs that are longer than 20 bytes.
The remainder of the Version Negotiation packet is a list of 32-bit The remainder of the Version Negotiation packet is a list of 32-bit
versions which the server supports. versions which the server supports.
A Version Negotiation packet cannot be explicitly acknowledged in an A Version Negotiation packet cannot be explicitly acknowledged in an
ACK frame by a client. Receiving another Initial packet implicitly ACK frame by a client. Receiving another Initial packet implicitly
acknowledges a Version Negotiation packet. acknowledges a Version Negotiation packet.
The Version Negotiation packet does not include the Packet Number and The Version Negotiation packet does not include the Packet Number and
Length fields present in other packets that use the long header form. Length fields present in other packets that use the long header form.
Consequently, a Version Negotiation packet consumes an entire UDP Consequently, a Version Negotiation packet consumes an entire UDP
skipping to change at page 86, line 26 skipping to change at page 86, line 33
An Initial packet uses long headers with a type value of 0x0. It An Initial packet uses long headers with a type value of 0x0. It
carries the first CRYPTO frames sent by the client and server to carries the first CRYPTO frames sent by the client and server to
perform key exchange, and carries ACKs in either direction. perform key exchange, and carries ACKs in either direction.
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|1|1| 0 |R R|P P| |1|1| 0 |R R|P P|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (32) | | Version (32) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DCIL(4)|SCIL(4)| | DCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0/32..144) ... | Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0/32..144) ... | SCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Token Length (i) ... | Token Length (i) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Token (*) ... | Token (*) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length (i) ... | Length (i) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet Number (8/16/24/32) ... | Packet Number (8/16/24/32) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload (*) ... | Payload (*) ...
skipping to change at page 88, line 36 skipping to change at page 89, line 10
can accept or reject this early data. can accept or reject this early data.
See Section 2.3 of [TLS13] for a discussion of 0-RTT data and its See Section 2.3 of [TLS13] for a discussion of 0-RTT data and its
limitations. limitations.
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|1|1| 1 |R R|P P| |1|1| 1 |R R|P P|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (32) | | Version (32) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DCIL(4)|SCIL(4)| | DCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0/32..144) ... | Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0/32..144) ... | SCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length (i) ... | Length (i) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet Number (8/16/24/32) ... | Packet Number (8/16/24/32) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload (*) ... | Payload (*) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0-RTT Packet 0-RTT Packet
skipping to change at page 90, line 10 skipping to change at page 90, line 25
followed by the Length and Packet Number fields. The first byte followed by the Length and Packet Number fields. The first byte
contains the Reserved and Packet Number Length bits. It is used to contains the Reserved and Packet Number Length bits. It is used to
carry acknowledgments and cryptographic handshake messages from the carry acknowledgments and cryptographic handshake messages from the
server and client. server and client.
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|1|1| 2 |R R|P P| |1|1| 2 |R R|P P|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (32) | | Version (32) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DCIL(4)|SCIL(4)| | DCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0/32..144) ... | Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0/32..144) ... | SCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length (i) ... | Length (i) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet Number (8/16/24/32) ... | Packet Number (8/16/24/32) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload (*) ... | Payload (*) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 12: Handshake Protected Packet Figure 12: Handshake Protected Packet
skipping to change at page 91, line 8 skipping to change at page 91, line 27
17.2.5. Retry Packet 17.2.5. Retry Packet
A Retry packet uses a long packet header with a type value of 0x3. A Retry packet uses a long packet header with a type value of 0x3.
It carries an address validation token created by the server. It is It carries an address validation token created by the server. It is
used by a server that wishes to perform a retry (see Section 8.1). used by a server that wishes to perform a retry (see Section 8.1).
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|1|1| 3 | ODCIL | |1|1| 3 | Unused|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version (32) | | Version (32) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|DCIL(4)|SCIL(4)| | DCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0/32..144) ... | Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Connection ID (0/32..144) ... | SCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Original Destination Connection ID (0/32..144) ... | Source Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ODCID Len (8) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Original Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retry Token (*) ... | Retry Token (*) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 13: Retry Packet Figure 13: Retry Packet
A Retry packet (shown in Figure 13) does not contain any protected A Retry packet (shown in Figure 13) does not contain any protected
fields. In addition to the long header, it contains these additional fields. The value in the Unused field is selected randomly by the
server. In addition to the long header, it contains these additional
fields: fields:
ODCIL: The four least-significant bits of the first byte of a Retry ODCID Len: The ODCID Len contains the length in bytes of the
packet are not protected as they are for other packets with the Original Destination Connection ID field that follows it. This
long header, because Retry packets don't contain a protected length is encoded as a 8-bit unsigned integer. In QUIC version 1,
payload. These bits instead encode the length of the Original this value MUST NOT exceed 20 bytes. Clients that receive a
Destination Connection ID field. The length uses the same version 1 Retry Packet with a value larger than 20 MUST drop the
encoding as the DCIL and SCIL fields. packet.
Original Destination Connection ID: The Original Destination Original Destination Connection ID: The Original Destination
Connection ID contains the value of the Destination Connection ID Connection ID contains the value of the Destination Connection ID
from the Initial packet that this Retry is in response to. The from the Initial packet that this Retry is in response to. The
length of this field is given in ODCIL. length of this field is given in ODCID Len.
Retry Token: An opaque token that the server can use to validate the Retry Token: An opaque token that the server can use to validate the
client's address. client's address.
The server populates the Destination Connection ID with the The server populates the Destination Connection ID with the
connection ID that the client included in the Source Connection ID of connection ID that the client included in the Source Connection ID of
the Initial packet. the Initial packet.
The server includes a connection ID of its choice in the Source The server includes a connection ID of its choice in the Source
Connection ID field. This value MUST not be equal to the Destination Connection ID field. This value MUST not be equal to the Destination
skipping to change at page 93, line 28 skipping to change at page 94, line 10
17.3. Short Header Packets 17.3. Short Header Packets
This version of QUIC defines a single packet type which uses the This version of QUIC defines a single packet type which uses the
short packet header. short packet header.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|0|1|S|R|R|K|P P| |0|1|S|R|R|K|P P|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Connection ID (0..144) ... | Destination Connection ID (0..160) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet Number (8/16/24/32) ... | Packet Number (8/16/24/32) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Protected Payload (*) ... | Protected Payload (*) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 14: Short Header Packet Format Figure 14: Short Header Packet Format
The short header can be used after the version and 1-RTT keys are The short header can be used after the version and 1-RTT keys are
negotiated. Packets that use the short header contain the following negotiated. Packets that use the short header contain the following
skipping to change at page 113, line 32 skipping to change at page 114, line 32
The NEW_CONNECTION_ID frame is as follows: The NEW_CONNECTION_ID frame is as follows:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number (i) ... | Sequence Number (i) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retire Prior To (i) ... | Retire Prior To (i) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length (8) | | | Length (8) | |
+-+-+-+-+-+-+-+-+ Connection ID (32..144) + +-+-+-+-+-+-+-+-+ Connection ID (8..160) +
| ... | ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ + + +
| | | |
+ Stateless Reset Token (128) + + Stateless Reset Token (128) +
| | | |
+ + + +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
NEW_CONNECTION_ID frames contain the following fields: NEW_CONNECTION_ID frames contain the following fields:
Sequence Number: The sequence number assigned to the connection ID Sequence Number: The sequence number assigned to the connection ID
by the sender. See Section 5.1.1. by the sender. See Section 5.1.1.
Retire Prior To: A variable-length integer indicating which Retire Prior To: A variable-length integer indicating which
connection IDs should be retired. See Section 5.1.2. connection IDs should be retired. See Section 5.1.2.
Length: An 8-bit unsigned integer containing the length of the Length: An 8-bit unsigned integer containing the length of the
connection ID. Values less than 4 and greater than 18 are invalid connection ID. Values less than 1 and greater than 20 are invalid
and MUST be treated as a connection error of type and MUST be treated as a connection error of type
PROTOCOL_VIOLATION. PROTOCOL_VIOLATION.
Connection ID: A connection ID of the specified length. Connection ID: A connection ID of the specified length.
Stateless Reset Token: A 128-bit value that will be used for a Stateless Reset Token: A 128-bit value that will be used for a
stateless reset when the associated connection ID is used (see stateless reset when the associated connection ID is used (see
Section 10.4). Section 10.4).
An endpoint MUST NOT send this frame if it currently requires that An endpoint MUST NOT send this frame if it currently requires that
skipping to change at page 129, line 14 skipping to change at page 130, line 14
23.1. Normative References 23.1. Normative References
[DPLPMTUD] [DPLPMTUD]
Fairhurst, G., Jones, T., Tuexen, M., Ruengeler, I., and Fairhurst, G., Jones, T., Tuexen, M., Ruengeler, I., and
T. Voelker, "Packetization Layer Path MTU Discovery for T. Voelker, "Packetization Layer Path MTU Discovery for
Datagram Transports", draft-ietf-tsvwg-datagram-plpmtud-08 Datagram Transports", draft-ietf-tsvwg-datagram-plpmtud-08
(work in progress), June 2019. (work in progress), June 2019.
[QUIC-RECOVERY] [QUIC-RECOVERY]
Iyengar, J., Ed. and I. Swett, Ed., "QUIC Loss Detection Iyengar, J., Ed. and I. Swett, Ed., "QUIC Loss Detection
and Congestion Control", draft-ietf-quic-recovery-21 (work and Congestion Control", draft-ietf-quic-recovery-22 (work
in progress), July 2019. in progress), July 2019.
[QUIC-TLS] [QUIC-TLS]
Thomson, M., Ed. and S. Turner, Ed., "Using Transport Thomson, M., Ed. and S. Turner, Ed., "Using Transport
Layer Security (TLS) to Secure QUIC", draft-ietf-quic- Layer Security (TLS) to Secure QUIC", draft-ietf-quic-
tls-21 (work in progress), July 2019. tls-22 (work in progress), July 2019.
[RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191,
DOI 10.17487/RFC1191, November 1990, DOI 10.17487/RFC1191, November 1990,
<https://www.rfc-editor.org/info/rfc1191>. <https://www.rfc-editor.org/info/rfc1191>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 133, line 5 skipping to change at page 134, line 5
return candidate_pn - pn_win return candidate_pn - pn_win
return candidate_pn return candidate_pn
Appendix B. Change Log Appendix B. Change Log
*RFC Editor's Note:* Please remove this section prior to *RFC Editor's Note:* Please remove this section prior to
publication of a final version of this document. publication of a final version of this document.
Issue and pull request numbers are listed with a leading octothorp. Issue and pull request numbers are listed with a leading octothorp.
B.1. Since draft-ietf-quic-transport-20 B.1. Since draft-ietf-quic-transport-21
o Connection ID lengths are now one octet, but limited in version 1 o Connection ID lengths are now one octet, but limited in version 1
to 20 octets of length (#2736, #2749) to 20 octets of length (#2736, #2749)
B.2. Since draft-ietf-quic-transport-20
o Error codes are encoded as variable-length integers (#2672, #2680) o Error codes are encoded as variable-length integers (#2672, #2680)
o NEW_CONNECTION_ID includes a request to retire old connection IDs o NEW_CONNECTION_ID includes a request to retire old connection IDs
(#2645, #2769) (#2645, #2769)
o Tighter rules for generating and explicitly eliciting ACK frames o Tighter rules for generating and explicitly eliciting ACK frames
(#2546, #2794) (#2546, #2794)
o Recommend having only one packet per encryption level in a o Recommend having only one packet per encryption level in a
datagram (#2308, #2747) datagram (#2308, #2747)
skipping to change at page 134, line 5 skipping to change at page 135, line 5
o PATH_RESPONSE no longer needs to be received on the validated path o PATH_RESPONSE no longer needs to be received on the validated path
(#2582, #2580, #2579, #2637) (#2582, #2580, #2579, #2637)
o PATH_RESPONSE frames are not stored and retransmitted (#2724, o PATH_RESPONSE frames are not stored and retransmitted (#2724,
#2729) #2729)
o Document hack for enabling routing of ICMP when doing PMTU probing o Document hack for enabling routing of ICMP when doing PMTU probing
(#1243, #2402) (#1243, #2402)
B.2. Since draft-ietf-quic-transport-19 B.3. Since draft-ietf-quic-transport-19
o Refine discussion of 0-RTT transport parameters (#2467, #2464) o Refine discussion of 0-RTT transport parameters (#2467, #2464)
o Fewer transport parameters need to be remembered for 0-RTT (#2624, o Fewer transport parameters need to be remembered for 0-RTT (#2624,
#2467) #2467)
o Spin bit text incorporated (#2564) o Spin bit text incorporated (#2564)
o Close the connection when maximum stream ID in MAX_STREAMS exceeds o Close the connection when maximum stream ID in MAX_STREAMS exceeds
2^62 - 1 (#2499, #2487) 2^62 - 1 (#2499, #2487)
skipping to change at page 134, line 32 skipping to change at page 135, line 32
o The "QUIC bit" is ignored in Version Negotiation (#2400, #2561) o The "QUIC bit" is ignored in Version Negotiation (#2400, #2561)
o Initial packets from clients need to be padded to 1200 unless a o Initial packets from clients need to be padded to 1200 unless a
Handshake packet is sent as well (#2522, #2523) Handshake packet is sent as well (#2522, #2523)
o CRYPTO frames can be discarded if too much data is buffered o CRYPTO frames can be discarded if too much data is buffered
(#1834, #2524) (#1834, #2524)
o Stateless reset uses a short header packet (#2599, #2600) o Stateless reset uses a short header packet (#2599, #2600)
B.3. Since draft-ietf-quic-transport-18 B.4. Since draft-ietf-quic-transport-18
o Removed version negotiation; version negotiation, including o Removed version negotiation; version negotiation, including
authentication of the result, will be addressed in the next authentication of the result, will be addressed in the next
version of QUIC (#1773, #2313) version of QUIC (#1773, #2313)
o Added discussion of the use of IPv6 flow labels (#2348, #2399) o Added discussion of the use of IPv6 flow labels (#2348, #2399)
o A connection ID can't be retired in a packet that uses that o A connection ID can't be retired in a packet that uses that
connection ID (#2101, #2420) connection ID (#2101, #2420)
o Idle timeout transport parameter is in milliseconds (from seconds) o Idle timeout transport parameter is in milliseconds (from seconds)
(#2453, #2454) (#2453, #2454)
o Endpoints are required to use new connection IDs when they use new o Endpoints are required to use new connection IDs when they use new
network paths (#2413, #2414) network paths (#2413, #2414)
o Increased the set of permissible frames in 0-RTT (#2344, #2355) o Increased the set of permissible frames in 0-RTT (#2344, #2355)
B.4. Since draft-ietf-quic-transport-17 B.5. Since draft-ietf-quic-transport-17
o Stream-related errors now use STREAM_STATE_ERROR (#2305) o Stream-related errors now use STREAM_STATE_ERROR (#2305)
o Endpoints discard initial keys as soon as handshake keys are o Endpoints discard initial keys as soon as handshake keys are
available (#1951, #2045) available (#1951, #2045)
o Expanded conditions for ignoring ICMP packet too big messages o Expanded conditions for ignoring ICMP packet too big messages
(#2108, #2161) (#2108, #2161)
o Remove rate control from PATH_CHALLENGE/PATH_RESPONSE (#2129, o Remove rate control from PATH_CHALLENGE/PATH_RESPONSE (#2129,
skipping to change at page 135, line 44 skipping to change at page 136, line 44
#2301) #2301)
o Allow server preferred address for both IPv4 and IPv6 (#2122, o Allow server preferred address for both IPv4 and IPv6 (#2122,
#2296) #2296)
o Corrected requirements for migration to a preferred address o Corrected requirements for migration to a preferred address
(#2146, #2349) (#2146, #2349)
o ACK of non-existent packet is illegal (#2298, #2302) o ACK of non-existent packet is illegal (#2298, #2302)
B.5. Since draft-ietf-quic-transport-16 B.6. Since draft-ietf-quic-transport-16
o Stream limits are defined as counts, not maximums (#1850, #1906) o Stream limits are defined as counts, not maximums (#1850, #1906)
o Require amplification attack defense after closing (#1905, #1911) o Require amplification attack defense after closing (#1905, #1911)
o Remove reservation of application error code 0 for STOPPING o Remove reservation of application error code 0 for STOPPING
(#1804, #1922) (#1804, #1922)
o Renumbered frames (#1945) o Renumbered frames (#1945)
skipping to change at page 137, line 5 skipping to change at page 138, line 5
o Tokens are repeated in all Initial packets (#2089) o Tokens are repeated in all Initial packets (#2089)
o Clarified how PING frames are sent after loss (#2094) o Clarified how PING frames are sent after loss (#2094)
o Initial keys are discarded once Handshake are available (#1951, o Initial keys are discarded once Handshake are available (#1951,
#2045) #2045)
o ICMP PTB validation clarifications (#2161, #2109, #2108) o ICMP PTB validation clarifications (#2161, #2109, #2108)
B.6. Since draft-ietf-quic-transport-15 B.7. Since draft-ietf-quic-transport-15
Substantial editorial reorganization; no technical changes. Substantial editorial reorganization; no technical changes.
B.7. Since draft-ietf-quic-transport-14 B.8. Since draft-ietf-quic-transport-14
o Merge ACK and ACK_ECN (#1778, #1801) o Merge ACK and ACK_ECN (#1778, #1801)
o Explicitly communicate max_ack_delay (#981, #1781) o Explicitly communicate max_ack_delay (#981, #1781)
o Validate original connection ID after Retry packets (#1710, #1486, o Validate original connection ID after Retry packets (#1710, #1486,
#1793) #1793)
o Idle timeout is optional and has no specified maximum (#1765) o Idle timeout is optional and has no specified maximum (#1765)
o Update connection ID handling; add RETIRE_CONNECTION_ID type o Update connection ID handling; add RETIRE_CONNECTION_ID type
(#1464, #1468, #1483, #1484, #1486, #1495, #1729, #1742, #1799, (#1464, #1468, #1483, #1484, #1486, #1495, #1729, #1742, #1799,
#1821) #1821)
o Include a Token in all Initial packets (#1649, #1794) o Include a Token in all Initial packets (#1649, #1794)
o Prevent handshake deadlock (#1764, #1824) o Prevent handshake deadlock (#1764, #1824)
B.8. Since draft-ietf-quic-transport-13 B.9. Since draft-ietf-quic-transport-13
o Streams open when higher-numbered streams of the same type open o Streams open when higher-numbered streams of the same type open
(#1342, #1549) (#1342, #1549)
o Split initial stream flow control limit into 3 transport o Split initial stream flow control limit into 3 transport
parameters (#1016, #1542) parameters (#1016, #1542)
o All flow control transport parameters are optional (#1610) o All flow control transport parameters are optional (#1610)
o Removed UNSOLICITED_PATH_RESPONSE error code (#1265, #1539) o Removed UNSOLICITED_PATH_RESPONSE error code (#1265, #1539)
skipping to change at page 138, line 17 skipping to change at page 139, line 17
o Permit 0-RTT after receiving Version Negotiation or Retry (#1507, o Permit 0-RTT after receiving Version Negotiation or Retry (#1507,
#1514, #1621) #1514, #1621)
o Permit Retry in response to 0-RTT (#1547, #1552) o Permit Retry in response to 0-RTT (#1547, #1552)
o Looser verification of ECN counters to account for ACK loss o Looser verification of ECN counters to account for ACK loss
(#1555, #1481, #1565) (#1555, #1481, #1565)
o Remove frame type field from APPLICATION_CLOSE (#1508, #1528) o Remove frame type field from APPLICATION_CLOSE (#1508, #1528)
B.9. Since draft-ietf-quic-transport-12 B.10. Since draft-ietf-quic-transport-12
o Changes to integration of the TLS handshake (#829, #1018, #1094, o Changes to integration of the TLS handshake (#829, #1018, #1094,
#1165, #1190, #1233, #1242, #1252, #1450, #1458) #1165, #1190, #1233, #1242, #1252, #1450, #1458)
* The cryptographic handshake uses CRYPTO frames, not stream 0 * The cryptographic handshake uses CRYPTO frames, not stream 0
* QUIC packet protection is used in place of TLS record * QUIC packet protection is used in place of TLS record
protection protection
* Separate QUIC packet number spaces are used for the handshake * Separate QUIC packet number spaces are used for the handshake
skipping to change at page 139, line 14 skipping to change at page 140, line 14
o Fixed sampling method for packet number encryption; the length o Fixed sampling method for packet number encryption; the length
field in long headers includes the packet number field in addition field in long headers includes the packet number field in addition
to the packet payload (#1387, #1389) to the packet payload (#1387, #1389)
o Stateless Reset is now symmetric and subject to size constraints o Stateless Reset is now symmetric and subject to size constraints
(#466, #1346) (#466, #1346)
o Added frame type extension mechanism (#58, #1473) o Added frame type extension mechanism (#58, #1473)
B.10. Since draft-ietf-quic-transport-11 B.11. Since draft-ietf-quic-transport-11
o Enable server to transition connections to a preferred address o Enable server to transition connections to a preferred address
(#560, #1251) (#560, #1251)
o Packet numbers are encrypted (#1174, #1043, #1048, #1034, #850, o Packet numbers are encrypted (#1174, #1043, #1048, #1034, #850,
#990, #734, #1317, #1267, #1079) #990, #734, #1317, #1267, #1079)
o Packet numbers use a variable-length encoding (#989, #1334) o Packet numbers use a variable-length encoding (#989, #1334)
o STREAM frames can now be empty (#1350) o STREAM frames can now be empty (#1350)
B.11. Since draft-ietf-quic-transport-10 B.12. Since draft-ietf-quic-transport-10
o Swap payload length and packed number fields in long header o Swap payload length and packed number fields in long header
(#1294) (#1294)
o Clarified that CONNECTION_CLOSE is allowed in Handshake packet o Clarified that CONNECTION_CLOSE is allowed in Handshake packet
(#1274) (#1274)
o Spin bit reserved (#1283) o Spin bit reserved (#1283)
o Coalescing multiple QUIC packets in a UDP datagram (#1262, #1285) o Coalescing multiple QUIC packets in a UDP datagram (#1262, #1285)
skipping to change at page 140, line 12 skipping to change at page 141, line 12
o STOP_SENDING is now prohibited before streams are used (#1050) o STOP_SENDING is now prohibited before streams are used (#1050)
o Recommend including ACK in Retry packets and allow PADDING (#1067, o Recommend including ACK in Retry packets and allow PADDING (#1067,
#882) #882)
o Endpoints now become closing after an idle timeout (#1178, #1179) o Endpoints now become closing after an idle timeout (#1178, #1179)
o Remove implication that Version Negotiation is sent when a packet o Remove implication that Version Negotiation is sent when a packet
of the wrong version is received (#1197) of the wrong version is received (#1197)
B.12. Since draft-ietf-quic-transport-09 B.13. Since draft-ietf-quic-transport-09
o Added PATH_CHALLENGE and PATH_RESPONSE frames to replace PING with o Added PATH_CHALLENGE and PATH_RESPONSE frames to replace PING with
Data and PONG frame. Changed ACK frame type from 0x0e to 0x0d. Data and PONG frame. Changed ACK frame type from 0x0e to 0x0d.
(#1091, #725, #1086) (#1091, #725, #1086)
o A server can now only send 3 packets without validating the client o A server can now only send 3 packets without validating the client
address (#38, #1090) address (#38, #1090)
o Delivery order of stream data is no longer strongly specified o Delivery order of stream data is no longer strongly specified
(#252, #1070) (#252, #1070)
skipping to change at page 140, line 39 skipping to change at page 141, line 39
o Improved retransmission rules for all frame types: information is o Improved retransmission rules for all frame types: information is
retransmitted, not packets or frames (#463, #765, #1095, #1053) retransmitted, not packets or frames (#463, #765, #1095, #1053)
o Added an error code for server busy signals (#1137) o Added an error code for server busy signals (#1137)
o Endpoints now set the connection ID that their peer uses. o Endpoints now set the connection ID that their peer uses.
Connection IDs are variable length. Removed the Connection IDs are variable length. Removed the
omit_connection_id transport parameter and the corresponding short omit_connection_id transport parameter and the corresponding short
header flag. (#1089, #1052, #1146, #821, #745, #821, #1166, #1151) header flag. (#1089, #1052, #1146, #821, #745, #821, #1166, #1151)
B.13. Since draft-ietf-quic-transport-08 B.14. Since draft-ietf-quic-transport-08
o Clarified requirements for BLOCKED usage (#65, #924) o Clarified requirements for BLOCKED usage (#65, #924)
o BLOCKED frame now includes reason for blocking (#452, #924, #927, o BLOCKED frame now includes reason for blocking (#452, #924, #927,
#928) #928)
o GAP limitation in ACK Frame (#613) o GAP limitation in ACK Frame (#613)
o Improved PMTUD description (#614, #1036) o Improved PMTUD description (#614, #1036)
skipping to change at page 141, line 19 skipping to change at page 142, line 19
o Stateless reset clarified as version-specific (#930, #986) o Stateless reset clarified as version-specific (#930, #986)
o initial_max_stream_id_x transport parameters are optional (#970, o initial_max_stream_id_x transport parameters are optional (#970,
#971) #971)
o Ack Delay assumes a default value during the handshake (#1007, o Ack Delay assumes a default value during the handshake (#1007,
#1009) #1009)
o Removed transport parameters from NewSessionTicket (#1015) o Removed transport parameters from NewSessionTicket (#1015)
B.14. Since draft-ietf-quic-transport-07 B.15. Since draft-ietf-quic-transport-07
o The long header now has version before packet number (#926, #939) o The long header now has version before packet number (#926, #939)
o Rename and consolidate packet types (#846, #822, #847) o Rename and consolidate packet types (#846, #822, #847)
o Packet types are assigned new codepoints and the Connection ID o Packet types are assigned new codepoints and the Connection ID
Flag is inverted (#426, #956) Flag is inverted (#426, #956)
o Removed type for Version Negotiation and use Version 0 (#963, o Removed type for Version Negotiation and use Version 0 (#963,
#968) #968)
skipping to change at page 142, line 15 skipping to change at page 143, line 15
o Address validation for connection migration (#161, #732, #878) o Address validation for connection migration (#161, #732, #878)
o Clearly defined retransmission rules for BLOCKED (#452, #65, #924) o Clearly defined retransmission rules for BLOCKED (#452, #65, #924)
o negotiated_version is sent in server transport parameters (#710, o negotiated_version is sent in server transport parameters (#710,
#959) #959)
o Increased the range over which packet numbers are randomized o Increased the range over which packet numbers are randomized
(#864, #850, #964) (#864, #850, #964)
B.15. Since draft-ietf-quic-transport-06 B.16. Since draft-ietf-quic-transport-06
o Replaced FNV-1a with AES-GCM for all "Cleartext" packets (#554) o Replaced FNV-1a with AES-GCM for all "Cleartext" packets (#554)
o Split error code space between application and transport (#485) o Split error code space between application and transport (#485)
o Stateless reset token moved to end (#820) o Stateless reset token moved to end (#820)
o 1-RTT-protected long header types removed (#848) o 1-RTT-protected long header types removed (#848)
o No acknowledgments during draining period (#852) o No acknowledgments during draining period (#852)
o Remove "application close" as a separate close type (#854) o Remove "application close" as a separate close type (#854)
o Remove timestamps from the ACK frame (#841) o Remove timestamps from the ACK frame (#841)
o Require transport parameters to only appear once (#792) o Require transport parameters to only appear once (#792)
B.16. Since draft-ietf-quic-transport-05 B.17. Since draft-ietf-quic-transport-05
o Stateless token is server-only (#726) o Stateless token is server-only (#726)
o Refactor section on connection termination (#733, #748, #328, o Refactor section on connection termination (#733, #748, #328,
#177) #177)
o Limit size of Version Negotiation packet (#585) o Limit size of Version Negotiation packet (#585)
o Clarify when and what to ack (#736) o Clarify when and what to ack (#736)
o Renamed STREAM_ID_NEEDED to STREAM_ID_BLOCKED o Renamed STREAM_ID_NEEDED to STREAM_ID_BLOCKED
o Clarify Keep-alive requirements (#729) o Clarify Keep-alive requirements (#729)
B.17. Since draft-ietf-quic-transport-04 B.18. Since draft-ietf-quic-transport-04
o Introduce STOP_SENDING frame, RESET_STREAM only resets in one o Introduce STOP_SENDING frame, RESET_STREAM only resets in one
direction (#165) direction (#165)
o Removed GOAWAY; application protocols are responsible for graceful o Removed GOAWAY; application protocols are responsible for graceful
shutdown (#696) shutdown (#696)
o Reduced the number of error codes (#96, #177, #184, #211) o Reduced the number of error codes (#96, #177, #184, #211)
o Version validation fields can't move or change (#121) o Version validation fields can't move or change (#121)
skipping to change at page 143, line 34 skipping to change at page 144, line 34
o Increased the maximum length of the Largest Acknowledged field in o Increased the maximum length of the Largest Acknowledged field in
ACK frames to 64 bits (#629) ACK frames to 64 bits (#629)
o truncate_connection_id is renamed to omit_connection_id (#659) o truncate_connection_id is renamed to omit_connection_id (#659)
o CONNECTION_CLOSE terminates the connection like TCP RST (#330, o CONNECTION_CLOSE terminates the connection like TCP RST (#330,
#328) #328)
o Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642) o Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642)
B.18. Since draft-ietf-quic-transport-03 B.19. Since draft-ietf-quic-transport-03
o Change STREAM and RESET_STREAM layout o Change STREAM and RESET_STREAM layout
o Add MAX_STREAM_ID settings o Add MAX_STREAM_ID settings
B.19. Since draft-ietf-quic-transport-02 B.20. Since draft-ietf-quic-transport-02
o The size of the initial packet payload has a fixed minimum (#267, o The size of the initial packet payload has a fixed minimum (#267,
#472) #472)
o Define when Version Negotiation packets are ignored (#284, #294, o Define when Version Negotiation packets are ignored (#284, #294,
#241, #143, #474) #241, #143, #474)
o The 64-bit FNV-1a algorithm is used for integrity protection of o The 64-bit FNV-1a algorithm is used for integrity protection of
unprotected packets (#167, #480, #481, #517) unprotected packets (#167, #480, #481, #517)
skipping to change at page 144, line 37 skipping to change at page 145, line 37
linkability (#232, #491, #496) linkability (#232, #491, #496)
o Transport parameters for 0-RTT are retained from a previous o Transport parameters for 0-RTT are retained from a previous
connection (#405, #513, #512) connection (#405, #513, #512)
* A client in 0-RTT no longer required to reset excess streams * A client in 0-RTT no longer required to reset excess streams
(#425, #479) (#425, #479)
o Expanded security considerations (#440, #444, #445, #448) o Expanded security considerations (#440, #444, #445, #448)
B.20. Since draft-ietf-quic-transport-01 B.21. Since draft-ietf-quic-transport-01
o Defined short and long packet headers (#40, #148, #361) o Defined short and long packet headers (#40, #148, #361)
o Defined a versioning scheme and stable fields (#51, #361) o Defined a versioning scheme and stable fields (#51, #361)
o Define reserved version values for "greasing" negotiation (#112, o Define reserved version values for "greasing" negotiation (#112,
#278) #278)
o The initial packet number is randomized (#35, #283) o The initial packet number is randomized (#35, #283)
skipping to change at page 146, line 36 skipping to change at page 147, line 36
o Remove error code and reason phrase from GOAWAY (#352, #355) o Remove error code and reason phrase from GOAWAY (#352, #355)
o GOAWAY includes a final stream number for both directions (#347) o GOAWAY includes a final stream number for both directions (#347)
o Error codes for RESET_STREAM and CONNECTION_CLOSE are now at a o Error codes for RESET_STREAM and CONNECTION_CLOSE are now at a
consistent offset (#249) consistent offset (#249)
o Defined priority as the responsibility of the application protocol o Defined priority as the responsibility of the application protocol
(#104, #303) (#104, #303)
B.21. Since draft-ietf-quic-transport-00 B.22. Since draft-ietf-quic-transport-00
o Replaced DIVERSIFICATION_NONCE flag with KEY_PHASE flag o Replaced DIVERSIFICATION_NONCE flag with KEY_PHASE flag
o Defined versioning o Defined versioning
o Reworked description of packet and frame layout o Reworked description of packet and frame layout
o Error code space is divided into regions for each component o Error code space is divided into regions for each component
o Use big endian for all numeric values o Use big endian for all numeric values
B.22. Since draft-hamilton-quic-transport-protocol-01 B.23. Since draft-hamilton-quic-transport-protocol-01
o Adopted as base for draft-ietf-quic-tls o Adopted as base for draft-ietf-quic-tls
o Updated authors/editors list o Updated authors/editors list
o Added IANA Considerations section o Added IANA Considerations section
o Moved Contributors and Acknowledgments to appendices o Moved Contributors and Acknowledgments to appendices
Acknowledgments Acknowledgments
 End of changes. 67 change blocks. 
145 lines changed or deleted 175 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/