Retry Token Makeup #1474
Labels
-transport
design
An issue that affects the design of the protocol; resolution requires consensus.
has-consensus
An issue that the Chairs have determined has consensus, by canvassing the mailing list.
Comments
martinthomson
added
design
|
My thought would be a token that is carried in a Retry would be bound strongly to the connection ID. It's very different to NEW_TOKEN in that way. |
|
Should we add text to say that the client SHOULD NOT change their source CID in response to a Retry packet? If so, I can send a PR to that effect. |
Merged
mnot
added
the
has-consensus
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This issue is related to the new Stream 0 dt PR (#1450).
Is a client allowed to change its connection ID in response to a Retry packet from a server?
The reason I ask is that it is possible to conceive of a server generating a token for a stateless Retry that encodes the client's original CID (among other things) in it for validation purposes. If the client is allowed to change its CID, then that obviously would break. So I feel we should have text either explicitly saying the client may (which I don't see how we could prevent) change its CID, and that a server shouldn't try to use the CID for stateless Retry validation or that a client must not change its CID so the server can use it for validation in stateless Retry.
The text was updated successfully, but these errors were encountered: