I'm fine with the updated text as well. Thanks, - Nick
Sent from Outlook<http://aka.ms/weboutlook> From: QUIC <[email protected]> On Behalf Of David Schinazi Sent: Wednesday, March 1, 2023 1:56 PM To: Martin Duke <[email protected]> Cc: IETF QUIC WG <[email protected]> Subject: Re: Additional clarification for QUICv2 LGTM. David On Wed, Mar 1, 2023 at 9:46 AM Martin Duke <[email protected]<mailto:[email protected]>> wrote: Hello all, I'm going through the final step for publishing RFC9369 (QUICv2) [https://www.rfc-editor.org/authors/rfc9369.html<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.rfc-editor.org%2Fauthors%2Frfc9369.html&data=05%7C01%7Cnibanks%40microsoft.com%7Cf28614473a054cbd5c0608db1a869f29%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638132937734727936%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=j7wdum%2Fx8RyY0fB1JhfWQR%2BDg9hUDqn%2FKCQ1QcwP480%3D&reserved=0>] and my reading of it finds something that is just the tiniest bit ambiguous. In Section 5: Clients MUST NOT use a session ticket or token from a QUIC version 1 connection to initiate a QUIC version 2 connection, and vice versa. My intent was that in the following sequence: - Client sends initial with v1; - Server replies with v2 (compatible VN) - Server sends resumption and NEW_TOKEN tokens that those tokens are considered to be v2 tokens, so they can only be used if the subsequent connection with the client has a v2 Initial. Does anyone disagree with that interpretation? I'd like to change the first paragraph of Section 5 as follows: OLD: TLS session tickets and NEW_TOKEN tokens are specific to the QUIC version of the connection that provided them. Clients MUST NOT use a session ticket or token from a QUIC version 1 connection to initiate a QUIC version 2 connection, and vice versa. NEW: TLS session tickets and NEW_TOKEN tokens are specific to the QUIC version of the connection that provided them. Clients MUST NOT use a session ticket or token from a QUIC version 1 connection to initiate a QUIC version 2 connection, and vice versa. When a connection includes compatible version negotiation, any server tokens are considered to originate from the negotiated version, not the original one. Martin
