draft-ietf-quic-invariants-09.txt   draft-ietf-quic-invariants-10.txt 
QUIC M. Thomson QUIC M. Thomson
Internet-Draft Mozilla Internet-Draft Mozilla
Intended status: Standards Track 9 June 2020 Intended status: Standards Track September 10, 2020
Expires: 11 December 2020 Expires: March 14, 2021
Version-Independent Properties of QUIC Version-Independent Properties of QUIC
draft-ietf-quic-invariants-09 draft-ietf-quic-invariants-10
Abstract Abstract
This document defines the properties of the QUIC transport protocol This document defines the properties of the QUIC transport protocol
that are expected to remain unchanged over time as new versions of that are expected to remain unchanged over time as new versions of
the protocol are developed. the protocol are developed.
Note to Readers Note to Readers
Discussion of this draft takes place on the QUIC working group Discussion of this draft takes place on the QUIC working group
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 11 December 2020. This Internet-Draft will expire on March 14, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 20 skipping to change at page 2, line 20
extracted from this document must include Simplified BSD License text extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions and Definitions . . . . . . . . . . . . . . . . . 3 2. Conventions and Definitions . . . . . . . . . . . . . . . . . 3
3. An Extremely Abstract Description of QUIC . . . . . . . . . . 3 3. An Extremely Abstract Description of QUIC . . . . . . . . . . 3
4. Notational Conventions . . . . . . . . . . . . . . . . . . . 3 4. Notational Conventions . . . . . . . . . . . . . . . . . . . 3
5. QUIC Packet Headers . . . . . . . . . . . . . . . . . . . . . 4 5. QUIC Packets . . . . . . . . . . . . . . . . . . . . . . . . 4
5.1. Long Header . . . . . . . . . . . . . . . . . . . . . . . 4 5.1. Long Header . . . . . . . . . . . . . . . . . . . . . . . 4
5.2. Short Header . . . . . . . . . . . . . . . . . . . . . . 5 5.2. Short Header . . . . . . . . . . . . . . . . . . . . . . 5
5.3. Connection ID . . . . . . . . . . . . . . . . . . . . . . 5 5.3. Connection ID . . . . . . . . . . . . . . . . . . . . . . 6
5.4. Version . . . . . . . . . . . . . . . . . . . . . . . . . 6 5.4. Version . . . . . . . . . . . . . . . . . . . . . . . . . 6
6. Version Negotiation . . . . . . . . . . . . . . . . . . . . . 6 6. Version Negotiation . . . . . . . . . . . . . . . . . . . . . 6
7. Security and Privacy Considerations . . . . . . . . . . . . . 7 7. Security and Privacy Considerations . . . . . . . . . . . . . 8
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8
9.1. Normative References . . . . . . . . . . . . . . . . . . 8 9.1. Normative References . . . . . . . . . . . . . . . . . . 8
9.2. Informative References . . . . . . . . . . . . . . . . . 8 9.2. Informative References . . . . . . . . . . . . . . . . . 8
Appendix A. Incorrect Assumptions . . . . . . . . . . . . . . . 8 Appendix A. Incorrect Assumptions . . . . . . . . . . . . . . . 9
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
In addition to providing secure, multiplexed transport, QUIC In addition to providing secure, multiplexed transport, QUIC
[QUIC-TRANSPORT] includes the ability to negotiate a version. This [QUIC-TRANSPORT] includes the ability to negotiate a version. This
allows the protocol to change over time in response to new allows the protocol to change over time in response to new
requirements. Many characteristics of the protocol will change requirements. Many characteristics of the protocol will change
between versions. between versions.
This document describes the subset of QUIC that is intended to remain This document describes the subset of QUIC that is intended to remain
stable as new versions are developed and deployed. All of these stable as new versions are developed and deployed. All of these
invariants are IP-version-independent. invariants are IP-version-independent.
The primary goal of this document is to ensure that it is possible to The primary goal of this document is to ensure that it is possible to
deploy new versions of QUIC. By documenting the properties that deploy new versions of QUIC. By documenting the properties that
can't change, this document aims to preserve the ability to change cannot change, this document aims to preserve the ability for QUIC
any other aspect of the protocol. Thus, unless specifically endpoints to negotiate changes to any other aspect of the protocol.
described in this document, any aspect of the protocol can change As a consequence, this also guarantees a minimal amount of
between different versions. information that is made available to entities other than endpoints.
Unless specifically prohibited in this document, any aspect of the
protocol can change between different versions.
Appendix A is a non-exhaustive list of some incorrect assumptions Appendix A is a non-exhaustive list of some incorrect assumptions
that might be made based on knowledge of QUIC version 1; these do not that might be made based on knowledge of QUIC version 1; these do not
apply to every version of QUIC. apply to every version of QUIC.
2. Conventions and Definitions 2. Conventions and Definitions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
skipping to change at page 4, line 20 skipping to change at page 4, line 28
Example Structure { Example Structure {
One-bit Field (1), One-bit Field (1),
7-bit Field with Fixed Value (7) = 61, 7-bit Field with Fixed Value (7) = 61,
Arbitrary-Length Field (..), Arbitrary-Length Field (..),
Variable-Length Field (8..24), Variable-Length Field (8..24),
Repeated Field (8) ..., Repeated Field (8) ...,
} }
Figure 1: Example Format Figure 1: Example Format
5. QUIC Packet Headers 5. QUIC Packets
QUIC endpoints exchange UDP datagrams that contain one or more QUIC QUIC endpoints exchange UDP datagrams that contain one or more QUIC
packets. This section describes the invariant characteristics of a packets. This section describes the invariant characteristics of a
QUIC packet. A version of QUIC could permit multiple QUIC packets in QUIC packet. A version of QUIC could permit multiple QUIC packets in
a single UDP datagram, but the invariant properties only describe the a single UDP datagram, but the invariant properties only describe the
first packet in a datagram. first packet in a datagram.
QUIC defines two types of packet header: long and short. Packets QUIC defines two types of packet header: long and short. Packets
with long headers are identified by the most significant bit of the with long headers are identified by the most significant bit of the
first byte being set; packets with a short header have that bit first byte being set; packets with a short header have that bit
cleared. cleared.
QUIC packets might be integrity protected, including the header.
However, QUIC Version Negotiation packets are not integrity
protected; see Section 6.
Aside from the values described here, the payload of QUIC packets is Aside from the values described here, the payload of QUIC packets is
version-specific and of arbitrary length. version-specific and of arbitrary length.
5.1. Long Header 5.1. Long Header
Long headers take the form described in Figure 2. Long headers take the form described in Figure 2.
Long Header Packet { Long Header Packet {
Header Form (1) = 1, Header Form (1) = 1,
Version-Specific Bits (7), Version-Specific Bits (7),
skipping to change at page 5, line 18 skipping to change at page 5, line 31
The next four bytes include a 32-bit Version field. Versions are The next four bytes include a 32-bit Version field. Versions are
described in Section 5.4. described in Section 5.4.
The next byte contains the length in bytes of the Destination The next byte contains the length in bytes of the Destination
Connection ID field that follows it. This length is encoded as an Connection ID field that follows it. This length is encoded as an
8-bit unsigned integer. The Destination Connection ID field follows 8-bit unsigned integer. The Destination Connection ID field follows
the Destination Connection ID Length field and is between 0 and 255 the Destination Connection ID Length field and is between 0 and 255
bytes in length. Connection IDs are described in Section 5.3. bytes in length. Connection IDs are described in Section 5.3.
The next byte contains the length in bytes of the Source Connection The next byte contains the length in bytes of the Source Connection
ID field that follows it. This length is encoded as a 8-bit unsigned ID field that follows it. This length is encoded as an 8-bit
integer. The Source Connection ID field follows the Source unsigned integer. The Source Connection ID field follows the Source
Connection ID Length field and is between 0 and 255 bytes in length. Connection ID Length field and is between 0 and 255 bytes in length.
The remainder of the packet contains version-specific content. The remainder of the packet contains version-specific content.
5.2. Short Header 5.2. Short Header
Short headers take the form described in Figure 3. Short headers take the form described in Figure 3.
Short Header Packet { Short Header Packet {
Header Form (1) = 0, Header Form (1) = 0,
skipping to change at page 6, line 6 skipping to change at page 6, line 19
in packets with a short header and is not constrained by this in packets with a short header and is not constrained by this
specification. specification.
The remainder of the packet has version-specific semantics. The remainder of the packet has version-specific semantics.
5.3. Connection ID 5.3. Connection ID
A connection ID is an opaque field of arbitrary length. A connection ID is an opaque field of arbitrary length.
The primary function of a connection ID is to ensure that changes in The primary function of a connection ID is to ensure that changes in
addressing at lower protocol layers (UDP, IP, and below) don't cause addressing at lower protocol layers (UDP, IP, and below) do not cause
packets for a QUIC connection to be delivered to the wrong QUIC packets for a QUIC connection to be delivered to the wrong QUIC
endpoint. The connection ID is used by endpoints and the endpoint. The connection ID is used by endpoints and the
intermediaries that support them to ensure that each QUIC packet can intermediaries that support them to ensure that each QUIC packet can
be delivered to the correct instance of an endpoint. At the be delivered to the correct instance of an endpoint. At the
endpoint, the connection ID is used to identify which QUIC connection endpoint, the connection ID is used to identify which QUIC connection
the packet is intended for. the packet is intended for.
The connection ID is chosen by each endpoint using version-specific The connection ID is chosen by each endpoint using version-specific
methods. Packets for the same QUIC connection might use different methods. Packets for the same QUIC connection might use different
connection ID values. connection ID values.
5.4. Version 5.4. Version
QUIC versions are identified with a 32-bit integer, encoded in The Version field contains a 4-byte identifier. This value can be
network byte order. Version 0 is reserved for version negotiation used by endpoints to identify a QUIC Version. A Version field with a
(see Section 6). All other version numbers are potentially valid. value of 0x00000000 is reserved for version negotiation; see
Section 6. All other values are potentially valid.
The properties described in this document apply to all versions of The properties described in this document apply to all versions of
QUIC. A protocol that does not conform to the properties described QUIC. A protocol that does not conform to the properties described
in this document is not QUIC. Future documents might describe in this document is not QUIC. Future documents might describe
additional properties which apply to a specific QUIC version, or to a additional properties that apply to a specific QUIC version, or to a
range of QUIC versions. range of QUIC versions.
6. Version Negotiation 6. Version Negotiation
A QUIC endpoint that receives a packet with a long header and a A QUIC endpoint that receives a packet with a long header and a
version it either does not understand or does not support might send version it either does not understand or does not support might send
a Version Negotiation packet in response. Packets with a short a Version Negotiation packet in response. Packets with a short
header do not trigger version negotiation. header do not trigger version negotiation.
A Version Negotiation packet sets the high bit of the first byte, and A Version Negotiation packet sets the high bit of the first byte, and
skipping to change at page 7, line 4 skipping to change at page 7, line 20
Version Negotiation Packet { Version Negotiation Packet {
Header Form (1) = 1, Header Form (1) = 1,
Unused (7), Unused (7),
Version (32) = 0, Version (32) = 0,
Destination Connection ID Length (8), Destination Connection ID Length (8),
Destination Connection ID (0..2040), Destination Connection ID (0..2040),
Source Connection ID Length (8), Source Connection ID Length (8),
Source Connection ID (0..2040), Source Connection ID (0..2040),
Supported Version (32) ..., Supported Version (32) ...,
} }
Figure 4: Version Negotiation Packet Figure 4: Version Negotiation Packet
The Version Negotiation packet contains a list of Supported Version Only the most significant bit of the first byte of a Version
fields, each identifying a version that the endpoint sending the Negotiation packet has any defined value. The remaining 7 bits,
packet supports. The Supported Version fields follow the Version labeled Unused, can be set to any value when sending and MUST be
field. A Version Negotiation packet contains no other fields. An ignored on receipt.
endpoint MUST ignore a packet that contains no Supported Version
fields, or a truncated Supported Version. After the Source Connection ID field, the Version Negotiation packet
contains a list of Supported Version fields, each identifying a
version that the endpoint sending the packet supports. A Version
Negotiation packet contains no other fields. An endpoint MUST ignore
a packet that contains no Supported Version fields, or a truncated
Supported Version.
Version Negotiation packets do not use integrity or confidentiality Version Negotiation packets do not use integrity or confidentiality
protection. A specific QUIC version might authenticate the packet as protection. Specific QUIC versions might include protocol elements
part of its connection establishment process. that allow endpoints to detect modification or corruption in the set
of supported versions.
An endpoint MUST include the value from the Source Connection ID An endpoint MUST include the value from the Source Connection ID
field of the packet it receives in the Destination Connection ID field of the packet it receives in the Destination Connection ID
field. The value for Source Connection ID MUST be copied from the field. The value for Source Connection ID MUST be copied from the
Destination Connection ID of the received packet, which is initially Destination Connection ID of the received packet, which is initially
randomly selected by a client. Echoing both connection IDs gives randomly selected by a client. Echoing both connection IDs gives
clients some assurance that the server received the packet and that clients some assurance that the server received the packet and that
the Version Negotiation packet was not generated by an off-path the Version Negotiation packet was not generated by an off-path
attacker. attacker.
skipping to change at page 8, line 7 skipping to change at page 8, line 27
might make different design decisions and so exhibit different might make different design decisions and so exhibit different
traits. traits.
The QUIC version number does not appear in all QUIC packets, which The QUIC version number does not appear in all QUIC packets, which
means that reliably extracting information from a flow based on means that reliably extracting information from a flow based on
version-specific traits requires that middleboxes retain state for version-specific traits requires that middleboxes retain state for
every connection ID they see. every connection ID they see.
The Version Negotiation packet described in this document is not The Version Negotiation packet described in this document is not
integrity-protected; it only has modest protection against insertion integrity-protected; it only has modest protection against insertion
by off-path attackers. QUIC versions MUST define a mechanism that by off-path attackers. An endpoint MUST authenticate the contents of
authenticates the values it contains. a Version Negotiation packet if it attempts a different QUIC version
as a result.
8. IANA Considerations 8. IANA Considerations
This document makes no request of IANA. This document makes no request of IANA.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
skipping to change at page 8, line 31 skipping to change at page 9, line 7
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
9.2. Informative References 9.2. Informative References
[QUIC-TLS] Thomson, M., Ed. and S. Turner, Ed., "Using Transport [QUIC-TLS] Thomson, M., Ed. and S. Turner, Ed., "Using Transport
Layer Security (TLS) to Secure QUIC", Work in Progress, Layer Security (TLS) to Secure QUIC", Work in Progress,
Internet-Draft, draft-ietf-quic-tls-29, 9 June 2020, Internet-Draft, draft-ietf-quic-tls-30, September 10,
<https://tools.ietf.org/html/draft-ietf-quic-tls-29>. 2020,
<https://tools.ietf.org/html/draft-ietf-quic-tls-30>.
[QUIC-TRANSPORT] [QUIC-TRANSPORT]
Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
Multiplexed and Secure Transport", Work in Progress, Multiplexed and Secure Transport", Work in Progress,
Internet-Draft, draft-ietf-quic-transport-29, 9 June 2020, Internet-Draft, draft-ietf-quic-transport-30, September
<https://tools.ietf.org/html/draft-ietf-quic-transport- 10, 2020, <https://tools.ietf.org/html/draft-ietf-quic-
29>. transport-30>.
[RFC5116] McGrew, D., "An Interface and Algorithms for Authenticated [RFC5116] McGrew, D., "An Interface and Algorithms for Authenticated
Encryption", RFC 5116, DOI 10.17487/RFC5116, January 2008, Encryption", RFC 5116, DOI 10.17487/RFC5116, January 2008,
<https://www.rfc-editor.org/info/rfc5116>. <https://www.rfc-editor.org/info/rfc5116>.
Appendix A. Incorrect Assumptions Appendix A. Incorrect Assumptions
There are several traits of QUIC version 1 [QUIC-TRANSPORT] that are There are several traits of QUIC version 1 [QUIC-TRANSPORT] that are
not protected from observation, but are nonetheless considered to be not protected from observation, but are nonetheless considered to be
changeable when a new version is deployed. changeable when a new version is deployed.
This section lists a sampling of incorrect assumptions that might be This section lists a sampling of incorrect assumptions that might be
made based on knowledge of QUIC version 1. Some of these statements made based on knowledge of QUIC version 1. Some of these statements
are not even true for QUIC version 1. This is not an exhaustive are not even true for QUIC version 1. This is not an exhaustive
list, it is intended to be illustrative only. list; it is intended to be illustrative only.
The following statements are NOT guaranteed to be true for every QUIC The following statements are NOT guaranteed to be true for every QUIC
version: version:
* QUIC uses TLS [QUIC-TLS] and some TLS messages are visible on the * QUIC uses TLS [QUIC-TLS] and some TLS messages are visible on the
wire wire
* QUIC long headers are only exchanged during connection * QUIC long headers are only exchanged during connection
establishment establishment
skipping to change at page 9, line 50 skipping to change at page 10, line 25
* QUIC packets always have the second bit of the first byte (0x40) * QUIC packets always have the second bit of the first byte (0x40)
set set
* A QUIC Version Negotiation packet is only sent by a server * A QUIC Version Negotiation packet is only sent by a server
* A QUIC connection ID changes infrequently * A QUIC connection ID changes infrequently
* QUIC endpoints change the version they speak if they are sent a * QUIC endpoints change the version they speak if they are sent a
Version Negotiation packet Version Negotiation packet
* The version field in a QUIC long header is the same in both * The Version field in a QUIC long header is the same in both
directions directions
* A QUIC packet with a particular value in the Version field means
that the corresponding version of QUIC is in use
* Only one connection at a time is established between any pair of * Only one connection at a time is established between any pair of
QUIC endpoints QUIC endpoints
Author's Address Author's Address
Martin Thomson Martin Thomson
Mozilla Mozilla
Email: mt@lowentropy.net Email: mt@lowentropy.net
 End of changes. 23 change blocks. 
37 lines changed or deleted 56 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/