net-offloads icon indicating copy to clipboard operation
net-offloads copied to clipboard
verified publisher icon microsoft

Account for Multi-Path in QEO

Open nibanks opened this issue 3 years ago • 3 comments

The current IETF draft for multi-path changes some of the requirements around keys. We should consider those changes for this spec.

nibanks avatar Oct 21 '22 13:10 nibanks

Any pointers?

BorisPis avatar Nov 06 '22 13:11 BorisPis

This issue is tracking it from the multi-path side: https://github.com/quicwg/multipath/issues/25.

nibanks avatar Nov 07 '22 13:11 nibanks

The current IETF draft for multi-path changes some of the requirements around keys. We should consider those changes for this spec.

If I understand the multi-path draft correctly, the current packet protection scheme will work only for the initial path. But later paths will require the connection ID sequence to be part of the AEAD nonce. Therefore, the proposed API can work with multi-path and in the future, to add multi-path support, a new API will be needed to add paths to an existing connection.

If users are to generate new connection ID sequence (new CIDS) numbers, then the new API will need to bind between new user generated CIDS and existing in-kernel key material.

BorisPis avatar Nov 07 '22 15:11 BorisPis