| RFC 8999 | QUIC Invariants | May 2021 |
| Thomson | Standards Track | [Page] |
This document defines the properties of the QUIC transport protocol that arecommon to all versions of the protocol.¶
This is an Internet Standards Track document.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained athttps://www.rfc-editor.org/info/rfc8999.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
QUIC is a connection-oriented protocol between two endpoints. Those endpointsexchange UDP datagrams. These UDP datagrams contain QUIC packets. QUICendpoints use QUIC packets to establish a QUIC connection, which is sharedprotocol state between those endpoints.¶
In addition to providing secure, multiplexed transport, QUIC[QUIC-TRANSPORT]allows for the option to negotiate a version. This allows the protocol tochange over time in response to new requirements. Many characteristics of theprotocol could change between versions.¶
This document describes the subset of QUIC that is intended to remain stable asnew versions are developed and deployed. All of these invariants areindependent of the IP version.¶
The primary goal of this document is to ensure that it is possible to deploy newversions of QUIC. By documenting the properties that cannot change, thisdocument aims to preserve the ability for QUIC endpoints to negotiate changes toany other aspect of the protocol. As a consequence, this also guarantees aminimal amount of information that is made available to entities other thanendpoints. Unless specifically prohibited in this document, any aspect of theprotocol can change between different versions.¶
Appendix A contains a non-exhaustive list of some incorrect assumptionsthat might be made based on knowledge of QUIC version 1; these do not apply toevery version of QUIC.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD","SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in thisdocument are to be interpreted as described in BCP 14[RFC2119][RFC8174]when, and only when, they appear in all capitals, as shown here.¶
This document defines requirements on future QUIC versions, even where normativelanguage is not used.¶
This document uses terms and notational conventions from[QUIC-TRANSPORT].¶
The format of packets is described using the notation defined in this section.This notation is the same as that used in[QUIC-TRANSPORT].¶
Complex fields are named and then followed by a list of fields surrounded by apair of matching braces. Each field in this list is separated by commas.¶
Individual fields include length information, plus indications about fixedvalue, optionality, or repetitions. Individual fields use the followingnotational conventions, with all lengths in bits:¶
Indicates that x is A bits long¶
Indicates that x can be any length from A to B; A can be omitted to indicatea minimum of zero bits, and B can be omitted to indicate no set upper limit;values in this format always end on a byte boundary¶
Indicates that x has a fixed value of C; the length of x is described byL, which can use any of the length forms above¶
Indicates that x is repeated zero or more times and that each instance has alength of L¶
This document uses network byte order (that is, big endian) values. Fieldsare placed starting from the high-order bits of each byte.¶
Figure 1 shows an example structure:¶
Example Structure { One-bit Field (1), 7-bit Field with Fixed Value (7) = 61, Arbitrary-Length Field (..), Variable-Length Field (8..24), Repeated Field (8) ...,}QUIC endpoints exchange UDP datagrams that contain one or more QUIC packets.This section describes the invariant characteristics of a QUIC packet. Aversion of QUIC could permit multiple QUIC packets in a single UDP datagram, butthe invariant properties only describe the first packet in a datagram.¶
QUIC defines two types of packet headers: long and short. Packets with a longheader are identified by the most significant bit of the first byte being set;packets with a short header have that bit cleared.¶
QUIC packets might be integrity protected, including the header. However, QUICVersion Negotiation packets are not integrity protected; seeSection 6.¶
Aside from the values described here, the payload of QUIC packets isversion specific and of arbitrary length.¶
Long headers take the form described inFigure 2.¶
Long Header Packet { Header Form (1) = 1, Version-Specific Bits (7), Version (32), Destination Connection ID Length (8), Destination Connection ID (0..2040), Source Connection ID Length (8), Source Connection ID (0..2040), Version-Specific Data (..),}A QUIC packet with a long header has the high bit of the first byte set to 1.All other bits in that byte are version specific.¶
The next four bytes include a 32-bit Version field. Versions are described inSection 5.4.¶
The next byte contains the length in bytes of the Destination Connection IDfield that follows it. This length is encoded as an 8-bit unsigned integer.The Destination Connection ID field follows the Destination Connection ID Lengthfield and is between 0 and 255 bytes in length. Connection IDs are described inSection 5.3.¶
The next byte contains the length in bytes of the Source Connection ID fieldthat follows it. This length is encoded as an 8-bit unsigned integer. TheSource Connection ID field follows the Source Connection ID Length field and isbetween 0 and 255 bytes in length.¶
The remainder of the packet contains version-specific content.¶
Short headers take the form described inFigure 3.¶
Short Header Packet { Header Form (1) = 0, Version-Specific Bits (7), Destination Connection ID (..), Version-Specific Data (..),}A QUIC packet with a short header has the high bit of the first byte set to 0.¶
A QUIC packet with a short header includes a Destination Connection IDimmediately following the first byte. The short header does not include theDestination Connection ID Length, Source Connection ID Length, Source ConnectionID, or Version fields. The length of the Destination Connection ID is notencoded in packets with a short header and is not constrained by thisspecification.¶
The remainder of the packet has version-specific semantics.¶
A connection ID is an opaque field of arbitrary length.¶
The primary function of a connection ID is to ensure that changes in addressingat lower protocol layers (UDP, IP, and below) do not cause packets for a QUICconnection to be delivered to the wrong QUIC endpoint. The connection IDis used by endpoints and the intermediaries that support them to ensure thateach QUIC packet can be delivered to the correct instance of an endpoint. Atthe endpoint, the connection ID is used to identify the QUIC connection forwhich the packet is intended.¶
The connection ID is chosen by each endpoint using version-specific methods.Packets for the same QUIC connection might use different connection ID values.¶
The Version field contains a 4-byte identifier. This value can be used byendpoints to identify a QUIC version. A Version field with a value of0x00000000 is reserved for version negotiation; seeSection 6. All other valuesare potentially valid.¶
The properties described in this document apply to all versions of QUIC. Aprotocol that does not conform to the properties described in this document isnot QUIC. Future documents might describe additional properties that apply toa specific QUIC version or to a range of QUIC versions.¶
A QUIC endpoint that receives a packet with a long header and a version iteither does not understand or does not support might send a Version Negotiationpacket in response. Packets with a short header do not trigger versionnegotiation.¶
A Version Negotiation packet sets the high bit of the first byte, and thus itconforms with the format of a packet with a long header as defined inSection 5.1. A Version Negotiation packet is identifiable as such by theVersion field, which is set to 0x00000000.¶
Version Negotiation Packet { Header Form (1) = 1, Unused (7), Version (32) = 0, Destination Connection ID Length (8), Destination Connection ID (0..2040), Source Connection ID Length (8), Source Connection ID (0..2040), Supported Version (32) ...,}Only the most significant bit of the first byte of a Version Negotiation packethas any defined value. The remaining 7 bits, labeled "Unused", can be set toany value when sending andMUST be ignored on receipt.¶
After the Source Connection ID field, the Version Negotiation packet contains alist of Supported Version fields, each identifying a version that the endpointsending the packet supports. A Version Negotiation packet contains no otherfields. An endpointMUST ignore a packet that contains no Supported Versionfields or contains a truncated Supported Version value.¶
Version Negotiation packets do not use integrity or confidentiality protection.Specific QUIC versions might include protocol elements that allow endpoints todetect modification or corruption in the set of supported versions.¶
An endpointMUST include the value from the Source Connection ID field of thepacket it receives in the Destination Connection ID field. The value for theSource Connection ID fieldMUST be copied from the Destination Connection IDfield of the received packet, which is initially randomly selected by a client.Echoing both connection IDs gives clients some assurance that the serverreceived the packet and that the Version Negotiation packet was not generated byan attacker that is unable to observe packets.¶
An endpoint that receives a Version Negotiation packet might change the versionthat it decides to use for subsequent packets. The conditions under which anendpoint changes its QUIC version will depend on the version of QUIC that itchooses.¶
See[QUIC-TRANSPORT] for a more thorough description of how an endpoint thatsupports QUIC version 1 generates and consumes a Version Negotiation packet.¶
It is possible that middleboxes could observe traits of a specific version ofQUIC and assume that when other versions of QUIC exhibit similar traits the sameunderlying semantic is being expressed. There are potentially many such traits;seeAppendix A. Some effort has been made to either eliminate orobscure some observable traits in QUIC version 1, but many of these remain.Other QUIC versions might make different design decisions and so exhibitdifferent traits.¶
The QUIC version number does not appear in all QUIC packets, which means thatreliably extracting information from a flow based on version-specific traitsrequires that middleboxes retain state for every connection ID they see.¶
The Version Negotiation packet described in this document is notintegrity protected; it only has modest protection against insertion byattackers. An endpointMUST authenticate the semantic content of a VersionNegotiation packet if it attempts a different QUIC version as a result.¶
There are several traits of QUIC version 1[QUIC-TRANSPORT] that are notprotected from observation but are nonetheless considered to be changeable whena new version is deployed.¶
This section lists a sampling of incorrect assumptions that might be made aboutQUIC based on knowledge of QUIC version 1. Some of these statements are noteven true for QUIC version 1. This is not an exhaustive list; it is intended tobe illustrative only.¶
Any and all of the following statements can be false for a given QUICversion:¶