Some questions about the protocol
sopium at mysterious.site
Wed Mar 15 04:25:29 CET 2017
These are some questions about some corner cases and details of
the protocol, that the paper does not seem to clearly specify:
* Do we send cookie reply messages in response to handshake
_response_ messages? My guess is YES? The figure in 5.4.1 only
shows the case that the responder chooses to reply with a
* Shall we start handshake in case the _previous_ session is not
alive, or too old? My guess is NO?
* When padding packets, how to avoid getting larger than MTU,
because we don't seem to know the MTU?
* When we receive a valid handshake init message, a secure
transport is session is created. Do we start sending with this
session immediately, in case there is still a valid previous
session? Because if the handshake response we send is lost, the
peer won't be able to decrypt our transport messages. The
problem should eventually go away, but the peer may experience
a brief blackout.
So, shall we wait until successfully receiving a transport
message with the new session, before start sending with
it? (When the previous session is still valid, of course.)
More information about the WireGuard