Some questions about the protocol

sopium sopium at
Wed Mar 15 04:25:29 CET 2017


These are some questions about some corner cases and details of
the protocol, that the paper does not seem to clearly specify:

* Do we send cookie reply messages in response to handshake
  _response_ messages? My guess is YES? The figure in 5.4.1 only
  shows the case that the responder chooses to reply with a
  cookie message.

* Shall we start handshake in case the _previous_ session is not
  alive, or too old? My guess is NO?

* When padding packets, how to avoid getting larger than MTU,
  because we don't seem to know the MTU?

* When we receive a valid handshake init message, a secure
  transport is session is created. Do we start sending with this
  session immediately, in case there is still a valid previous
  session? Because if the handshake response we send is lost, the
  peer won't be able to decrypt our transport messages. The
  problem should eventually go away, but the peer may experience
  a brief blackout.

  So, shall we wait until successfully receiving a transport
  message with the new session, before start sending with
  it? (When the previous session is still valid, of course.)


More information about the WireGuard mailing list