Define minimum interoperability
martinduke opened this issue · comments
We should specify what subset of possible configurations must be necessary to be compliant. Lots of concerns here to think through and iron out:
Encryption might be a tough one: given the constraints that lead to the decision whether or not to encrypt, it is easy to imagine encryption-only or plaintext-only devices.
As for nonce and SID lengths, a reasonable nominee would be [sid_len = 3; nonce_len = 4].
In particular, having nonce_len > 16 bytes is both excessive and inconvenient in terms of expressing the nonce as a 128 bit integer. It is likely that Google quiche will not support nonces that long, for instance.
Relatedly, a load balancer very concerned about decrypt costs might force single-pass decryption by requiring sid_len + nonce_len = 16 bytes.
After reflection, I don't think there's anything useful to say here