below > On 4 Jan 2021, at 22.47, Alissa Cooper via Datatracker <[email protected]> > wrote: > > Alissa Cooper has entered the following ballot position for > draft-ietf-quic-tls-33: Yes > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thanks for a clear and complete document. > > Section 17.4: For someone coming to this new, it might not be obvious why > requiring the disabling of the spin bit on a fraction of connections is > useful. > This may be worth a sentence of explanation.
If it is not clear by now, this is because a user that disables a spin bit would look suspicious, similar to the police looking for cell phones that have been turned off during the commiting of a crime. If everyone randomly disables the spin bit, this becomes less obvious. I think this because the QUIC document has been trying to not motivate every single decision for the sake of brevity, although the text got quite long anyway. Some of these explanations have moved to the manageability document. Maybe a reference to that document would be in place? https://quicwg.org/ops-drafts/draft-ietf-quic-manageability.html#name-using-the-spin-bit-for-pass To avoid making these connections identifiable based on the usage of the spin bit, it is recommended that all endpoints randomly disable "spinning" for at least one eighth of connections, even if otherwise enabled by default. Mikkel
