Wire protocol

Abstract: An extensible data structure for messages in a peer to peer name resolution protocol is presented. This message data structure utilizes a number of fields, each containing a message element. Preferably, the first field is the message header that includes protocol information and identifies the type of message. Each message element contains a number of fields. These message element fields include a type field, a length field, and the content or payload of the message element. In one embodiment, at least ten messages are formed for proper operation of a Peer To Peer Name Resolution Protocol (PNRP), including RESOLVE, RESPONSE, SOLICIT, ADVERTISE, REQUEST, FLOOD, INQUIRE, AUTHORITY, ACK, and REPAIR messages.

Abstract: A wire protocol provides message formats for creating multiple network connections between a media server and a client. These multiple network connections may include a control link connection for passing control information and a data funnel connection for passing data of multiple media. The data funnel connection may be a multipoint-to-point connection that connects multiple data servers with the client. The protocol facilitates multiple requests being concurrently outstanding and asynchronous processing of requests. The protocol is designed to exist on top of a transport protocol layer.

Abstract: QUIC is a new Internet secure transport protocol currently in the process of IETF standardization. It is intended as a replacement for the TLS/TCP stack and will be the basis of HTTP/3, the next official version of the hypertext transfer protocol. As a result, it is likely, in the near future, to carry a substantial fraction of traffic on the Internet. We describe our experience applying a methodology of compositional specification-based testing to QUIC. We develop a formal specification of the wire protocol, and use this specification to generate automated randomized testers for implementations of QUIC. The testers effectively take one role of the QUIC protocol, interacting with the other role to generate full protocol executions, and verifying that the implementations conform to the formal specification. This form of testing generates significantly more diverse stimuli and stronger correctness criteria than interoperability testing, the primary method used to date to validate QUIC and its implementations. As a result, numerous implementation errors have been found. These include some vulnerabilities at the protocol and implementation levels, such as an off-path denial of service scenario and an information leak similar to the "heartbleed" vulnerability in OpenSSL.