No way of disabling forwarding mode half way through stream

[ehaydenr]

Connection ID registration capsules allow the client to communicate client and target connection IDs to the proxy. This enables both port reuse on the proxy and the option to use forwarding mode.

When the head Proxy-QUIC-Forwarding=?1 was mutually communicated, the client may send in forwarding mode, but must be able to receive in forwarding mode. As a client, if "mid stream" I decide a don't want to do forwarding anymore, I don't have a way to communicate this to the proxy. CloseClientCid/CloseTargetCid capsules don't work here because that would break the proxy's ability to distinguish QUIC packets on a reused UDP port.

[DavidSchinazi]

Do you have a use case where this might be useful? (I'm not against this feature, just curious what it's for)

[ehaydenr]

The concept of disabling forwarding mode mid-stream was brought up recently in an encryption design team meeting where the proxy may choose to disable forwarding mode when it thinks there may be an active attacker on the client-proxy path. I can't think of a case where the client would wish to stop forwarding mode mid-stream (the scenario I described above). Perhaps there's no reason for the client to tell the proxy to stop forwarding, but, if we do make it possible for the proxy to tell the client to stop sending forwarded mode packets, it may or may not make sense to make that symmetrical.

[DavidSchinazi]

That makes sense, thanks