Re: New Version Notification for draft-vkrasnov-h2-compression-dictionaries-01.txt

Martin Thomson <martin.thomson@gmail.com> Thu, 03 November 2016 03:12 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A31F1294DF for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 Nov 2016 20:12:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.498
X-Spam-Level:
X-Spam-Status: No, score=-8.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wGKmDHzCFyxR for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 2 Nov 2016 20:12:53 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 399101294C3 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 2 Nov 2016 20:12:53 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1c28OU-00044v-1c for ietf-http-wg-dist@listhub.w3.org; Thu, 03 Nov 2016 03:08:46 +0000
Resent-Date: Thu, 03 Nov 2016 03:08:46 +0000
Resent-Message-Id: <E1c28OU-00044v-1c@frink.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by frink.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1c28OO-00044A-Qa for ietf-http-wg@listhub.w3.org; Thu, 03 Nov 2016 03:08:40 +0000
Received: from mail-qt0-f171.google.com ([209.85.216.171]) by titan.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <martin.thomson@gmail.com>) id 1c28OI-0008BB-F8 for ietf-http-wg@w3.org; Thu, 03 Nov 2016 03:08:35 +0000
Received: by mail-qt0-f171.google.com with SMTP id p16so20836556qta.0 for <ietf-http-wg@w3.org>; Wed, 02 Nov 2016 20:08:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fGQASrr6TrQTEBbalue+haqVP25nCfX/uKxLjunfou4=; b=n+NE/FHtE+0cCEHqGR8WWXl5JXibHcPsJspIjYrOW9obJSvDejXXwIQ8GImAwDd+px MM//hcAC+HiP98c4SMoTRd3bbHdWKlbJNk/LAwh/1E9af3YVToljPTCGY854qtR9+GtG jJ8RiX1vau/PmMORuFxXBozwrbs2iNs0vQamKC4qknD2BGXhjrbHu4dFIpie3J6/yIXf vaLMnmKmo9s6S3KAv1u2lDZEG56PMNfrjwgCTNLdxMN4KOQOxj0rdMhoH8jHR2WWeK7i XGktxy9+wsibURe1fQ4luQzT3hGWMfKMawcYeGMMoKYzSgOoFJWLy4do0GUHeorm1Nhj w6rw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fGQASrr6TrQTEBbalue+haqVP25nCfX/uKxLjunfou4=; b=Kc2aQosulK7ZGYasHrDuPPN3kK+RdISyQ5nqSJEBqqSvzSDnTcIz5xwIbzSuZpAZ1R VGN8+u4dP5hKo9v4pviI/IG13aDSp3xo9Z58zdTsgTwMVqe/fL7Ff7zMa47/UTl9hujg 7QN2jxMXNYqe/D/Vsq45exBx8GVI62d0OCXxLtxw5xj9HyWr9wmt/eVeIX26glG5BrvE uTo0aMNHHPJPFIwHe1do25BJlsscNSJajFjiMHqPfmJDuRYepOF8VaQydb8FCYHL/vwx F72MdaX9CMs78qkN1kV6OnN1KUpsSZOm3Kh5R0hZP/zzZjxXlhq2q/vJTq3NdLSKJtQS Lz/Q==
X-Gm-Message-State: ABUngveUd+ioqH27c83e+kHzRFfNOuLxHobJ8GPcVER30iZAoA0FihC26ywe0ZZtzz6Q5r9xpUNyZJyQ0apesg==
X-Received: by 10.200.34.66 with SMTP id p2mr6149091qtp.107.1478142488462; Wed, 02 Nov 2016 20:08:08 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.85.7 with HTTP; Wed, 2 Nov 2016 20:08:07 -0700 (PDT)
In-Reply-To: <CACweHND+E7D0oKR+_2sKVOqrAwx_hQW9Z=MAmDFGfbqEzR4xGQ@mail.gmail.com>
References: <147793576451.32369.14134057573457350871.idtracker@ietfa.amsl.com> <3669167D-26AC-4B78-8175-99B0028B6891@cloudflare.com> <CABkgnnXqHP6RNpHBcFStO5TWz8Sq6Uqs7KMWFof88RjxhoW-Qg@mail.gmail.com> <06396a0d-a0c1-19fc-85d5-6ddfb9bcf39f@gmx.de> <CABkgnnWFds=rYHc-ufCynXg701ekQ6MJTrbXXZrV0ozRod6HzA@mail.gmail.com> <D8E74F06-A6CC-4EA9-9D7C-EFD043F72624@cloudflare.com> <CANatvzzZOvPWrdQqNfV4VSiZ4cb2zt36f1-mKTrxTS8kW6eSuw@mail.gmail.com> <CACweHND+E7D0oKR+_2sKVOqrAwx_hQW9Z=MAmDFGfbqEzR4xGQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 3 Nov 2016 14:08:07 +1100
Message-ID: <CABkgnnVTgeCVuW2k3O1vpqp3PJWoYzPW-zTtHfD2Zt2cW5mx0g@mail.gmail.com>
To: Matthew Kerwin <matthew@kerwin.net.au>
Cc: Vlad Krasnov <vlad@cloudflare.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset=UTF-8
Received-SPF: pass client-ip=209.85.216.171; envelope-from=martin.thomson@gmail.com; helo=mail-qt0-f171.google.com
X-W3C-Hub-Spam-Status: No, score=-6.0
X-W3C-Hub-Spam-Report: AWL=-0.003, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1c28OI-0008BB-F8 05078bb210f4ddfd706802f16ece8e58
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-vkrasnov-h2-compression-dictionaries-01.txt
Archived-At: <http://www.w3.org/mid/CABkgnnVTgeCVuW2k3O1vpqp3PJWoYzPW-zTtHfD2Zt2cW5mx0g@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32830
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 3 November 2016 at 13:55, Matthew Kerwin <matthew@kerwin.net.au> wrote:
> If it's pushed down to the transport layer, isn't it just an even less safe
> version of draft-kerwin-http2-encoded-data? (I said no shared compression
> context between different frames, this is about sharing contexts between
> completely different streams!)

That is certainly a valid way of looking at this.

It's possibly true that you can avoid the nasty pitfalls here by only
using this for streams that are safe.  For instance, you might use
this over static resources.  BUT... just by altering the order of
requests, the size of resources can change, particularly if you know
where the compression window cuts off.  That makes me very wary about
making assertions about what is and isn't safe.

Example:  You only use this technique over a set of static images
(which should already be compressed, but we're looking for entire
images).  The attacker is able to cause a browser to make requests.
The attacker can therefore cause the window to be filled with images
that it knows about.  It can then use the size of the page load to
learn things about the images that were in that page load.  An
attacker maybe can't force a full network fetch, so it might have to
deal with caching but it can maybe find images that share pieces with
images of interest.  With a finite set of target images, you can get a
lot of information, especially if you are able to repeat the trial.