Re: [quicwg/base-drafts] Limit RCID state (#3547)

Kazuho Oku <notifications@github.com> Thu, 02 April 2020 00:51 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 143A73A0062 for <quic-issues@ietfa.amsl.com>; Wed, 1 Apr 2020 17:51:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.696
X-Spam-Level:
X-Spam-Status: No, score=-1.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dyCq2wNtL8Rx for <quic-issues@ietfa.amsl.com>; Wed, 1 Apr 2020 17:51:08 -0700 (PDT)
Received: from out-7.smtp.github.com (out-7.smtp.github.com [192.30.252.198]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A49683A0060 for <quic-issues@ietf.org>; Wed, 1 Apr 2020 17:51:08 -0700 (PDT)
Received: from github-lowworker-275fa97.va3-iad.github.net (github-lowworker-275fa97.va3-iad.github.net [10.48.17.64]) by smtp.github.com (Postfix) with ESMTP id AD8552C1F6D for <quic-issues@ietf.org>; Wed, 1 Apr 2020 17:51:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1585788667; bh=u/PUzhR91dM+LiC/oUjWW6e/AzOrWvXRNETc6i3o9f8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FSooa/l1mbOM1T5x819ThYjB7bivpvs+OE35wST8RPBfqT6lQy83IIU20SHVtgnu5 2v7Bb+JQq3BUFMaFrY895ywNtU6fmBy9b/M1p+nZ2ZVm2+uDk25OtrE0OllqpXWzUU 0/9hHlfBNfrmU/QZ0JuyOg5aFPwxpa0+idxVdi1I=
Date: Wed, 01 Apr 2020 17:51:07 -0700
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK5R37CCIT3N6N53PJV4SEL7XEVBNHHCGFYIAU@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3547/review/386043610@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3547@github.com>
References: <quicwg/base-drafts/pull/3547@github.com>
Subject: Re: [quicwg/base-drafts] Limit RCID state (#3547)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e8536fb9f4bb_5b253fa65b6cd964109726"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/0IZByuNCgf1DCZq0Pw08MkjVbFU>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2020 00:51:10 -0000

@kazuho commented on this pull request.



> @@ -1069,6 +1069,15 @@ to cease using the connection IDs when requested can result in connection
 failures, as the issuing endpoint might be unable to continue using the
 connection IDs with the active connection.
 
+An endpoint SHOULD limit the number of in flight RETIRE_CONNECTION_ID frames
+to bound the necessary state. In order to minimize delay in common situations,
+the limit on the number of in flight RETIRE_CONNECTION_IDs SHOULD be at least
+the active_connection_id_limit. An endpoint MAY choose to treat having too many

If it excludes those that can't be sent, then such an endpoint is vulnerable to the attack. Unless the amount of state that is used to track those that can't be sent is bounded. We need to recommend endpoints to limit _this_ state (see https://github.com/quicwg/base-drafts/pull/3547#discussion_r401984660), not the number of RCID frames sent at once.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3547#discussion_r401992408