IETF Logo Mail Archive

[quicwg/base-drafts] Connection abort during handshake (#597)

MikkelFJ <notifications@github.com> Tue, 06 June 2017 19:28 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12A86128A32 for <quic-issues@ietfa.amsl.com>; Tue, 6 Jun 2017 12:28:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.799
X-Spam-Level:
X-Spam-Status: No, score=-9.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WX9R-C2N7q0z for <quic-issues@ietfa.amsl.com>; Tue, 6 Jun 2017 12:28:07 -0700 (PDT)
Received: from github-smtp2b-ext-cp1-prd.iad.github.net (github-smtp2-ext2.iad.github.net [192.30.252.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14FBF1242EA for <quic-issues@ietf.org>; Tue, 6 Jun 2017 12:28:07 -0700 (PDT)
Date: Tue, 06 Jun 2017 12:28:06 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1496777286; bh=uxhfDsnS0KsRI/3rG26GrlTwfo5e/x27454c4YQQbgs=; h=From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=WpVxvrCkfxCuqeJR/P08X1WPgKCd7AOiR64LkjVwneHWkHsX3FXjWkDmyt1tLIXk6 b6PmTTMLH/jfwKmTuivlzdKRYYjNau7HHTbE7Huh28IGJFquKxMs8a57N2LRXKxAGR RIi5pz3DwkHHJ9e7PYrpACMOdFFNby1klh0jAZJc=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abc17ab2d3a64e9ad91b00ac039e35564c1948de1f92cf00000001154ec44692a169ce0df28989@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/597@github.com>
Subject: [quicwg/base-drafts] Connection abort during handshake (#597)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_593702464dba9_292d3fc7ebc7bc38440f4"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/1V-k07O-pY5VswpFUlPuH6hfrZs>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2017 19:28:09 -0000

The transport document is not very clear on how to handle errors during handshake. TLS 1.3 section 6.2 says to abort connection and send a simple error. This can be done in client or server cleartext packets.

However, a server, or a client, may be jammed with error messages from an adversary. For servers, this can be mitigated by veryfing the Connection Id before accepting the TLS error message. For clients this is not so simple because not all server clear text messages contain the CCID. In a traditional browser client this may not be a big deal, but for peer2peer between two servers, this could be a problem.

A solution could be have all server cleartext packets contain CCID in addition to SSID, similar to how Stateless Retry packets are protected, except that Stateless Retry does not also have a SSID.

The draft does not mention explicitly that cleartext packets with CONNECTION_CLOSE or GO_AWAY should be dropped, but if they are not, the same issue may happen during handshake. It would be helpful with some very explicit text about how to ignore packets and close connections when unexpected payload appears.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/597

v2.31.3 | Report a Bug | By Email | System Status