Re: [quicwg/base-drafts] Define an anti-forgery limit (#3620)
Martin Thomson <notifications@github.com> Fri, 22 May 2020 05:04 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14C623A0EA4 for <quic-issues@ietfa.amsl.com>; Thu, 21 May 2020 22:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Level:
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3TU2T8276ce for <quic-issues@ietfa.amsl.com>; Thu, 21 May 2020 22:04:33 -0700 (PDT)
Received: from out-18.smtp.github.com (out-18.smtp.github.com [192.30.252.201]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 290863A0E9D for <quic-issues@ietf.org>; Thu, 21 May 2020 22:04:33 -0700 (PDT)
Received: from github-lowworker-cde56e0.va3-iad.github.net (github-lowworker-cde56e0.va3-iad.github.net [10.48.25.52]) by smtp.github.com (Postfix) with ESMTP id DB0866E0E02 for <quic-issues@ietf.org>; Thu, 21 May 2020 22:04:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1590123871; bh=MIfzzFWdtZIOdBn9deS19X+eGPZ/SIBBbOQ6XDeYYGM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Y3N+ufCVPDgfE73j9P+rOUhf1uIbc7Q/cyxmR9WGDycPMhRT6Thn9B0a6Yed6xW1C BrJSuPvzO6Pab+eJAFUZCilF+omaOLjeYq8hqMFAynSSdbxEVd01XM6SOPPP7wyX0k 4he1kNOogW/kAdqFaoBAOK8WQ7K5oN2MOYjvFSxY=
Date: Thu, 21 May 2020 22:04:31 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK3PD2BUKZVO5UMZCCV42M7F7EVBNHHCIZGB6U@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3620/review/416649354@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3620@github.com>
References: <quicwg/base-drafts/pull/3620@github.com>
Subject: Re: [quicwg/base-drafts] Define an anti-forgery limit (#3620)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ec75d5fcb7d7_6653ff3d60cd96037048d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/27fPAw28sUUrzITdgxZvoz8K9sA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2020 05:04:37 -0000
@martinthomson commented on this pull request. > @@ -1550,12 +1550,13 @@ number of attempts to forge packets. TLS achieves this by closing connections after any record fails an authentication check. In comparison, QUIC ignores any packet that cannot be authenticated, allowing multiple forgery attempts. -Endpoints MUST count the number of received packets that fail authentication. -If the number of packets that fail authentication with the same key exceeds a -limit that is specific to the AEAD in use, the endpoint MUST immediately close -the connection. Endpoints MUST initiate a key update before reaching this -limit. Applying a limit reduces the probability that an attacker is able to -successfully forge a packet; see {{AEBounds}} and {{ROBUST}}. +Endpoints MUST count the number of received packets that fail authentication for +each set of keys. If the number of packets that fail authentication with the +same key exceeds a limit that is specific to the AEAD in use, the endpoint MUST +stop using those keys. Endpoints MUST initiate a key update before reaching +this limit. If a key update is not possible, the endpoints MUST immediately ```suggestion this limit. If a key update is not possible, the endpoint MUST immediately ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/3620#pullrequestreview-416649354
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- [quicwg/base-drafts] Define an anti-forgery limit… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… ianswett
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Lucas Pardue
- Re: [quicwg/base-drafts] Define an anti-forgery l… Jana Iyengar
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Kazuho Oku
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Kazuho Oku
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Felix Günther
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Christopher Wood
- Re: [quicwg/base-drafts] Define an anti-forgery l… Felix Günther
- Re: [quicwg/base-drafts] Define an anti-forgery l… Christopher Wood
- Re: [quicwg/base-drafts] Define an anti-forgery l… David Schinazi
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Christopher Wood
- Re: [quicwg/base-drafts] Define an anti-forgery l… Jana Iyengar
- Re: [quicwg/base-drafts] Define an anti-forgery l… David Schinazi
- Re: [quicwg/base-drafts] Define an anti-forgery l… Christopher Wood
- Re: [quicwg/base-drafts] Define an anti-forgery l… David Schinazi
- Re: [quicwg/base-drafts] Define an anti-forgery l… Christopher Wood
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson
- Re: [quicwg/base-drafts] Define an anti-forgery l… Martin Thomson