Re: [quicwg/base-drafts] Stateless Reset Eternal Ping Pong (#1443)

Igor Lubashev <notifications@github.com> Wed, 18 July 2018 18:48 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2570213116A for <quic-issues@ietfa.amsl.com>; Wed, 18 Jul 2018 11:48:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.009
X-Spam-Level:
X-Spam-Status: No, score=-3.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MVGmPmgz8S3O for <quic-issues@ietfa.amsl.com>; Wed, 18 Jul 2018 11:48:03 -0700 (PDT)
Received: from o1.sgmail.github.com (o1.sgmail.github.com [192.254.114.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC605130FBB for <quic-issues@ietf.org>; Wed, 18 Jul 2018 11:48:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=CffI/0Yd+Ibyv+Q0jcSjaEOW23M=; b=ljq25nfcn2HeeOEL 6oKJ36RB36r6EPIaDz1BN9lsh5dniBmjV2HKoa3Vm2WEdtCchkIFMuPidekCIHvh znr0sF/Z5HPLO9rGy9RBGl+1CimGSJn0HdFZ8K0EpUU/taNOgaiJL9djswlIgNRD iTeVG9c/fMZBT707t//CxTjBphg=
Received: by filter1052p1las1.sendgrid.net with SMTP id filter1052p1las1-17093-5B4F8B63-5 2018-07-18 18:48:03.204699824 +0000 UTC m=+71859.436652273
Received: from github-lowworker-39ccb07.cp1-iad.github.net (unknown [192.30.252.40]) by ismtpd0008p1iad1.sendgrid.net (SG) with ESMTP id OmQNb9bmRi6weAuxJYdgow for <quic-issues@ietf.org>; Wed, 18 Jul 2018 18:48:03.099 +0000 (UTC)
Received: from github.com (localhost [127.0.0.1]) by github-lowworker-39ccb07.cp1-iad.github.net (Postfix) with ESMTP id 165C640005E for <quic-issues@ietf.org>; Wed, 18 Jul 2018 11:48:03 -0700 (PDT)
Date: Wed, 18 Jul 2018 18:48:03 +0000
From: Igor Lubashev <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab7cf5b2c79b1f424812d378e87a01004cc13fae1e92cf0000000117674d6392a169ce13c7a591@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1443/406035578@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1443@github.com>
References: <quicwg/base-drafts/issues/1443@github.com>
Subject: Re: [quicwg/base-drafts] Stateless Reset Eternal Ping Pong (#1443)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b4f8b6315107_55a93fa6fe0ccf581213c5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: igorlord
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak163THDHb75tUVmy4NJciRf6AuewUgz0mFihh uNcD+UzNsDc/TXPllofVt4fHx3sruXmvhvk6t7z+V2nxNOTfyAZA3r5aWhkR8bn3a+XW/RJYOzXQ2b cbvoRq1XvE/PWEoPPNTzEOi/8dAX4iXL4prNvhGVHt4XVKOjLCAFVqzksDDYOZqA+d3fGim4txLRVs o=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/3R0R6oB3FDTWwDOS2ndtOHLGQOk>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.27
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jul 2018 18:48:15 -0000

Could someone explain the mechanics of the TTL proposal?

When a packet arrives, it has a residual TTL (originalTTL - #hops). So the proposal is to send a SR packet with the residual TTL and not reset the TTL to the server's default value?

This is somewhat brittle, since it depends on both peers to implement TTL logic correctly. If someone does not, pointing a broken endpoint at a victim would cause a forever-loop.  Even if everything is implemented properly, this could cause over 100 bounces per reset -- a powerful amplification attack.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1443#issuecomment-406035578