Re: [quicwg/base-drafts] Threat model discussion does not cover handshake MITM (#3512)

MikkelFJ <> Mon, 20 April 2020 08:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C7C8B3A0769 for <>; Mon, 20 Apr 2020 01:40:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.093
X-Spam-Status: No, score=0.093 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.282, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, T_SPF_TEMPERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id O6j1bSbHxGXi for <>; Mon, 20 Apr 2020 01:39:58 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 449FF3A0773 for <>; Mon, 20 Apr 2020 01:39:25 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 72E8D520023 for <>; Mon, 20 Apr 2020 01:39:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1587371958; bh=I3xOGUZQ+gkLGZTj8TuXjHwsfNFYWfx/uyz3jypWXKc=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=MJGKeNtv4SXHPpbQ13z3k/V7PaVCRg/7dB7sjMdj41ZDMsrrVjbqXFXNod+LtvuI9 z2jcKj80vOxzlOtwed3utwK7b3ctOBkhG3P7KJMRedSvRlJLT5hWhFddeOuJhtoe2f v4j2a0K9xZ2W1hC4QNYcaSMNovGZr/Oq6iDzYehM=
Date: Mon, 20 Apr 2020 01:39:18 -0700
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3512/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Threat model discussion does not cover handshake MITM (#3512)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e9d5fb66454b_15893fc414ccd9642567a6"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 20 Apr 2020 08:40:09 -0000

Since this concerns the handshake, I'm not too confident in contributing text but I'd be happy to review and discuss.

I believe it is correct that the issue is covered in existing text elsewhere but as @erickinnear says, it makes sense to cover it in one place. The risk is that the reader is not aware how important it is to reach a certain point in the connection before trusting data, and especially to those seeking to create derived versions. From various discussions I'm not sure the importance is broadly understood.

Additionally, I'm not entirely convinced that the current text fully captures the problem - not the we necessarily can - for example various stateless transmissions / redirects / token issues - might assume a level of privacy that doesn't exist in all cases, thus requiring stronger integrity elsewhere such as in CIDs, tokens etc..

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: