Re: [quicwg/base-drafts] Add initial threat model to security considerations (#2925)

Eric Kinnear <> Sat, 16 November 2019 13:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5EC1E120152 for <>; Sat, 16 Nov 2019 05:37:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ciJ3M8dnNgh0 for <>; Sat, 16 Nov 2019 05:37:22 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 877971200FF for <>; Sat, 16 Nov 2019 05:37:22 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 8E67066041F for <>; Sat, 16 Nov 2019 05:37:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1573911441; bh=SjmfXpOfFPsRb88Ugon7C6WL1qps7PWQnI6EqdpxurU=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=oO7GanlsZKc45tqiuT/K7iur+tummYmLEGaXqnITN5CyhV5YB0sLczpJqGM8K6QdR imURHYA8NZJDZqRS+mZdrbWdPt5eED0Wp68jVAcFAVDYCgOqftEQGFNeJ4LkRehGl6 +9cI2qCO2CZhGjqogGmEZEIQOaeOHTZ0LaI7bzug=
Date: Sat, 16 Nov 2019 05:37:21 -0800
From: Eric Kinnear <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2925/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Add initial threat model to security considerations (#2925)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dcffb917f6e7_720e3f8959ecd96c135242a"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: erickinnear
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 16 Nov 2019 13:37:24 -0000

erickinnear commented on this pull request.

> +save observed QUIC packets for an offline attack against QUIC packet protection
+at a future time; this is true for any observer of any packet on any network.
+#### Active Attacks
+An active attack ({{?RFC3552}}) involves writing data to the network.  An
+attacker with such a capability might be in a position to additionally prevent
+the original packets it observes from reaching their intended destination.  If
+so, they are considered to be an on-path attacker.
+An active attacker may also choose to rewrite the source or destination IP
+addresses of packets that it forwards or injects. Such spoofing attacks are only
+effective against a QUIC connection if the attacker can still forward the
+contents of the packets to the original endpoint, since QUIC connections are
+both authenticated and encrypted.

Reworded and moved this around to hopefully be more clear

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: