Re: [quicwg/base-drafts] introduce a version alias mechanism (#2573)

Kazuho Oku <notifications@github.com> Mon, 01 April 2019 05:18 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1C1E12008C for <quic-issues@ietfa.amsl.com>; Sun, 31 Mar 2019 22:18:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Level:
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M8bdz8ACNMg8 for <quic-issues@ietfa.amsl.com>; Sun, 31 Mar 2019 22:18:50 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19C2B12007A for <quic-issues@ietf.org>; Sun, 31 Mar 2019 22:18:50 -0700 (PDT)
Date: Sun, 31 Mar 2019 22:18:48 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1554095928; bh=xJwxTkt/52U+oCEW5JfJO3bJMB6yhqsbR1fEASnUb8c=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=UASpkXUxj6FhlcQ02WXQTYABR6WTqEsPRIa8+saXDRvDpsfU9dYZWWDXYzjQ+bPb+ XHkRylGXbf447N2FBBpBLfrb4Z7wCnO+0/kIOfuiMnTzR0of5/ZA3KHxlzONAJbgQs TyO/nIiR+fBPkjyrGcPvqbsmxwdLI9mVZ6KNwJtA=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab60daec814c1cfd80dbdc7e46fd2c24d8c4c5e63992cf0000000118b9613892a169ce197ad4b9@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2573/c478439064@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2573@github.com>
References: <quicwg/base-drafts/pull/2573@github.com>
Subject: Re: [quicwg/base-drafts] introduce a version alias mechanism (#2573)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ca19f38cdb57_1b7e3fa65c6d45c4481f"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/47fh2i0EhuoWdObFw7bvF5K4XQo>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 05:18:52 -0000

In addition to what @mikkelfj points out, a middlebox can inject a VN and force the client to retransmit the Initial packet in the version the middlebox prefers. Note that such an attack would not be noticed, because we are removing downgrade prevention from the VN design.

I think that the proposed approach works as an anti-ossification mechanism, but I do not think it's anything more than that.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2573#issuecomment-478439064