IETF Logo Mail Archive

Re: [quicwg/base-drafts] Handling of duplicate packets (#1405)

Magnus Westerlund <notifications@github.com> Tue, 05 June 2018 13:38 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07326131071 for <quic-issues@ietfa.amsl.com>; Tue, 5 Jun 2018 06:38:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Level:
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9lnFRztDccbF for <quic-issues@ietfa.amsl.com>; Tue, 5 Jun 2018 06:38:20 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60FFC130DCA for <quic-issues@ietf.org>; Tue, 5 Jun 2018 06:38:20 -0700 (PDT)
Date: Tue, 05 Jun 2018 06:38:19 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1528205899; bh=FpNccRfuwC1H+H8Q8VyAr7TWEoEaESGaF8vQMWlIca8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=M8g9jLF0Xnvn/GsZtBz7drsg8ghDB24e1A0qkEbOD08owDHFzVEowobiIU+vnDl6t HZhxCZSlAzJRCpku5YqduxWNmDJWiPXrg7M7GO+vZoUHjJN4gWyflWTa7b8E2o0sM7 0UjhUM/UNcY3wiQlkUNkueEdioMaZ6rmAzBD2kAQ=
From: Magnus Westerlund <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab8beaadc30b8f842ba7d90d98123378835a737dbc92cf00000001172e544b92a169ce138d6870@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1405/394712102@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1405@github.com>
References: <quicwg/base-drafts/issues/1405@github.com>
Subject: Re: [quicwg/base-drafts] Handling of duplicate packets (#1405)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b16924bbc5e0_6f602abb417f8f6022365"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: gloinul
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/5MiaCgK2qTBHB6ujae5zhdojT2E>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jun 2018 13:38:22 -0000

>From my perspective processing the later arriving duplicate has risks. If this is an intentional attack based on duplicating and modifying  a packet, but where the original can't be removed, then likely the attack packet will arrive after the original. 

Secondly, trying to combine the ECN response of multiple packets is less than straightforward and exposes one to the risk above. It can also make one more likely to treat a specific ECN number as CE than none duplicated packets. Also the downside of dropping any duplicate packet even if CE marked is not significant. If you have a congestion event that results in the next packet is marked also, then the CE event will be reported one packet later. 

ECN for RTP (https://www.rfc-editor.org/rfc/rfc6679.txt) actually tracks duplication and loss as seen by receiver to give all variables, but the retrospective on that RFC is that is overly causes. 

I would argue that QUIC need a basic duplication handling, and that ECN processing happens after the packet has been decrypted and authenticated to avoid any type of injection attacks, and require additional checking mechanism for it being a valid source sent packet. 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1405#issuecomment-394712102

v2.31.3 | Report a Bug | By Email | System Status