Re: [quicwg/base-drafts] Client's initial source CID is unauthenticated (#1479)
Mike Bishop <notifications@github.com> Tue, 26 June 2018 23:14 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B77A9130E61 for <quic-issues@ietfa.amsl.com>; Tue, 26 Jun 2018 16:14:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Level:
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hjJHBsQhsiPO for <quic-issues@ietfa.amsl.com>; Tue, 26 Jun 2018 16:14:14 -0700 (PDT)
Received: from out-7.smtp.github.com (out-7.smtp.github.com [192.30.252.198]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BCC1130E17 for <quic-issues@ietf.org>; Tue, 26 Jun 2018 16:14:14 -0700 (PDT)
Date: Tue, 26 Jun 2018 16:14:13 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1530054853; bh=GpnOhtAfWBVlwkkU/HGxgTUhWnBTYxdnjUlSl9cU+mo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=dfI8ECljzUNL0W85hjL2nqcvtNNhQyDVt58+4VJ5mMldkhF8IqU+ULR//mOa91WOk VMPilnsqObkN4+yJZ+JvZ2S42gzYg3IwFPwO19TbVXrzZX3Bippv/szAz6YxDh8wPV TEEN7P/np3YIWiEW8hu4wtZCAUXyw9izvqlFT+A8=
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab5538380ecd43badcd3c8cf0eff0dec2531d8e80b92cf00000001174a8ac592a169ce1403e20c@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1479/400492023@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1479@github.com>
References: <quicwg/base-drafts/issues/1479@github.com>
Subject: Re: [quicwg/base-drafts] Client's initial source CID is unauthenticated (#1479)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b32c8c5b3566_1c993f963fc02f78421195"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/5SqIMS-cf_Fvx9XX-oui-2IbA4o>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jun 2018 23:14:16 -0000
The AAD encrypted with a key that anyone who knows the version of QUIC can derive. I think the suggestion is that, like VN, the initial DCID should be included in the transport parameters so it can be validated at the end of the handshake to confirm there was no tampering. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1479#issuecomment-400492023
- Re: [quicwg/base-drafts] Client's initial source … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … Kazuho Oku
- Re: [quicwg/base-drafts] Client's initial source … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … Kazuho Oku
- Re: [quicwg/base-drafts] Client's initial source … Kazuho Oku
- Re: [quicwg/base-drafts] Client's initial source … Martin Thomson
- Re: [quicwg/base-drafts] Client's initial source … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … Marten Seemann
- Re: [quicwg/base-drafts] Client's initial source … Nick Banks
- Re: [quicwg/base-drafts] Client's initial source … Mike Bishop
- Re: [quicwg/base-drafts] Client's initial source … Martin Thomson
- [quicwg/base-drafts] Client's initial source CID … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … Christopher Wood
- Re: [quicwg/base-drafts] Client's initial source … MikkelFJ