Re: [quicwg/base-drafts] Let Endpoints Ignore invalid Initial Packets (#1819)

ianswett <notifications@github.com> Thu, 18 October 2018 21:55 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64196130E89 for <quic-issues@ietfa.amsl.com>; Thu, 18 Oct 2018 14:55:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.064
X-Spam-Level:
X-Spam-Status: No, score=-8.064 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.064, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D8qG7IInKeIm for <quic-issues@ietfa.amsl.com>; Thu, 18 Oct 2018 14:55:34 -0700 (PDT)
Received: from out-6.smtp.github.com (out-6.smtp.github.com [192.30.252.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 310D9130E94 for <quic-issues@ietf.org>; Thu, 18 Oct 2018 14:55:34 -0700 (PDT)
Date: Thu, 18 Oct 2018 14:55:33 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1539899733; bh=lV3m0JoJt0nvfLt3GbFTuEbFBmFIFxAPmn1RAF56oRo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1fb06DzKd5c2nOkPNdsBiO07jdW/qWIqvGtR7n080NcEcY+m08hOrGigr/jzc0rxn lbgdRlTfU2RxNBqtbEbA+ox91XssEqu+Tn0E/XcNuLG2B8S9wfUkukFyTNPSvQzyh1 1XLTixqORs5QmV3sLdfCA6GIWJfKnmm6dpQJfgLQ=
From: ianswett <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab7bebd2f4b26aa92c7b86458c9b8b598a98272d0d92cf0000000117e0c35592a169ce15cbb1a4@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1819/review/166311841@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1819@github.com>
References: <quicwg/base-drafts/pull/1819@github.com>
Subject: Re: [quicwg/base-drafts] Let Endpoints Ignore invalid Initial Packets (#1819)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bc9015533e53_38173fc1ab4d45c0250755"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/5kumy70felKeFLABaAtNfw74VZ4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Oct 2018 21:55:45 -0000

ianswett commented on this pull request.



> @@ -736,6 +733,18 @@ and will contain a CRYPTO frame with an offset matching the size of the CRYPTO
 frame sent in the first Initial packet.  Cryptographic handshake messages
 subsequent to the first do not need to fit within a single UDP datagram.
 
+### Handling of Fatal Initial Packets
+
+The contents of some Initial packets may, according to this specification, force
+connection termination. For example, they might contain forbidden frame types
+or a CONNECTION_CLOSE frame. As Initial packets are not protected, these could
+indicate injection attacks to terminate the connection.
+
+Endpoints MAY treat the receipt of such packets as a connection error, drop them

I believe we've also said previously we don't care about man on the side attacks, but I think it's clear we do, but we don't want to do a full analysis of them, which leaves us in a weird place.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1819#discussion_r226478559