Re: [quicwg/base-drafts] Stateless Reset during Path Migration (#1258)
Mike Bishop <notifications@github.com> Fri, 13 April 2018 21:23 UTC
Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07255129C6D for <quic-issues@ietfa.amsl.com>; Fri, 13 Apr 2018 14:23:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.606
X-Spam-Level:
X-Spam-Status: No, score=-1.606 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yZEAD-BAh0Te for <quic-issues@ietfa.amsl.com>; Fri, 13 Apr 2018 14:23:53 -0700 (PDT)
Received: from o10.sgmail.github.com (o10.sgmail.github.com [167.89.101.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C60BA12D574 for <quic-issues@ietf.org>; Fri, 13 Apr 2018 14:23:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=d9sZzn+d3SXnODrP1e1rQmNoCkg=; b=qOsc0BUKgJa+Edsz GnZVPLDrcudvZNWll1cwrOB20fEeihK6f4YVQVnkPT4oT/zBiDuxvkHOjNZ9p4le lcIYITlcPXKxUQHrqKiPwHN5BnYchmfkLvNfRv97rU8CFlPNQ0mFJBDo33ZZL+cN EJ1YhExPWOkdVmiVXq5z9R1woaQ=
Received: by filter0056p1las1.sendgrid.net with SMTP id filter0056p1las1-19892-5AD11FE7-26 2018-04-13 21:23:51.76622414 +0000 UTC
Received: from smtp.github.com (out-1.smtp.github.com [192.30.252.192]) by ismtpd0008p1iad2.sendgrid.net (SG) with ESMTP id AOw6EYX-TWOKanwYhsQVNw for <quic-issues@ietf.org>; Fri, 13 Apr 2018 21:23:51.754 +0000 (UTC)
Date: Fri, 13 Apr 2018 21:23:51 +0000
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab3f086c0ca9e30158224a0a2d8d3c6363300a181d92cf0000000116e8e1e792a169ce12828e32@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1258/381264130@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1258@github.com>
References: <quicwg/base-drafts/issues/1258@github.com>
Subject: Re: [quicwg/base-drafts] Stateless Reset during Path Migration (#1258)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ad11fe79e736_35153fb6e02a4f28209445"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak35xolrQY0NwD/rWdQlXYO/L33QFmZAg2vVIs TC/m47NVSzxR8pakWEN/CW2wRtBKfT7FvC68GFDj5M/eR7uAx7LsWVtJ1kuPX+A5OrKlhFpdL8yOoK 6WUSsA/B8hwdrG6cQDO8QybZbLvM164COj6fjAc69eQCohmpPI5hzmgejH4VBVZ7vOhvRZRxYaT8Nf 8=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/64E1bYaK6rx2gP72S0YOqVMyjlw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Apr 2018 21:23:55 -0000
Per discussion on #1259, the correct solution to this in a deployment is that, if you aren't the server that minted the CID, you shouldn't have the key to generate the Stateless Reset. We need Security Considerations text around that, because DoS attacks open up if servers get this wrong. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1258#issuecomment-381264130
- [quicwg/base-drafts] Stateless Reset during Path … Mike Bishop
- Re: [quicwg/base-drafts] Stateless Reset during P… Mike Bishop
- Re: [quicwg/base-drafts] Stateless Reset during P… Mike Bishop
- Re: [quicwg/base-drafts] Stateless Reset during P… Mike Bishop