IETF Logo Mail Archive

Re: [quicwg/base-drafts] describe how 0-RTT is accepted and rejected (#2841)

Kazuho Oku <notifications@github.com> Wed, 26 June 2019 02:21 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B2F51201D0 for <quic-issues@ietfa.amsl.com>; Tue, 25 Jun 2019 19:21:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Level:
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DvJ4fMWZIHI0 for <quic-issues@ietfa.amsl.com>; Tue, 25 Jun 2019 19:21:36 -0700 (PDT)
Received: from out-13.smtp.github.com (out-13.smtp.github.com [192.30.254.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F53C12002F for <quic-issues@ietf.org>; Tue, 25 Jun 2019 19:21:36 -0700 (PDT)
Date: Tue, 25 Jun 2019 19:21:35 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1561515696; bh=ENsfV90sUetJqVCMIdSxmQskjAKA9pYxFBGQ9VU+5kE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=RfZhL+P0r2FeFZ5uSsztCE+/sveM+ur/BDblJn8FxSzTnqUIC/cSC7Ej+r+aVzgOL cMYqtnubJVwQqzmcDTWjZQeDoriHvedD78l5t9ReVKUiEBpNimO614xvloVxl+ipNz +9/izvgiR/qER1y3DoLuUb0RfvGqH6/IEim0x6oE=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK62RCOLZSUOBPBAFJ53EAES7EVBNHHBW3JQOA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2841/review/254353726@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2841@github.com>
References: <quicwg/base-drafts/pull/2841@github.com>
Subject: Re: [quicwg/base-drafts] describe how 0-RTT is accepted and rejected (#2841)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d12d6afa5fad_31b53ffad26cd95c134931"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/7HM6qPuZ-YCqilrY1mW08vYR0Q8>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 02:21:38 -0000

kazuho commented on this pull request.



>  
-A server rejects 0-RTT by rejecting 0-RTT at the TLS layer.  This also prevents
-QUIC from sending 0-RTT data. A server will always reject 0-RTT if it sends a
-TLS HelloRetryRequest.
+A server rejects 0-RTT by sending a ServerHello without the EarlyDataIndication.
+A server will always reject 0-RTT if it sends a TLS HelloRetryRequest.  When
+rejecting 0-RTT, a server MUST NOT process any 0-RTT packets, even if it is in
+possesion of the keys to do so.  When 0-RTT was rejected, a client MUST treat
+receipt of an acknowledgement for a 0-RTT packet as a connection error of type

Using unified packet number space on the send side is an easy way of detecting an optimistic ACK attack. Because all you need is a single ACK map (instead of ACK map per every packen number space), that allows each of the entry to have the epochs associated. Optimistic ACK is detected when you receive an ACK in an unexpected epoch.

> Furthermore, if I understand your point here correctly, what you actually want to do is not to perform the check if a skipped packet number is acknowledged, so you really can't use this text as a justification...

I think you are missing the fact that there are two topics being discussed in parallel. One is if use of unified packet number space is OK. That relates to if the detection could be MUST. For that, we are in agreement that it can be SHOULD. Therefore, I think it's getting off-topic.

The other discussion is if we need the "if detected" sub-clause. I do not think I am using the existence of QUIC stacks using unified packet number space on the send side as a justification to argue for having the sub-clause.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2841#discussion_r297461418

v2.23.0 | Report a Bug | By Email