Re: [quicwg/base-drafts] Stateless Reset becomes a larger risk of amplification with longer CIDs (#2770)

ianswett <> Tue, 04 June 2019 23:17 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 94015120048 for <>; Tue, 4 Jun 2019 16:17:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.391
X-Spam-Status: No, score=-6.391 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rgv2grxK6o6J for <>; Tue, 4 Jun 2019 16:17:53 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E806A120086 for <>; Tue, 4 Jun 2019 16:17:52 -0700 (PDT)
Date: Tue, 04 Jun 2019 16:17:51 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1559690271; bh=2VQeodMARvkbWgteLL4Q9Roxv0usZQGbP+MnR7sCeVE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=ajm6AoXXL/tZ8wB5BeUo1ZWSx3Hf2AAQGGQJXwvBLw6rx0QiLw6Ndw6RihMYIvaN2 USgeknwoyrxLVpLDQhn73R4V/Ygd/y3C+Uxp8ajSkYzAVR1CpM1fjxGGva4lh8DzXR yIXoHC2TVc49Y9/SbZr7bdpnGT906FT24PY16qsk=
From: ianswett <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2770/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Stateless Reset becomes a larger risk of amplification with longer CIDs (#2770)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cf6fc1fe6d79_64093fc569acd96023278b"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 04 Jun 2019 23:17:55 -0000

Reading that full section, though we specify a length of the stateless reset to be sent in the wire format, we don't use any normative language about size except: "Endpoints MUST discard packets that are too small to be valid QUIC packets." so I guess if, as a server, I believe sending a stateless reset of a certain size is unlikely to be distinguishable from a "real" packet, I can do that?

If so, that's not obvious, but it would seem there's no normative text change necessary.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: