Re: [quicwg/base-drafts] Add warning about request forgery and client-side migration. Fixes #4086 (#4104)

Martin Thomson <notifications@github.com> Thu, 17 September 2020 00:13 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E16F3A135E for <quic-issues@ietfa.amsl.com>; Wed, 16 Sep 2020 17:13:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.391
X-Spam-Level:
X-Spam-Status: No, score=-3.391 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.695, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qXTLH9RpBPPv for <quic-issues@ietfa.amsl.com>; Wed, 16 Sep 2020 17:13:37 -0700 (PDT)
Received: from out-27.smtp.github.com (out-27.smtp.github.com [192.30.252.210]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CEDA3A135D for <quic-issues@ietf.org>; Wed, 16 Sep 2020 17:13:37 -0700 (PDT)
Received: from github-lowworker-b19c547.va3-iad.github.net (github-lowworker-b19c547.va3-iad.github.net [10.48.17.66]) by smtp.github.com (Postfix) with ESMTP id 857919025F6 for <quic-issues@ietf.org>; Wed, 16 Sep 2020 17:13:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1600301615; bh=RaOarOdQgOc1IvX28GMgRX6zzyi9REpg+P+P5DavSwk=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=xRVlv+6R3wSaHjxY+uqA8TcQt0FYImTAx1hFmsQPWcIdqh6E3w8XUMK5O0WuS3xjJ GxGTiojdZkmv/XRowAzLV1ql+X5mhDOGRj2xRKZBmMMdbL0ZJ1+79RsflKnZuErWmZ zjGYtr0I4Fhj4ddRyJ4gR5IP5pYMoNeh+1eTDalY=
Date: Wed, 16 Sep 2020 17:13:35 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK2CJEUOQCDDUPSAZHF5N2FS7EVBNHHCT2CBCQ@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/4104/review/490112468@github.com>
In-Reply-To: <quicwg/base-drafts/pull/4104@github.com>
References: <quicwg/base-drafts/pull/4104@github.com>
Subject: Re: [quicwg/base-drafts] Add warning about request forgery and client-side migration. Fixes #4086 (#4104)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f62aa2f761f8_a1519f01047b6"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/98NRkuf4x8LQbki9m4vQsZqPTb0>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 00:13:38 -0000

@martinthomson approved this pull request.

Thanks for writing this up.  My only comment is that this is two points and therefore two paragraphs.

> +endpoints.  Although it is not generally possible to ensure that
+clients are not co-located with vulnerable endpoints, this version of
+QUIC does not allow servers to migrate, thus preventing spoofed
+migration attacks on clients.  Any future extension which allows
+server migration MUST also define countermeasures for forgery attacks.

```suggestion
endpoints.

Although it is not generally possible to ensure that
clients are not co-located with vulnerable endpoints, this version of
QUIC does not allow servers to migrate, thus preventing spoofed
migration attacks on clients.  Any future extension which allows
server migration MUST also define countermeasures for forgery attacks.
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/4104#pullrequestreview-490112468