Re: [quicwg/base-drafts] Complete version negotiation failure (#1917)
MikkelFJ <notifications@github.com> Thu, 25 October 2018 20:54 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82752130E02 for <quic-issues@ietfa.amsl.com>; Thu, 25 Oct 2018 13:54:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sXawpy0jy_JG for <quic-issues@ietfa.amsl.com>; Thu, 25 Oct 2018 13:54:05 -0700 (PDT)
Received: from out-6.smtp.github.com (out-6.smtp.github.com [192.30.252.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03B601288BD for <quic-issues@ietf.org>; Thu, 25 Oct 2018 13:54:05 -0700 (PDT)
Date: Thu, 25 Oct 2018 13:54:04 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1540500844; bh=4gO2htjKExNGIuCQchTeGnfLqNFOqcREPKcqz/omE80=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=K/EkgZvv/oj+Chwg4e4XGXB2VY2AyXoVXtYHrNPM4oFA0YcsToXaxagoih8UcTllV admfizCyQAp1IO8LF4GKgb+xSTwINFmfh3n/2oKjN4TRg3Q1AKURXHpMVino/TdHhU 4LAZD4GqDAV/AqzKlcJzn0YDwqagW1w2sFKmoBOw=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab36da057cec94f06e1004d7562dd399b1da90268992cf0000000117e9ef6c92a169ce164cac4a@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1917/433201874@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1917@github.com>
References: <quicwg/base-drafts/issues/1917@github.com>
Subject: Re: [quicwg/base-drafts] Complete version negotiation failure (#1917)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bd22d6c36362_29423f8fd9ad45b412526b9"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/9mWOZXphbb8AkAYRwhEhsyepvxE>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Oct 2018 20:54:08 -0000
It's not (generally) an attack and it is a very possible because the much better no-one supports the insecure v1 or v2 anymore (like TLS 1.0, 1.1). Client API returns the equivalent of 501 Not Implemented. It could of course be an injected packet so the client could wait for something better to show up before failing. No action required. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1917#issuecomment-433201874
- Re: [quicwg/base-drafts] Complete version negotia… MikkelFJ
- [quicwg/base-drafts] Complete version negotiation… Martin Thomson
- Re: [quicwg/base-drafts] Complete version negotia… MikkelFJ
- Re: [quicwg/base-drafts] Complete version negotia… Martin Thomson
- Re: [quicwg/base-drafts] Complete version negotia… MikkelFJ
- Re: [quicwg/base-drafts] Complete version negotia… Martin Thomson
- Re: [quicwg/base-drafts] Complete version negotia… Igor Lubashev
- Re: [quicwg/base-drafts] Complete version negotia… MikkelFJ
- Re: [quicwg/base-drafts] Complete version negotia… Igor Lubashev
- Re: [quicwg/base-drafts] Complete version negotia… MikkelFJ
- Re: [quicwg/base-drafts] Complete version negotia… Igor Lubashev
- Re: [quicwg/base-drafts] Complete version negotia… Martin Thomson