[quicwg/base-drafts] c79b02: Document request forgery
Martin Thomson <noreply@github.com> Thu, 13 August 2020 07:22 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DD7A3A0816 for <quic-issues@ietfa.amsl.com>; Thu, 13 Aug 2020 00:22:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AjB55BJOZaAc for <quic-issues@ietfa.amsl.com>; Thu, 13 Aug 2020 00:22:31 -0700 (PDT)
Received: from out-25.smtp.github.com (out-25.smtp.github.com [192.30.252.208]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 142373A0815 for <quic-issues@ietf.org>; Thu, 13 Aug 2020 00:22:30 -0700 (PDT)
Received: from github-lowworker-1b8c660.ash1-iad.github.net (github-lowworker-1b8c660.ash1-iad.github.net [10.56.18.59]) by smtp.github.com (Postfix) with ESMTP id AD5968407E6 for <quic-issues@ietf.org>; Thu, 13 Aug 2020 00:22:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1597303349; bh=apEBZWyDsOCFxoZ5j1K/nZESjMHOuVQJa8IyH3zHqZg=; h=Date:From:To:Subject:From; b=u4v2eIS9o7XaqD8gQ8SGpaSIzTQgwCFGq7TS9l3oHl0fvfsiY+mRYUu3pwB9vtLhQ N5kBEAsxSOMWOVt+qQifVakbcW6l5AEhSxNZHqqRoUcOl6mihWLrLQQvaiX4SYMCmz hCKrcMBenpS2p2opJc0d4jFQhP1Soeh6s6rsc6Xs=
Date: Thu, 13 Aug 2020 00:22:29 -0700
From: Martin Thomson <noreply@github.com>
To: quic-issues@ietf.org
Message-ID: <quicwg/base-drafts/push/refs/heads/request-forgery/000000-c79b02@github.com>
Subject: [quicwg/base-drafts] c79b02: Document request forgery
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-Auto-Response-Suppress: All
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/BHiPlLz6tdRq3z12bN5R3X8kdRo>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2020 07:22:32 -0000
Branch: refs/heads/request-forgery Home: https://github.com/quicwg/base-drafts Commit: c79b02ed6a49c64822967c1d00693721cfd8a34e https://github.com/quicwg/base-drafts/commit/c79b02ed6a49c64822967c1d00693721cfd8a34e Author: Martin Thomson <mt@lowentropy.net> Date: 2020-08-13 (Thu, 13 Aug 2020) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Document request forgery First cut at this, sorry about it being so long. It's fairly hard to write this, particularly since the existing documentation is so sparse. Hopefully this is clear enough. I haven't had time to properly proof-read it, so it's probably not very good. But I thought I'd share what I got. This includes some basic countermeasures, but they aren't very good. I think that's OK, but we should discuss. Closes #3995.
- [quicwg/base-drafts] c79b02: Document request for… Martin Thomson