Re: [quicwg/base-drafts] Discard Initial keys as soon as possible (#2045)
Mike Bishop <notifications@github.com> Thu, 29 November 2018 16:49 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 184A9130E1D for <quic-issues@ietfa.amsl.com>; Thu, 29 Nov 2018 08:49:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fN2CqJaH53g6 for <quic-issues@ietfa.amsl.com>; Thu, 29 Nov 2018 08:49:15 -0800 (PST)
Received: from out-7.smtp.github.com (out-7.smtp.github.com [192.30.252.198]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65252130E85 for <quic-issues@ietf.org>; Thu, 29 Nov 2018 08:49:15 -0800 (PST)
Date: Thu, 29 Nov 2018 08:49:14 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1543510154; bh=Rqbn+HG3dasdj+krGeeigPdFfdOOayhLZOw4WUnKsc0=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=fp7LOC2/0L7UWAlUUOgOsIDvZ0OK5JBDaiVitXZUZ879zkmG5qLCxzy5VwuHqF7l4 dlGkhv6BQUlhntFK3ZquRo2LF6UbOPzFde9bRfIIBua1CquAimks9YXa7kEXN7wU/h UTrbTf7xURyDbTAhZHOexlq9krccSC6TprSqyrCA=
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abd4a7d0c86b0babd8bf270523f0158e5865ad7d2e92cf000000011817da8a92a169ce16de7e61@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2045/review/179901042@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2045@github.com>
References: <quicwg/base-drafts/pull/2045@github.com>
Subject: Re: [quicwg/base-drafts] Discard Initial keys as soon as possible (#2045)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c00188a45f10_30bb3fc69f4d45b81812d5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/CmHWR5qRc_3uzrWISuuHVK3eEBY>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Nov 2018 16:49:25 -0000
MikeBishop commented on this pull request.
> @@ -3592,6 +3594,21 @@ and will contain a CRYPTO frame with an offset matching the size of the CRYPTO
frame sent in the first Initial packet. Cryptographic handshake messages
subsequent to the first do not need to fit within a single UDP datagram.
+
+### Abandoning Initial Packets {#discard-initial}
+
+A client stops both sending and accepting Initial packets when it sends its
+first Handshake packet. A server stops sending and accepting Initial packets
+when it receives its first Handshake packet. Though packets might still be in
+flight or awaiting acknowledgment, no further Initial packets need to be
+exchanged beyond this point. Initial packet protection keys are discarded (see
+Section 4.10 of {{QUIC-TLS}}) along with any loss recovery and congestion
+control state (see Sections 5.3.1.2 and 6.9 of {{QUIC-RECOVERY}}).
Okay, I see that reading of the -recovery text. But that's really weird -- we *do* know that these packets have arrived, so why define a special operation for "forgetting" packets rather than just marking them arrived as normal and be done?
If one component were trying to game the other -- for example, by sending many Initial packets with redundant data -- then you wouldn't want to let the packetizer force many packets to be "acknowledged" when only one actually needed to get through to produce the effect. But the ways to game that I see offhand are intra-implementation, and I think we can say that's not an attack of concern.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2045#discussion_r237569491
- [quicwg/base-drafts] Discard Initial keys as soon… Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Marten Seemann
- Re: [quicwg/base-drafts] Discard Initial keys as … ekr
- Re: [quicwg/base-drafts] Discard Initial keys as … Marten Seemann
- Re: [quicwg/base-drafts] Discard Initial keys as … ekr
- Re: [quicwg/base-drafts] Discard Initial keys as … Rui Paulo
- Re: [quicwg/base-drafts] Discard Initial keys as … Marten Seemann
- Re: [quicwg/base-drafts] Discard Initial keys as … Rui Paulo
- Re: [quicwg/base-drafts] Discard Initial keys as … MikkelFJ
- Re: [quicwg/base-drafts] Discard Initial keys as … Rui Paulo
- Re: [quicwg/base-drafts] Discard Initial keys as … MikkelFJ
- Re: [quicwg/base-drafts] Discard Initial keys as … Kazuho Oku
- Re: [quicwg/base-drafts] Discard Initial keys as … Christian Huitema
- Re: [quicwg/base-drafts] Discard Initial keys as … Christian Huitema
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … Christian Huitema
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … Christian Huitema
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Christian Huitema
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … Mike Bishop
- Re: [quicwg/base-drafts] Discard Initial keys as … janaiyengar
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Mike Bishop
- Re: [quicwg/base-drafts] Discard Initial keys as … janaiyengar
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … janaiyengar
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … ekr
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … ekr
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … ianswett
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Christian Huitema
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson
- Re: [quicwg/base-drafts] Discard Initial keys as … Martin Thomson