[quicwg/base-drafts] Recommend discarding bad, unauthentication packets (#2141)

Martin Thomson <notifications@github.com> Thu, 13 December 2018 06:57 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A86E12F1AB for <quic-issues@ietfa.amsl.com>; Wed, 12 Dec 2018 22:57:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LgsfbLyU_jAI for <quic-issues@ietfa.amsl.com>; Wed, 12 Dec 2018 22:57:12 -0800 (PST)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3660F12875B for <quic-issues@ietf.org>; Wed, 12 Dec 2018 22:57:12 -0800 (PST)
Date: Wed, 12 Dec 2018 22:57:11 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1544684231; bh=3FUtKN3ZhTiCSptfDi+aj9aetYR7NDGQOhOei9HxHNo=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=CdXQeRvmcHlMt7SmTNtmgxv+dv9YFkJD2RZJ8PzMXJ6kppPTVHRKvEhjo1rfkGM30 Iz8bG+JN8nNkglgRwnY6P3RG6q/z71Zw0S+H6M9j0qV/5L1vsbZ16RhG3KxgspJdoI wDIA7D4OL8R92cksO5cAd/oaaA1RlFVmZXphz9FQ=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abd085d62cd83fbf2042bdf1b4f71020441195c4ff92cf000000011829c4c792a169ce174735aa@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2141@github.com>
Subject: [quicwg/base-drafts] Recommend discarding bad, unauthentication packets (#2141)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c1202c74da29_6d73f808ced45bc959851"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/FRmVTNzLg-gnMBj-fY198FhqyuM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2018 06:57:15 -0000

We already have piecemeal recommendations for discarding in certain circumstances, but a blanket allowance for dropping packets will allow endpoints to do all sorts of nice things if they want better DoS resilience.

This leaves the existing requirements in place.  Some of those are more directly the result of stronger requirements (like the ones against off-path attacks).  This is just a license to back out changes that are made as a result of bad packets.

Closes #2053.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/2141

-- Commit Summary --

  * Recommend discarding bad, unauthentication packets

-- File Changes --

    M draft-ietf-quic-transport.md (6)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/2141.patch
https://github.com/quicwg/base-drafts/pull/2141.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2141