IETF Logo Mail Archive

[quicwg/base-drafts] Define an anti-forgery limit (#3620)

Martin Thomson <notifications@github.com> Fri, 01 May 2020 05:59 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7D333A0936 for <quic-issues@ietfa.amsl.com>; Thu, 30 Apr 2020 22:59:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.918
X-Spam-Level:
X-Spam-Status: No, score=-3.918 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.82, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sDNmAyvT6_tt for <quic-issues@ietfa.amsl.com>; Thu, 30 Apr 2020 22:59:13 -0700 (PDT)
Received: from out-23.smtp.github.com (out-23.smtp.github.com [192.30.252.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D5943A0934 for <quic-issues@ietf.org>; Thu, 30 Apr 2020 22:59:13 -0700 (PDT)
Received: from github-lowworker-39ac79b.ac4-iad.github.net (github-lowworker-39ac79b.ac4-iad.github.net [10.52.18.15]) by smtp.github.com (Postfix) with ESMTP id 4418A660840 for <quic-issues@ietf.org>; Thu, 30 Apr 2020 22:59:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1588312752; bh=T9e54U7jXS6wn0vQVcBQ4kKTujJaTmeNGiLa/kHNJU8=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=dE97LvJBgQcwSmqw0xPAXKexPpWAHg08//8hNrw1LUJF/1qwevs0Cj9G8pTC7sI4d t8gAB/iVIXR4DYd5BiWPP6kBAmVCEFKMcuhUVMx01O3vmUdDqNrok/i+FveJFzaRi7 AER7X/wWbllNGKKPj2sfLw//5EM0850gUxkOAV0M=
Date: Thu, 30 Apr 2020 22:59:12 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK36QXAITKZUGCJALVN4W6N3BEVBNHHCIZGB6U@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3620@github.com>
Subject: [quicwg/base-drafts] Define an anti-forgery limit (#3620)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5eabbab032d62_2fff3fb5944cd964227b8"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/GT7iUw8ePrePcORxYMXD3A0x0vw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2020 05:59:15 -0000

This defines a limit on the number of packets that can fail
authentication before you have to use new keys.

There is a big hole here in that AES-CCM (that is, the AEAD based on
CBC-MAC) is currently permitted, but we have no analysis to support
either the confidentiality limits in TLS 1.3 or the integrity limits in
this document.  It is probably OK, but that is not the standard we apply
here.

So this might have to remain open until we get some sort of resolution
on that issue.  My initial opinion is to cut CCM from the draft
until/unless an analysis is produced.

Closes #3619.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/3620

-- Commit Summary --

  * Define an anti-forgery limit

-- File Changes --

    M draft-ietf-quic-tls.md (32)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/3620.patch
https://github.com/quicwg/base-drafts/pull/3620.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3620

v2.14.0 | Report a Bug | By Email