Re: [quicwg/base-drafts] rate-limiting of CID issuance needs to be allowed (#2436)

Christian Huitema <> Fri, 08 February 2019 07:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3F537130F35 for <>; Thu, 7 Feb 2019 23:38:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.001
X-Spam-Status: No, score=-3.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id U_cKnkKQxKhJ for <>; Thu, 7 Feb 2019 23:38:23 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1D8CF130DC2 for <>; Thu, 7 Feb 2019 23:38:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=8PufTMSFby8dV7ypcawVguWLR8o=; b=hwMTECaoH80e8bO5 t2kIUVsJuhkwzlGmEBt1eV7R5tXAj0+/Zw1wfU3fOlo4N8ESu/8gxt/e7w5yVapl Ac/7iUvQTFuqWdBz3bJYkywaPLwL6+0ARRP5cCbsKaXtm6kfuxCbYzt6XUwO+ktL CSnxhu+p65Wry/2FASKx9qRIaJk=
Received: by with SMTP id filter1116p1las1-30924-5C5D31ED-24 2019-02-08 07:38:21.863774998 +0000 UTC m=+214411.667309940
Received: from (unknown []) by (SG) with ESMTP id Kg9kK7jERrmR_kHei1IJMA for <>; Fri, 08 Feb 2019 07:38:21.694 +0000 (UTC)
Received: from (localhost []) by (Postfix) with ESMTP id BA5F84C0345 for <>; Thu, 7 Feb 2019 23:38:21 -0800 (PST)
Date: Fri, 08 Feb 2019 07:38:22 +0000
From: Christian Huitema <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2436/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] rate-limiting of CID issuance needs to be allowed (#2436)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c5d31edb8f1a_76e93fd4ce2d45b4168423"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak1mrVb1EZ1WUVHyotntYYk1CCU18ALCP8zdz+ McYn0pqbUMPbSTRkIv2NQlQTasRLzKLi6M5BEOOn8C2a0fyNEHlaCQjcz/gYAyduJcrIHn3SUUNbuh sU/f29SWUHFwYO9hz7OsmUzu7XWJ4BBckSPGuzpJNG4vqz1+tU4PGZ0wHVTl9TA4g7DI4hCOnRVe8m k=
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 08 Feb 2019 07:38:25 -0000

Yes, I think rate limit is a plausible solution. But the malicious clients can also set up a connection, get half a dozen CID, then set a new connection, etc. So it boils down to how many connection per second the server will support (100? 1000? 10000? Multiply by size of farm?) and how often the CID encryption key will rotate. That, multiplied by the number of CID per connection, gives a number. Log2 of that gives the minimum size in bits. For a server doing 10000 connections per second, 16 CID per connection, 24 hours for the key, the result is 34 bits. Add 2 for managing key rotations, then add routing bits in the case of a farm. We should be good with 40 bits for a single server, 56 bits for a small farm, 64 bits for a larger farm.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: