Re: [quicwg/base-drafts] Recommended response for empty packets (#1835)
Kazuho Oku <notifications@github.com> Fri, 05 October 2018 14:22 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56D811292AD for <quic-issues@ietfa.amsl.com>; Fri, 5 Oct 2018 07:22:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Level:
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id avnuWe7zS5U0 for <quic-issues@ietfa.amsl.com>; Fri, 5 Oct 2018 07:22:49 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6075F124C04 for <quic-issues@ietf.org>; Fri, 5 Oct 2018 07:22:49 -0700 (PDT)
Date: Fri, 05 Oct 2018 07:22:48 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1538749368; bh=hyJQpLLNpp6HsIauLQRWWZUIpcQsLG6EhRh4BfCFauA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=LbexQXgmUIQjOchxkqbDA+bRIPADDfar27hREKuqBp1aD51fYhZBQ/5ivMP7RZbF9 JKPlM9J9srcD65zxt0bfRoFVpZJm8DDIpKBJjqsMlOxEeN8E1wkm4eDTeVMgUUKnV4 K2IfNsSzl26VcH9R6tVbDdpiE4QXIKiTj6Rhwe9s=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abbad8cb2fded9827624aaeda5333e52a3abcd25a492cf0000000117cf35b892a169ce15e10901@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1835/427383093@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1835@github.com>
References: <quicwg/base-drafts/issues/1835@github.com>
Subject: Re: [quicwg/base-drafts] Recommended response for empty packets (#1835)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bb773b84014a_57a53fb860cd45bc1870a3"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/H9MOIR_njtULlm9BQDzidwL6xk4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Oct 2018 14:22:51 -0000
I might argue that there is possibly a security implication on allowing empty packets. If we allow the receiver to handle an empty packet as non-error, the endpoint might be tempted to skip verifying the AEAD tag, because it can be sure that there is no payload once it decrypts the packet number. This is obviously incorrect, because the AEAD tag is the only thing we have in protection against packet injection. Requiring the sender to always send a non-empty payload and also requiring the receiver to return an error in case it sees an empty payload is one way to resolve such concern. I might agree that the concern is not really that practical, but OTOH, I think implementing the rule is near to zero-cost as well. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1835#issuecomment-427383093
- [quicwg/base-drafts] Recommended response for emp… Christian Huitema
- Re: [quicwg/base-drafts] Recommended response for… MikkelFJ
- Re: [quicwg/base-drafts] Recommended response for… Nick Banks
- Re: [quicwg/base-drafts] Recommended response for… Kazuho Oku
- Re: [quicwg/base-drafts] Recommended response for… MikkelFJ
- Re: [quicwg/base-drafts] Recommended response for… MikkelFJ
- Re: [quicwg/base-drafts] Recommended response for… Christian Huitema
- Re: [quicwg/base-drafts] Recommended response for… MikkelFJ
- Re: [quicwg/base-drafts] Recommended response for… ianswett
- Re: [quicwg/base-drafts] Recommended response for… Igor Lubashev
- Re: [quicwg/base-drafts] Recommended response for… janaiyengar