Re: [quicwg/base-drafts] amplification attack using Retry and VN triggered by coalesced Initial packets (#2259)

Nick Banks <notifications@github.com> Wed, 02 January 2019 14:59 UTC

Date: Wed, 02 Jan 2019 06:59:27 -0800
From: Nick Banks <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab2794b84c0d6fcb43e924c572911b54c8130018a492cf00000001184493cf92a169ce177f0208@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2259/450884937@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2259@github.com>
References: <quicwg/base-drafts/issues/2259@github.com>
Subject: Re: [quicwg/base-drafts] amplification attack using Retry and VN triggered by coalesced Initial packets (#2259)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c2cd1cfabc6b_635d3ff6512d45c45676ad"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/Hj3yt4vF0TKtFBy8Kw_j-3oIQh4>

I am in agreement with @kazuho here. I don't see a need to limit the type or number of QUIC packets in a datagram. In my implementation that would just increase the state and complexity.

I also don't think we need to support different QUIC versions in the same datagram. Push the little bit of extra work to the client in this case, and have it send different datagrams instead. Perhaps we should explicitly disallow this scenario in the spec.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2259#issuecomment-450884937

[quicwg/base-drafts] amplification attack using R… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Nick Banks
Re: [quicwg/base-drafts] amplification attack usi… ianswett
Re: [quicwg/base-drafts] amplification attack usi… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Dmitri Tikhonov
Re: [quicwg/base-drafts] amplification attack usi… Nick Banks
Re: [quicwg/base-drafts] amplification attack usi… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Nick Banks
Re: [quicwg/base-drafts] amplification attack usi… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Martin Thomson
Re: [quicwg/base-drafts] amplification attack usi… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Kazuho Oku
Re: [quicwg/base-drafts] amplification attack usi… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Kazuho Oku
Re: [quicwg/base-drafts] amplification attack usi… Marten Seemann
Re: [quicwg/base-drafts] amplification attack usi… Kazuho Oku
Re: [quicwg/base-drafts] amplification attack usi… ianswett
Re: [quicwg/base-drafts] amplification attack usi… Nick Banks
Re: [quicwg/base-drafts] amplification attack usi… David Schinazi
Re: [quicwg/base-drafts] amplification attack usi… MikkelFJ
Re: [quicwg/base-drafts] amplification attack usi… David Schinazi
Re: [quicwg/base-drafts] amplification attack usi… MikkelFJ
Re: [quicwg/base-drafts] amplification attack usi… David Schinazi
Re: [quicwg/base-drafts] amplification attack usi… MikkelFJ
Re: [quicwg/base-drafts] amplification attack usi… ianswett
Re: [quicwg/base-drafts] amplification attack usi… Kazuho Oku
Re: [quicwg/base-drafts] amplification attack usi… MikkelFJ
Re: [quicwg/base-drafts] amplification attack usi… Kazuho Oku
Re: [quicwg/base-drafts] amplification attack usi… MikkelFJ
Re: [quicwg/base-drafts] amplification attack usi… janaiyengar
Re: [quicwg/base-drafts] amplification attack usi… janaiyengar