Re: [quicwg/base-drafts] Retire My Own CID (#2645)

David Schinazi <notifications@github.com> Tue, 11 June 2019 22:06 UTC

Date: Tue, 11 Jun 2019 15:06:40 -0700
From: David Schinazi <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK5QFRNJMYW6LGTQWRV3BVMHBEVBNHHBUAUCHA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2645/501041204@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2645@github.com>
References: <quicwg/base-drafts/issues/2645@github.com>
Subject: Re: [quicwg/base-drafts] Retire My Own CID (#2645)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d0025f0d9655_69123ff959ccd96c1320b4"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/I345gXBv5lPuw6nXNFe3Q87YSHQ>

@nibanks the issue is that an attacker can close the connection if the stateless reset tokens are the same for different CIDs. Perhaps this wording gets you what you want:

```
An endpoint can request that its peer retire connection IDs by sending
a NEW_CONNECTION_ID frame with an increased Retire Prior To field.  
Upon receipt, the peer SHOULD retire the corresponding connection IDs
and send the corresponding RETIRE_CONNECTION_ID frame in a timely
manner.  Failing to do so can cause packets to be delayed or lost and
harm connection performance as the original endpoint might not route
those connection IDs optimally after some delay.

The sender of the Retire Prior To field MUST keep track of the connection
IDs it wishes to retire until it has received a corresponding
RETIRE_CONNECTION_ID frame, with one exception: if the sender of the
Retire Prior To field has used distinct stateless reset tokens for all of
their issued connection IDs, and 3 times the PTO has elapsed since it
received an acknowledgment for its Retire Prior To field, then it MAY lose
track of that connection ID, and respond to packets with that connection
ID with the corresponding stateless reset token.
```

This allows you to implement the enforcement you want while keeping the spec written in such a way that most implementations don't accidentally allow this attack by being overly enthusiastic in enforcing this.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2645#issuecomment-501041204

[quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Mike Bishop
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Jana Iyengar
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Jana Iyengar
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Jana Iyengar
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Mark Nottingham
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Kazuho Oku
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Kazuho Oku
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Kazuho Oku
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Marten Seemann
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Kazuho Oku
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Martin Thomson
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Kazuho Oku
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Martin Thomson
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Mike Bishop
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) David Schinazi
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Mike Bishop
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Martin Thomson
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Eric Kinnear
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) David Schinazi
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) David Schinazi
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) David Schinazi
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) ianswett
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) David Schinazi
Re: [quicwg/base-drafts] Retire My Own CID (#2645) MikkelFJ
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Nick Banks
Re: [quicwg/base-drafts] Retire My Own CID (#2645) David Schinazi
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Mike Bishop
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Mike Bishop
Re: [quicwg/base-drafts] Retire My Own CID (#2645) Martin Thomson