IETF Logo Mail Archive

Re: [quicwg/base-drafts] Address validation for connection migration (#732)

MikkelFJ <notifications@github.com> Fri, 18 August 2017 08:35 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 44B8C132817 for <quic-issues@ietfa.amsl.com>; Fri, 18 Aug 2017 01:35:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.382
X-Spam-Level:
X-Spam-Status: No, score=-0.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pwrFOuuUxXdh for <quic-issues@ietfa.amsl.com>; Fri, 18 Aug 2017 01:35:11 -0700 (PDT)
Received: from o3.sgmail.github.com (o3.sgmail.github.com [192.254.112.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11039132815 for <quic-issues@ietf.org>; Fri, 18 Aug 2017 01:35:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=+fVmJDjk9u3SCunagoGg7GM7mqQ=; b=VKnqZ0BtoZ6ael8L RS5yBWDyhVZOUPzU+lmlnAlwsYRXxG6iHRoOJ/1FNTwLtpcc7VTCHX0kWbeXoIeh hWY4NMDckVA7LZHDt1BSoP0dcNDtLRTfbBgd6HPHgbK1Smy9bcPjd2bP1Ho4PHAP sTEdgNxK8BHmRGbxzto9QW0VW/8=
Received: by filter1086p1mdw1.sendgrid.net with SMTP id filter1086p1mdw1-9288-5996A6BD-39 2017-08-18 08:35:09.851599813 +0000 UTC
Received: from github-smtp2b-ext-cp1-prd.iad.github.net (github-smtp2b-ext-cp1-prd.iad.github.net [192.30.253.17]) by ismtpd0029p1mdw1.sendgrid.net (SG) with ESMTP id Tmlx8FKsTTe69iVg4tPbjA for <quic-issues@ietf.org>; Fri, 18 Aug 2017 08:35:09.812 +0000 (UTC)
Date: Fri, 18 Aug 2017 08:35:09 +0000
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab0a22093237196ae1bf27c2224f6fb154386e97ab92cf0000000115ae68bd92a169ce0ee9dd49@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/732/c323294812@github.com>
In-Reply-To: <quicwg/base-drafts/pull/732@github.com>
References: <quicwg/base-drafts/pull/732@github.com>
Subject: Re: [quicwg/base-drafts] Address validation for connection migration (#732)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5996a6bd80fb9_1cc5f3fae1a701c3497616"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak2nMv+f/SzMB5EZJN9q31Zr7UEWBDnmpl+cyJ 0SOYuPz9dsJmGqL/aMRdpuFIa7wvvjwlzyTdZeM2gYNlAVZZK3eZ44YSJh4xDm1vO3/FkVW7gqGcCG A9R5cpaOcI7Vhrg/E7OAvbd6vKq+fZVjke/gG0nv7FtBeZOzFYeJJ+asr8NUz95TXGgEWH9SnVzGSC Q=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/IdQ1lwdC1uUO2t4Uin1tN-ahDjE>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Aug 2017 08:35:12 -0000

How is it possible to spoof anything once 1RTT encryption is in place? If it is not in place, why would you want to allow connection migration when you can use stateless retry? It seems to be two separate problems.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/732#issuecomment-323294812

v2.45.0 | Report a Bug | By Email | System Status