Re: [quicwg/base-drafts] Padding outside QUIC packet (#3333)

Tatsuhiro Tsujikawa <notifications@github.com> Mon, 13 January 2020 15:10 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDA2D12010D for <quic-issues@ietfa.amsl.com>; Mon, 13 Jan 2020 07:10:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Level:
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9asIGtrZo47x for <quic-issues@ietfa.amsl.com>; Mon, 13 Jan 2020 07:10:48 -0800 (PST)
Received: from out-21.smtp.github.com (out-21.smtp.github.com [192.30.252.204]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B96B120108 for <quic-issues@ietf.org>; Mon, 13 Jan 2020 07:10:48 -0800 (PST)
Date: Mon, 13 Jan 2020 07:10:47 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1578928247; bh=DPLtTssi+4NEqVRz2ujFjryddk9vEhWUTyfcgmjwMqo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=2dh3CF+yVdWr2Sxr90GpVhHlFsM48J+hed0Vjq9YDyaPHtXH1foKMWTd8neb1oIiF 6iNGQeK4XQmk8HphLMj8WfgPeNl/LQykbutswiWSjPa6sBiRACRPgdkajwtAXzeFol PmOmMMBjUUm0Q3wKoYwrZwMnFyKFShzaKjJvb9D0=
From: Tatsuhiro Tsujikawa <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK6KOZO7MAQXN2DCCX54FG5PPEVBNHHCBMO65M@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3333/573709751@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3333@github.com>
References: <quicwg/base-drafts/issues/3333@github.com>
Subject: Re: [quicwg/base-drafts] Padding outside QUIC packet (#3333)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e1c88777bad2_9b93f85d14cd95c311459"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: tatsuhiro-t
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/JE-qi40etjc_lUNVbdWbUfSiask>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jan 2020 15:10:50 -0000

Another concern about this way of padding is that it does not increase the transmission limit for server.

https://quicwg.org/base-drafts/draft-ietf-quic-transport.html#section-8.1

> Prior to validating the client address, servers MUST NOT send more than three times as many bytes as the number of bytes they have received. This limits the magnitude of any amplification attack that can be mounted using spoofed source addresses. In determining this limit, servers only count the size of successfully processed packets.

Because bytes outside of QUIC packet is most likely unprocessable, it is not counted to the data size that server has received.   That means that server might get choked during handshake with packet losses.


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/3333#issuecomment-573709751