IETF Logo Mail Archive

Re: [quicwg/base-drafts] Can a client send 0-RTT data when receiving Retry? (#1507)

MikkelFJ <notifications@github.com> Mon, 02 July 2018 13:18 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE40D1292AD for <quic-issues@ietfa.amsl.com>; Mon, 2 Jul 2018 06:18:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Level:
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8JMifwsLY2Lx for <quic-issues@ietfa.amsl.com>; Mon, 2 Jul 2018 06:18:58 -0700 (PDT)
Received: from out-5.smtp.github.com (out-5.smtp.github.com [192.30.252.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10BB4128BAC for <quic-issues@ietf.org>; Mon, 2 Jul 2018 06:18:58 -0700 (PDT)
Date: Mon, 02 Jul 2018 06:18:57 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1530537537; bh=odnk6tbGiKkKTozJ50a4Ovr0MsvuhvkHwaCIRZoV/iE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=SKW5iZHJsFtrTHMgzSi1pa+6+jI3sO/FLrehWOSlOfGj+6D9azP6qA7CKD0gdKd01 7enJHx+092oNyz0kIChGDn5b/est/kgNkjNvAgV1Teg07F1FFN/dAmk+ar/yHyVRZg 5PFFkuAtoshAbhjSwXLst/VYR0bpW3AorArmWksE=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abd80879f5995f22f78d631579ad51c9a79dfcf56492cf000000011751e84192a169ce1418d0ad@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1507/401801284@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1507@github.com>
References: <quicwg/base-drafts/issues/1507@github.com>
Subject: Re: [quicwg/base-drafts] Can a client send 0-RTT data when receiving Retry? (#1507)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b3a2641317fb_483a2afe18aacf581151f6"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/KQNYmUL5eV-Ur79dj5Z1gYDVH8w>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jul 2018 13:19:01 -0000

A 0-RTT retry probably should mean try again with a 1-RTT if it should at
all respond to retry because as Martin already pointed out, a redirected
server likely won’t have the keys whether an endpoint or a middlebox
triggers the retry.

DoS considerations:

You could argue that a dump middle issuing retries under DoS attack might
inadvertently redirect 0-RTT instead of letting it through. Under DoS a
0-RTT handshake could be a way to let priority traffic through.

It might, however, also be that a DoS attack could drain resources be
sending many invalid 0-RTT packets. So the DoS argument isn’t entirely
clear cut.

Attacks in the opposite direction are also possible by man-on-the-side by
sending false retries to the client which could prevent a 0-RTT priority
client from getting through.

Another consideration is to have 0-RTT specific non-stateless retry - I’m
not sure about TLS here - it could be it already supports  that - and it
ties in with servers preferred address which I’m also not up to speed with.

On 2 July 2018 at 14.55.53, ekr (notifications@github.com) wrote:

The point is that if the handshake is successful, then the ClientHello and
all the 0-RTT have the same destination connection ID, so they probably end
up at the same point. Add Retry and they might not.

Huh? If you do Retry, you resend initial and this includes resending CH and
0-RTT.

I think that the TLS analogy is fine. In TLS, a server could want a
different key share, but find the PSK perfectly adequate for the purposes
of 0-RTT. There's no reason a server that sends HelloRetryRequest would
need to stop accepting 0-RTT.

Yes, of course, but that creates complexity in the TLS state machine
because of the way CH and HRR are intertwined. That is not so for Retry.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<https://github.com/quicwg/base-drafts/issues/1507#issuecomment-401795136>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AALzN2V8KH-ojf_bpuTvVu1CrPRG09Urks5uChhZgaJpZM4U9xPP>
.


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1507#issuecomment-401801284

v2.41.0 | Report a Bug | By Email | System Status