Re: [quicwg/base-drafts] Guidance on path retransmission timer (#2130)
ekr <notifications@github.com> Thu, 13 December 2018 11:52 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8ED85130DC6 for <quic-issues@ietfa.amsl.com>; Thu, 13 Dec 2018 03:52:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DvWNSseFjEzN for <quic-issues@ietfa.amsl.com>; Thu, 13 Dec 2018 03:52:43 -0800 (PST)
Received: from out-5.smtp.github.com (out-5.smtp.github.com [192.30.252.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AAE03123FFD for <quic-issues@ietf.org>; Thu, 13 Dec 2018 03:52:43 -0800 (PST)
Date: Thu, 13 Dec 2018 03:52:42 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1544701962; bh=asbewYba41iB3XuZvVvPE8wLKRGxBNZd5gIxpmnMT9s=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=TAjsG/IGCn2LvsMfhPw+ebjZjbBwIPANPW7w5K24pla8NBNpVShMFvMJuWT4qkMq8 mHKRMyEhhtVYMoMSH5uWGRd2k/0B4hX/nUaX51KyeQENueuzyFP7yTzhblV4PoGWSQ IxhhPoIP+p6hUomSXC+g1IyfSXBAtxWwsl7yFDTA=
From: ekr <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab7f9dbb51af76912974343038fbfda907b304f2f192cf00000001182a0a0a92a169ce1743bbcf@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2130/446941980@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2130@github.com>
References: <quicwg/base-drafts/issues/2130@github.com>
Subject: Re: [quicwg/base-drafts] Guidance on path retransmission timer (#2130)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c12480a8ac24_5b573fadf42d45c4293794"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ekr
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/Kgoqra84znnIajHF2OdO5l2T6c0>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2018 11:52:46 -0000
@janaiyengar I dont't necessarily have problem with 3RTO here, but I don't see it in the doc. Can you point me to where it is? With that said, it seems like the timeout for path validation actually ought to be quite aggressive because given the current migration design, it's actually a sensitive security parameter. Consider the case where you have an on-path attacker and A and B are quiescent. A sends B a packet containing data that doesn't need a reply (e.g., part of an HTTP request). At this point, the on-path attacker takes B's ACK and then forwards it to A with a different source address. From this point forward, A is sending to the wrong place for the duration of this timer. That's a pretty serious attack. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/2130#issuecomment-446941980
- [quicwg/base-drafts] Guidance on path retransmiss… ekr
- Re: [quicwg/base-drafts] Guidance on path retrans… janaiyengar
- Re: [quicwg/base-drafts] Guidance on path retrans… Martin Thomson
- Re: [quicwg/base-drafts] Guidance on path retrans… janaiyengar
- Re: [quicwg/base-drafts] Guidance on path retrans… ekr
- Re: [quicwg/base-drafts] Guidance on path retrans… Martin Thomson
- Re: [quicwg/base-drafts] Guidance on path retrans… Jana Iyengar
- Re: [quicwg/base-drafts] Guidance on path retrans… Jana Iyengar