IETF Logo Mail Archive

Re: [quicwg/base-drafts] Avoid attack on address validation during connection migration (#746)

mirjak <notifications@github.com> Wed, 23 August 2017 12:11 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18952132954 for <quic-issues@ietfa.amsl.com>; Wed, 23 Aug 2017 05:11:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.018
X-Spam-Level:
X-Spam-Status: No, score=-2.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mYSciramAyzM for <quic-issues@ietfa.amsl.com>; Wed, 23 Aug 2017 05:11:05 -0700 (PDT)
Received: from o1.sgmail.github.com (o1.sgmail.github.com [192.254.114.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 964CB1321AF for <quic-issues@ietf.org>; Wed, 23 Aug 2017 05:11:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=ye7Vnqne4z1zK+EIDHWDyMldVRE=; b=THnJenGZWzThye7d TSdLSHtQaUmIg4WEO9qIX3B/T18YHeUXPrBMITMqJjxJcYlBgSC7UcwRqWTJfdJU nBgLild91Rrawj+3pA4wUyoljQ5VesZe9n3hhKQNwkJrUG4HakD2h4CQXbYCDmna Iqg9k/ZyYmvYpWAH1IuR+5dmBzk=
Received: by filter1133p1mdw1.sendgrid.net with SMTP id filter1133p1mdw1-8138-599D70D7-6D 2017-08-23 12:11:03.92241755 +0000 UTC
Received: from github-smtp2a-ext-cp1-prd.iad.github.net (github-smtp2a-ext-cp1-prd.iad.github.net [192.30.253.16]) by ismtpd0027p1mdw1.sendgrid.net (SG) with ESMTP id XVGqR8H3S1iuHROUnJEtMg for <quic-issues@ietf.org>; Wed, 23 Aug 2017 12:11:03.945 +0000 (UTC)
Date: Wed, 23 Aug 2017 12:11:04 +0000
From: mirjak <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abed162e1b49e75dd35b3cc4f210bc490ddd39f62f92cf0000000115b532d792a169ce0f074cba@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/746/c324309535@github.com>
In-Reply-To: <quicwg/base-drafts/pull/746@github.com>
References: <quicwg/base-drafts/pull/746@github.com>
Subject: Re: [quicwg/base-drafts] Avoid attack on address validation during connection migration (#746)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_599d70d7a1398_142d3f84698a1c2c11816"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mirjak
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3wP068QI2jggocaLTbk3eDD4LSAUreDJldX+ IFSzwzGy9aEw+aWrEFW6fRi7BNoRktQMulVVG/4Dh4HWC90cs/W3X/wWDVlnGGkIkpGUMGX0uy4vwx mK5Iga1ROhfIrIexAg4NSDXhoN5THIXIGB+GfWcJPN5YcgiIbZARinAnBw==
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/KiQNPpd7YkW687Yt5KuopuFC77U>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Aug 2017 12:11:07 -0000

Fine with this hack and call it done for now. However, I still like to comment on multipath (also inline with the MPTCP thinking): QUIC already has a pretty nice split between connection and stream state. If you want to make it look like two different connections on the wire, everything that is related to the connection needs to be per path, however all stream state can be shared (as hidden from the path). That means e.g. different packet numbers and ACK frames on each path, but the use of a common stream id set and respectively retransmission that are done on a per stream frame and not a per packets basis can be go on a different path. 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/746#issuecomment-324309535

v2.39.1 | Report a Bug | By Email | System Status