[quicwg/base-drafts] 9400c2: Replay protection is the responsibility of applica...

Martin Thomson <noreply@github.com> Wed, 06 February 2019 05:32 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1736126F72 for <quic-issues@ietfa.amsl.com>; Tue, 5 Feb 2019 21:32:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.554
X-Spam-Level:
X-Spam-Status: No, score=-11.554 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TrMo5LZLdh7K for <quic-issues@ietfa.amsl.com>; Tue, 5 Feb 2019 21:32:22 -0800 (PST)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BB2712426E for <quic-issues@ietf.org>; Tue, 5 Feb 2019 21:32:22 -0800 (PST)
Date: Tue, 05 Feb 2019 21:32:21 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1549431141; bh=WpJffjXbihb5RHomN1AL3S93gWL3ioHwfOj61JjE75A=; h=Date:From:To:Subject:From; b=G5C7p6wuGWBzAJKmOrrwKqXKbOi9q0hXJ2U31uZnhosJSbQPNZcKVcPTb5V7ocv8G kZSbwA/bFCYIx/cn6LMAiUv46/WjTHjRrQV4MNryQwdYxP8pZkXJEdaSesTfj/Ma40 AYSOP5AdoiKFGhVnXW7CIzCM+HWaTCzhWJMsLBtw=
From: Martin Thomson <noreply@github.com>
To: quic-issues@ietf.org
Message-ID: <quicwg/base-drafts/push/refs/heads/0rtt-reset/fdfb19-9400c2@github.com>
Subject: [quicwg/base-drafts] 9400c2: Replay protection is the responsibility of applica...
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-Auto-Response-Suppress: All
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/O4fdC3mN12hNjxDNftwW9SGSFs4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Feb 2019 05:32:24 -0000

  Branch: refs/heads/0rtt-reset
  Home:   https://github.com/quicwg/base-drafts
  Commit: 9400c2f9b2c5a235ce15377538bc8dc354467f39
      https://github.com/quicwg/base-drafts/commit/9400c2f9b2c5a235ce15377538bc8dc354467f39
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2019-02-06 (Wed, 06 Feb 2019)

  Changed paths:
    M draft-ietf-quic-tls.md

  Log Message:
  -----------
  Replay protection is the responsibility of application protocols

This is based on my recent conclusions about this subject.  It rewrites
the advice here by observing that QUIC does not inherently present a
replay risk. Instead, application protocols, in their use of QUIC, might
create an exposure to replay attack.

Rather than try to perform an analysis in the transport, based on
incomplete information, it is better to outline some risks (STREAM seems
like the only obvious one here, frankly, though I've pointed out a
couple of anti-patterns that might have accompanying replay risks) and
let the application protocol designers perform a more complete analysis.

We did that analysis for HTTP.  I believe that to be sufficient.  Though
I might include mention of the fact that stream cancellation and other
h2 mechanisms don't carry application semantics, but that is not a major
source of regret.