Re: [quicwg/base-drafts] Do Initial secrets change after Retry packet? (#2823)
Kazuho Oku <notifications@github.com> Mon, 24 June 2019 01:39 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A01AC1201F0 for <quic-issues@ietfa.amsl.com>; Sun, 23 Jun 2019 18:39:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.1
X-Spam-Level:
X-Spam-Status: No, score=-6.1 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qHL1xO6qK4lB for <quic-issues@ietfa.amsl.com>; Sun, 23 Jun 2019 18:39:32 -0700 (PDT)
Received: from out-23.smtp.github.com (out-23.smtp.github.com [192.30.252.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CAAEA120277 for <quic-issues@ietf.org>; Sun, 23 Jun 2019 18:39:31 -0700 (PDT)
Date: Sun, 23 Jun 2019 18:39:29 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1561340369; bh=Zi18IaVptqcSvH1XT/AMQGWpfsPllvTCizyZojVBHU4=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=gZyn9oMae1DSA9QwccC2a/dAo+4KdK5uRcCgHgkpDy2+cdVDlinulHx1gI9W34MTf KYq06hQwQLFb600ORN7sUDtLGbPjYhZmQRH1hXHLukPzHlKKuAne1DanRbusBzaqJF OijTYDH5WURdPjeaJXoeVWeYwFhcw0xUdVtKZ7NU=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKZ6DH6DWTATWMRVK6N3DVOFDEVBNHHBWWQD7M@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2823/504809515@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2823@github.com>
References: <quicwg/base-drafts/issues/2823@github.com>
Subject: Re: [quicwg/base-drafts] Do Initial secrets change after Retry packet? (#2823)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d1029d1e531e_aac3f9447ecd964404779"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/P2h9jimPadVXDjDXFuB5MVY40LE>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jun 2019 01:39:34 -0000
@nharper Maybe I am wrong, but haven't we had interop based on the understanding that the 2 is the correct way (i.e. the "S" column of the interop matrix)? > (From the discussion in #2180, it sounds like an Initial sent in response to a Retry is still the same connection.) IIUC, the discussion is about "cryptographic handshake message" (i.e. ClientHello transmitted as the payload of the CYRPTO frame) being consistent. Not about the key that encrypts (obfuscates) the frames. One practical issue with option 1 is that it requires the server and the issuer of the Retry token to share the format of the Retry token (as well as a secret key to extract ODICID from the token in certain designs). IIRC, our previous consensus is to permit people to install DDoS mitigation boxes that issue Retry packets, without requiring such coordination between those mitigation boxes and the servers being protected (@nibanks am I correct?) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/2823#issuecomment-504809515
- [quicwg/base-drafts] Do Initial secrets change af… Nick Harper
- Re: [quicwg/base-drafts] Do Initial secrets chang… ianswett
- Re: [quicwg/base-drafts] Do Initial secrets chang… Nick Banks
- Re: [quicwg/base-drafts] Do Initial secrets chang… Kazuho Oku
- Re: [quicwg/base-drafts] Do Initial secrets chang… Marten Seemann
- Re: [quicwg/base-drafts] Do Initial secrets chang… Kazuho Oku
- Re: [quicwg/base-drafts] Do Initial secrets chang… Nick Banks
- Re: [quicwg/base-drafts] Do Initial secrets chang… Mike Bishop
- Re: [quicwg/base-drafts] Do Initial secrets chang… Martin Thomson
- Re: [quicwg/base-drafts] Do Initial secrets chang… Lars Eggert
- Re: [quicwg/base-drafts] Do Initial secrets chang… Nick Harper
- Re: [quicwg/base-drafts] Do Initial secrets chang… Martin Thomson
- Re: [quicwg/base-drafts] Do Initial secrets chang… Dmitri Tikhonov
- Re: [quicwg/base-drafts] Do Initial secrets chang… David Schinazi
- Re: [quicwg/base-drafts] Do Initial secrets chang… ianswett
- Re: [quicwg/base-drafts] Do Initial secrets chang… ianswett
- Re: [quicwg/base-drafts] Do Initial secrets chang… Kazuho Oku
- Re: [quicwg/base-drafts] Do Initial secrets chang… Martin Thomson
- Re: [quicwg/base-drafts] Do Initial secrets chang… ianswett
- Re: [quicwg/base-drafts] Do Initial secrets chang… Mark Nottingham
- Re: [quicwg/base-drafts] Do Initial secrets chang… Martin Thomson
- Re: [quicwg/base-drafts] Do Initial secrets chang… Martin Thomson