Re: [quicwg/base-drafts] Add initial threat model to security considerations (#2925)

Eric Kinnear <> Sat, 16 November 2019 12:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 21A841200B4 for <>; Sat, 16 Nov 2019 04:50:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id frZ5chJ7kD5L for <>; Sat, 16 Nov 2019 04:50:11 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 36225120120 for <>; Sat, 16 Nov 2019 04:50:11 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id DD167120279 for <>; Sat, 16 Nov 2019 04:50:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1573908610; bh=K4NtikoWVVfSYB/9LNeJ7JWXASOG02WhRNTLFm43CSA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=a6y7T4+dYzenhUPJFsQ2FK8PoHRArtd9vh8YVyrAI4/ePyX+aMdN7OHhhCVF3WMgf Cl5X2XjxmnWrYHpt9/OgQzcQSdki3giE8lafdcv+Q1WWyo9OBes1p64TBGdzxbG62v rwC0kiMmMlhg9Lx8ApgZe1sLx0At0rK2srVXjEyU=
Date: Sat, 16 Nov 2019 04:50:10 -0800
From: Eric Kinnear <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2925/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Add initial threat model to security considerations (#2925)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dcff0829797a_102d3f95078cd9687735ef"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: erickinnear
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 16 Nov 2019 12:50:13 -0000

erickinnear commented on this pull request.

> +- Reorder packets
+- Drop packets
+- Split and merge datagrams along packet boundaries
+An on-path attacker cannot:
+- Modify an authenticated and encrypted portion of a packet and cause the
+ recipient to accept that packet
+An on-path attacker has the opportunity to modify the packets that it observes,
+however any modifications to an authenticated portion of a packet will cause it
+to be dropped by the receiving endpoint as invalid, as QUIC payloads are both
+authenticated and encrypted.
+In the presence of an on-path attacker, QUIC aims to provide the following

Fixed everywhere in 70dac1d

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: