Re: [quicwg/base-drafts] introduce a version alias mechanism (#2573)

Marten Seemann <notifications@github.com> Mon, 01 April 2019 05:26 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64756120094 for <quic-issues@ietfa.amsl.com>; Sun, 31 Mar 2019 22:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.001
X-Spam-Level:
X-Spam-Status: No, score=-8.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dzpvy3Deuk-p for <quic-issues@ietfa.amsl.com>; Sun, 31 Mar 2019 22:26:25 -0700 (PDT)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30F6612001A for <quic-issues@ietf.org>; Sun, 31 Mar 2019 22:26:25 -0700 (PDT)
Date: Sun, 31 Mar 2019 22:26:24 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1554096384; bh=OZpbdMAfTgUnQJ16o0Ars6qf+fCf8rabOUpKlP2eWJk=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=td8ZODGsfiziYi0P4G7whJR7+JkFe4Tj8HelkLoR126TJPikgW4B+x1v6sDNJlXgo fgRoCiqRsIMJyq9gr/eVNwH+rZxKQKKdOvwABSPGPHDVjN3hYP8eu8qK2Gi83Kv105 FdH4fDqLEf+40Di9dA5z9sZ95D4wS6hV7xs4qSuQ=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab6c51f4775bd29a9c49e21374c3d4ea24d97f7dc392cf0000000118b9630092a169ce197ad4b9@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2573/c478440248@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2573@github.com>
References: <quicwg/base-drafts/pull/2573@github.com>
Subject: Re: [quicwg/base-drafts] introduce a version alias mechanism (#2573)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ca1a1005eb2_37aa3fdd6bed45bc298153"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/QmfREDU3sDnH35VXCsKoHZTpuN0>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2019 05:26:28 -0000

> In addition to what @mikkelfj points out, a middlebox can inject a VN and force the client to retransmit the Initial packet in the version the middlebox prefers. Note that such an attack would not be noticed, because we are removing downgrade prevention from the VN design.

That's correct, *until* we define a QUIC version that has downgrade protection (assuming that this version contains the version alias mechanism proposed here). It seems to be the desire of many people I've spoken to quickly define a QUIC v2 that's identical to QUIC v1, with version negotiation being the only addition to the protocol. In that case, this attack would become infeasible as soon as v2 is deployed, because middleboxes have no way of distinguishing between a v1 and a v2 alias version.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2573#issuecomment-478440248