Re: [quicwg/base-drafts] Authenticating connection IDs (#3439)

Christian Huitema <> Fri, 06 March 2020 00:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D30393A0F1A for <>; Thu, 5 Mar 2020 16:13:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id pejctwcElxjs for <>; Thu, 5 Mar 2020 16:13:17 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3829B3A0F1C for <>; Thu, 5 Mar 2020 16:13:17 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 03F2D960994 for <>; Thu, 5 Mar 2020 16:13:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1583453596; bh=u2ONxYwbIF4i+62uess6wgE6wLx86CVaScFfQb7gJ3o=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=MhxyvF0Ujhj9G1q9FE8AE60iGVLRSkEUSVwGVrSac9Fe0E1PMHatKaiB/SRiFiHSt KtaVwaUc7H4i6/Bifh902P75PEI5k12cpHBXBns5YOqh4R3xqVPvGxFnxpxMl9m2Iu FW7IEZNq46h/zvASkB2PXiUS52KoO+6irZWrkYoI=
Date: Thu, 05 Mar 2020 16:13:15 -0800
From: Christian Huitema <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3439/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Authenticating connection IDs (#3439)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e61959be691e_7dad3fe0f74cd96c2893a7"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 06 Mar 2020 00:13:19 -0000

@martinthomson it seems that we have agreement on two points a bit of discussion on the third:

1) The spec should describe the "munged retry" attack. It can be used to play games with server farms, either by attackers in the middle, or by attackers as client. It can produce a DOS attack of some sort despite the "retry" protection mechanisms.

2) The spec should describe how servers can protect themselves by tying the "Retry-CID" to the retry token, and in fact recommend that they do that.

3) Adding "retry-CID" as a transport parameter would give assurance to clients that the server is protected against the attack, and allow clients to detect attacks if the server is not protected.

I am not sure that (3) is really needed. I do not really understand the client stake there, except in the general terms of defeating attackers in the middle and encouraging good server implementations. OTOH, if the server does (2), it is not very onerous to also do (3).

But then, what prevents servers that do not care from taking shortcuts, not verify the token, and copy any incoming post-retry DCID in the transport parameter?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: