Re: [quicwg/base-drafts] Request to Retire Locally Issued CIDs (#2769)
Mike Bishop <notifications@github.com> Tue, 11 June 2019 17:34 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A63C120105 for <quic-issues@ietfa.amsl.com>; Tue, 11 Jun 2019 10:34:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.008
X-Spam-Level:
X-Spam-Status: No, score=-8.008 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aQjqV3hZM1Kd for <quic-issues@ietfa.amsl.com>; Tue, 11 Jun 2019 10:34:25 -0700 (PDT)
Received: from out-24.smtp.github.com (out-24.smtp.github.com [192.30.252.207]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC62A120133 for <quic-issues@ietf.org>; Tue, 11 Jun 2019 10:34:11 -0700 (PDT)
Date: Tue, 11 Jun 2019 10:34:10 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1560274450; bh=j5kx2WJiAaLU6+ATo6Ju5CNdgHqSQR2bzCQdVs3cFNM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=E0qKlcGC2Hpqndbq6csiMIE+pMp/adfZl38YtNcbQjQFiR9Mhnme8RUHqzVAt5Jzi 8/e2ZXIfH6TqDIMG2/By+jAsKhNf+kzra7Dtp9ywQ0imeJvHQx0OuMUQP1FhoM7koA TTI1djG8JGBprwSRS4DFApZ5BrqMEprE7kD+pDAM=
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK6JYE42DW3LMTB2ZL53BUMJFEVBNHHBV45H2U@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2769/c500946427@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2769@github.com>
References: <quicwg/base-drafts/pull/2769@github.com>
Subject: Re: [quicwg/base-drafts] Request to Retire Locally Issued CIDs (#2769)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cffe6126fa27_70993f9fcbecd95c184498"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/WGB1MeDDYnR08Pm8H1s-PlG-Lxg>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 17:34:28 -0000
> @mikkelfj In general, each CID is associated with its own reset token. This allows for a straightforward stateless implementation of a stateless reset token generator. I don't think it would be a good idea to revisit that principle. This is true, but the text currently allows for the SRTs associated with various CIDs to be identical. This becomes problematic if you're forcing retirement and want to stop recognizing some of the CIDs previously issued. However, that's a problem we already have and cover in the text: > The same Stateless Reset Token MAY be used for multiple connection IDs on the same connection. However, reuse of a Stateless Reset Token might expose an endpoint to denial of service if associated connection IDs are forgotten while the associated token is still active at a peer. An endpoint MUST ensure that packets with Destination Connection ID field values that correspond to a reused Stateless Reset Token are attributed to the same connection as long as the Stateless Reset Token is still usable, even when the connection ID has been retired. Otherwise, an attacker might be able to send a packet with a retired connection ID and cause the endpoint to produce a Stateless Reset that it can use to disrupt the connection, just as with the attacks in Section 21.8. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/2769#issuecomment-500946427
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- [quicwg/base-drafts] Request to Retire Locally Is… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… ianswett
- Re: [quicwg/base-drafts] Request to Retire Locall… Martin Thomson
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Kazuho Oku
- Re: [quicwg/base-drafts] Request to Retire Locall… Martin Thomson
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… ianswett
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Kazuho Oku
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Marten Seemann
- Re: [quicwg/base-drafts] Request to Retire Locall… Kazuho Oku
- Re: [quicwg/base-drafts] Request to Retire Locall… Marten Seemann
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… David Schinazi
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Kazuho Oku
- Re: [quicwg/base-drafts] Request to Retire Locall… Kazuho Oku
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… David Schinazi
- Re: [quicwg/base-drafts] Request to Retire Locall… Marten Seemann
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… David Schinazi
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… MikkelFJ
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… ianswett
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Martin Thomson
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… David Schinazi
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… David Schinazi
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… ianswett
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… ianswett
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… ianswett
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Marten Seemann
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Mike Bishop
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Eric Kinnear
- Re: [quicwg/base-drafts] Request to Retire Locall… Martin Thomson
- Re: [quicwg/base-drafts] Request to Retire Locall… Igor Lubashev
- Re: [quicwg/base-drafts] Request to Retire Locall… Martin Thomson
- Re: [quicwg/base-drafts] Request to Retire Locall… Igor Lubashev
- Re: [quicwg/base-drafts] Request to Retire Locall… Nick Banks
- Re: [quicwg/base-drafts] Request to Retire Locall… Martin Thomson