Re: [quicwg/base-drafts] Why does stateless reset have to be checked after MAC failure (#2152)
MikkelFJ <notifications@github.com> Mon, 26 August 2019 16:06 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E22712090D for <quic-issues@ietfa.amsl.com>; Mon, 26 Aug 2019 09:06:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.382
X-Spam-Level:
X-Spam-Status: No, score=-6.382 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id txWq51ugF6-j for <quic-issues@ietfa.amsl.com>; Mon, 26 Aug 2019 09:05:59 -0700 (PDT)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A44F21200EF for <quic-issues@ietf.org>; Mon, 26 Aug 2019 09:05:59 -0700 (PDT)
Date: Mon, 26 Aug 2019 09:05:58 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1566835558; bh=2Jq/jLSGGCm91ZeZk2fT8+ahFUCjrYm05p8FDa4r2z0=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=UZ4aQgvehoq86i0MAp2OTY8upWEJXxcRo1u1naCec5PVtNOVQL2Y6eKsQcujGIIL5 jkih2c2qClTPID5pN8OjCtXr00xinUVv3Pxwv/R1J1Jo12cCSFT49A9/bW31ftmVLE SQFEhmGxaFR2oyYdW+8Z9tfZPU9U2tVWXLyzlQ4s=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKY5DVE7GF2S2SKSSJF3OFB7NEVBNHHBOS4WPU@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2152/524920971@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2152@github.com>
References: <quicwg/base-drafts/issues/2152@github.com>
Subject: Re: [quicwg/base-drafts] Why does stateless reset have to be checked after MAC failure (#2152)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d64036682789_30633fdcabecd96c280964"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/W_DeMsR_FRBNEEk6yxczXKgl6qY>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Aug 2019 16:06:01 -0000
You don't need constant time because you are not replying to the reset. Worst case is that you ignore / reject the reset and continue sending observable packets. The timing of those packets is largely (but not entirely) independent of the reset lookup timing. Further, if a reset is successfully guessed, you are dead, so the only thing to protect is how you test for and react to unmatched resets. If packets are paced you should be good. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/2152#issuecomment-524920971
- [quicwg/base-drafts] Why does stateless reset hav… ekr
- Re: [quicwg/base-drafts] Why does stateless reset… Mike Bishop
- Re: [quicwg/base-drafts] Why does stateless reset… ekr
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… Kazuho Oku
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… MikkelFJ
- Re: [quicwg/base-drafts] Why does stateless reset… Kazuho Oku
- Re: [quicwg/base-drafts] Why does stateless reset… Kazuho Oku
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… Kazuho Oku
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… Kazuho Oku
- Re: [quicwg/base-drafts] Why does stateless reset… ekr
- Re: [quicwg/base-drafts] Why does stateless reset… Jana Iyengar
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… Christian Huitema
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson
- Re: [quicwg/base-drafts] Why does stateless reset… Jana Iyengar
- Re: [quicwg/base-drafts] Why does stateless reset… Lars Eggert
- Re: [quicwg/base-drafts] Why does stateless reset… Martin Thomson