Re: [quicwg/base-drafts] Migration before handshake completed is very messy (#2309)
Christian Huitema <notifications@github.com> Tue, 11 June 2019 16:29 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2259F1202F1 for <quic-issues@ietfa.amsl.com>; Tue, 11 Jun 2019 09:29:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.391
X-Spam-Level:
X-Spam-Status: No, score=-6.391 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6opQWQmpbnuu for <quic-issues@ietfa.amsl.com>; Tue, 11 Jun 2019 09:29:03 -0700 (PDT)
Received: from out-20.smtp.github.com (out-20.smtp.github.com [192.30.252.203]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D701120186 for <quic-issues@ietf.org>; Tue, 11 Jun 2019 09:29:03 -0700 (PDT)
Date: Tue, 11 Jun 2019 09:29:01 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1560270541; bh=oYOMRePtZGFH+WYlmqUBXmvzbXr+xm7po01QsOvvrmM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=tQ3dc1evBOS6l1vLXEMfXei2OUiAyTK+24IBhp/d8vODLYYn0hPcS+8lzUc1XhnVT X9KXpFKw0ayPNc/t0rAYpda3M7QtypHQp49H9dVgcvXrK9P+EPSOg5agY7Ow4WzUQg FXyAlbv98J185qrjDDmMsrbIxLC0u7nDrxTEGtHE=
From: Christian Huitema <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKYTKWDDQTAELBUHOQF3BUEU3EVBNHHBPH6JBM@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2309/500920176@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2309@github.com>
References: <quicwg/base-drafts/issues/2309@github.com>
Subject: Re: [quicwg/base-drafts] Migration before handshake completed is very messy (#2309)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cffd6cdb98c7_52f63fa765ecd9608539"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/Y9_uX-SYl3Ue6w8LpsoIYBlRlAw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 16:29:05 -0000
@ianswett You don't have to close the connection to protect against NAT rebinding. Ignoring packets from the wrong addresses during the handshake is simpler and more robust. The picoquic implementation does something like that: accept the content of the handshake packet (not initial) if it decrypts correctly, ignore any address change until the handshake is confirmed. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/2309#issuecomment-500920176
- [quicwg/base-drafts] Migration before handshake c… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… Marten Seemann
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… erickinnear
- Re: [quicwg/base-drafts] Migration before handsha… Marten Seemann
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… ianswett
- Re: [quicwg/base-drafts] Migration before handsha… David Schinazi
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… ianswett
- Re: [quicwg/base-drafts] Migration before handsha… David Schinazi
- Re: [quicwg/base-drafts] Migration before handsha… MikkelFJ
- Re: [quicwg/base-drafts] Migration before handsha… Martin Thomson
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… Martin Thomson
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… Martin Thomson
- Re: [quicwg/base-drafts] Migration before handsha… Lars Eggert
- Re: [quicwg/base-drafts] Migration before handsha… Martin Thomson
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… ianswett
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… ianswett
- Re: [quicwg/base-drafts] Migration before handsha… Christian Huitema
- Re: [quicwg/base-drafts] Migration before handsha… Martin Thomson