Re: [quicwg/base-drafts] handshake and 0rtt data in a single packet (#630)

ianswett <notifications@github.com> Thu, 09 November 2017 23:55 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73F7912940F for <quic-issues@ietfa.amsl.com>; Thu, 9 Nov 2017 15:55:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.018
X-Spam-Level:
X-Spam-Status: No, score=-2.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OV345IAo5eUe for <quic-issues@ietfa.amsl.com>; Thu, 9 Nov 2017 15:55:16 -0800 (PST)
Received: from o1.sgmail.github.com (o1.sgmail.github.com [192.254.114.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7D2F127419 for <quic-issues@ietf.org>; Thu, 9 Nov 2017 15:55:15 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=BBsO/C1Ucx2qnmzSZrShUoBUDcU=; b=flQyFj8QuTFd5tkr U18eHkDEze3bPoOYhgeqCohRj3pL4chCeAeo1vQilnpmR1yicyHDFfG3/qicrDq6 eyKQ11p4VOFMWmmZSxM4a1Z43/Gqrf/GPwvY/+THVheB/lNm8OhKrP7w/RCkLY3n Jas8mRxxbBdDd+o3nHx6qtsAie0=
Received: by filter0587p1las1.sendgrid.net with SMTP id filter0587p1las1-15277-5A04EAE2-10 2017-11-09 23:55:14.558732624 +0000 UTC
Received: from github-smtp2a-ext-cp1-prd.iad.github.net (github-smtp2a-ext-cp1-prd.iad.github.net [192.30.253.16]) by ismtpd0009p1iad1.sendgrid.net (SG) with ESMTP id muPq_3uNR1CWlo2vHfcOgQ for <quic-issues@ietf.org>; Thu, 09 Nov 2017 23:55:14.442 +0000 (UTC)
Date: Thu, 09 Nov 2017 23:55:14 +0000
From: ianswett <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abb116ea76800f897ae89c2a9b21f04bafc3705b8792cf00000001161cace292a169ce0e0bd8dd@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/630/343330861@github.com>
In-Reply-To: <quicwg/base-drafts/issues/630@github.com>
References: <quicwg/base-drafts/issues/630@github.com>
Subject: Re: [quicwg/base-drafts] handshake and 0rtt data in a single packet (#630)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5a04eae25470b_2f983f903871ef28879c1"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
tracking:
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak0fFOquTnvtVTqNWXwXn/sgDqpjcAvQVYLLRt 1xyxNKq9rk10KKIYTjQPi3OANkXsch0/6DqBRPkdDlvlTARgncdO1wFaclxP+SJRKX3Tas+zc0STLD pGF94G6+I6HLq7nIKsGDKU4H/kKI2rmfxtu9NHvwceYHDLAkYFC+mNh2MVV6gHNt+KEMXhKV3rswr5 k=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ZK7wqzT7sAMBM6w5gXqryJJv3Wc>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Nov 2017 23:55:17 -0000

If we restrict this to embedding packets within the handshake packets encryption, this must be safe.  Because any observer could just apply the same encryption themselves.

And I'd be happy restricting it to handshake packets.  I'd even be happy just adding one frame type for 0RTT within handshake packets, unless someone comes up with a compelling use case for the others.  

I do think this is a better approach than adding a length, because adding a length introduces the possibility of bugs(ie: read length bytes into memory, attempt to 'de-frame' out of bounds memory, badness ensues) and it makes the 'header' larger and slightly more complex.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/630#issuecomment-343330861