Re: [quicwg/base-drafts] Authenticate connection IDs (#3499)
martinduke <notifications@github.com> Wed, 11 March 2020 02:44 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69CE93A0F80 for <quic-issues@ietfa.amsl.com>; Tue, 10 Mar 2020 19:44:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.1
X-Spam-Level:
X-Spam-Status: No, score=-3.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kDPkK55ehXSf for <quic-issues@ietfa.amsl.com>; Tue, 10 Mar 2020 19:44:04 -0700 (PDT)
Received: from out-6.smtp.github.com (out-6.smtp.github.com [192.30.252.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 836E43A0F9B for <quic-issues@ietf.org>; Tue, 10 Mar 2020 19:44:04 -0700 (PDT)
Received: from github-lowworker-fa7043e.ash1-iad.github.net (github-lowworker-fa7043e.ash1-iad.github.net [10.56.109.45]) by smtp.github.com (Postfix) with ESMTP id 402221C07C0 for <quic-issues@ietf.org>; Tue, 10 Mar 2020 19:44:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1583894643; bh=ZZTLOhomN+fThvQG8TxaMCDDjagJcnC+DjRnazLdA3M=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=HdPQrA5ATuDNmIQ9K0Dted0o+ppBmNabZVZQ+Gag5p45C1oigMtqQ8Bz247xHruE/ evobdIkYwAa8YSAtHchxN0OdG7Yq9P5xw1iN1uLQcEJ4wZmk91seuJuZl94Ttwch2N tKUMKYrutXmuac+eeDjy05hsuH5Pzyt94CPlvuLU=
Date: Tue, 10 Mar 2020 19:44:03 -0700
From: martinduke <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKY6XKDI6BYO3WGGFGF4OQYXHEVBNHHCESD76A@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3499/review/372441388@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3499@github.com>
References: <quicwg/base-drafts/pull/3499@github.com>
Subject: Re: [quicwg/base-drafts] Authenticate connection IDs (#3499)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e68507330600_68ac3fc27b2cd96820193b"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ZbBYB1zcWQhqWs1PLNkDslESCV8>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2020 02:44:07 -0000
martinduke requested changes on this pull request. Thanks to @martinthomson and @dschinazi for making it clear this is about security proofs, not specific attacks. I'm more inclined to support it now. If there is really no path to proving that the spec already authenticates server initial SCIDs, then this may be the price we have to pay to be provably secure. The Retry parts may be necessary in any case. But it's a pain. Clients keeping up to 3 different peer CIDs at one time in the handshake; longer retry tokens; and a bunch of mandatory TPs, changing on a per-connection basis, with no observable purpose. It feels like bloat but I don't have the tools and resources to prove it. > @@ -4742,6 +4781,22 @@ active_connection_id_limit (0x0e): When a zero-length connection ID is being used, the active_connection_id_limit parameter MUST NOT be sent. +handshake_connection_id (0x0f): + +: The value that the endpoint included in the Source Connection ID field of the + first Initial packet it sends during the handshake. Endpoints MUST validate + that this transport parameter is present and that it matches the value that + was received in Initial packets. Authenticating this value ensures that an + attacker is unable to influence the selection of connection IDs during the What if some of these CIDs are zero length? Do we omit them? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/3499#pullrequestreview-372441388
- [quicwg/base-drafts] Authenticate connection IDs … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … ianswett
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Christopher Wood
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Christopher Wood
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Kazuho Oku
- Re: [quicwg/base-drafts] Authenticate connection … ianswett
- Re: [quicwg/base-drafts] Authenticate connection … Kazuho Oku
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … martinduke
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Kazuho Oku
- Re: [quicwg/base-drafts] Authenticate connection … ianswett
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … Mike Bishop
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Jana Iyengar
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Jana Iyengar
- Re: [quicwg/base-drafts] Authenticate connection … Mike Bishop
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Mike Bishop
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Christian Huitema
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Marten Seemann
- Re: [quicwg/base-drafts] Authenticate connection … ianswett
- Re: [quicwg/base-drafts] Authenticate connection … martinduke
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … martinduke
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Marten Seemann
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … David Schinazi
- Re: [quicwg/base-drafts] Authenticate connection … Jana Iyengar
- Re: [quicwg/base-drafts] Authenticate connection … ekr
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson
- Re: [quicwg/base-drafts] Authenticate connection … Martin Thomson