IETF Logo Mail Archive

Re: [quicwg/base-drafts] Allow most frames in 0-RTT (#2355)

Mike Bishop <notifications@github.com> Tue, 12 February 2019 21:32 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4720A130DC2 for <quic-issues@ietfa.amsl.com>; Tue, 12 Feb 2019 13:32:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.001
X-Spam-Level:
X-Spam-Status: No, score=-8.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IRp1igDF7Alz for <quic-issues@ietfa.amsl.com>; Tue, 12 Feb 2019 13:32:19 -0800 (PST)
Received: from out-6.smtp.github.com (out-6.smtp.github.com [192.30.252.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B71A130DC4 for <quic-issues@ietf.org>; Tue, 12 Feb 2019 13:32:19 -0800 (PST)
Date: Tue, 12 Feb 2019 13:32:18 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1550007138; bh=EP0dbeIVErlJH6GfVkoksy+wQkf77U1ovzp9KWwwjLQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=o1y0CYLhZQn8d4W7wytP+Pe/mRJhyGlBqPvGLDc0Rmwk7qBRxgluxXc/0V2X7wBx8 TSlyBB+BGO8H8i0Z+CTcktOMlDfPE683Y3WV9DxwjnX9AKIlBeNfaQBYGkWHG8LUJl Fn9+65zsEzS8PJ87J4waoamz9uuz2ZRk3CMfYiOg=
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab5b6d5e0b73052d3c7f26318dfbd9d38713d4a2ef92cf00000001187afd6292a169ce17e9c1c4@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2355/review/202914936@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2355@github.com>
References: <quicwg/base-drafts/pull/2355@github.com>
Subject: Re: [quicwg/base-drafts] Allow most frames in 0-RTT (#2355)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c633b62358ae_32e23fbe7cad45c42786ad"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/aKtD1g74Y2UlaI9jzQiCQve1070>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Feb 2019 21:32:21 -0000

MikeBishop approved this pull request.

I'm okay with the text as it stands, but had a few things to consider.

> @@ -324,19 +324,15 @@ the connection can usually appear at any encryption level, whereas those
 associated with transferring data can only appear in the 0-RTT and 1-RTT
 encryption levels:

The beginning of this paragraph (which GitHub won't let me comment on) is no longer true -- there isn't a specific list of frames per encryption level, but a list of exceptions to a general rule.

> +MUST describe how the protocol uses 0-RTT and the measures that are employed to
+protect against replay attack.  Disabling 0-RTT entirely is the most effective
+strategy.
+
+In the core protocol, particular attention needs to be paid to STREAM frames,
+which carry application data.  If another frame type carries, or could carry,
+application semantics, then the risk from replay attack needs to be considered.
+For instance, though this is likely to be inadvisable, an application that
+attached semantics to increases in flow control credit or stream cancellation
+would need to assess whether those uses were vulnerable to replay attack.
+
+Extensions to QUIC might create an additional exposure to replay attack if they
+are used by application protocols.  QUIC extensions SHOULD describe how replay
+attacks affects their operation.  Application protocols MUST either disable
+extensions in 0-RTT or provide replay mitigation strategies for any use of the
+extension.

This last sentence feels a little weird.  The application protocol is responsible for rules about transport extensions?  I would expect to be able to add support for new extensions to a transport library without needing to rev the application layer, unless the extension is explicitly used by the application layer.

It seems like the requirement that extensions describe how replay attacks are mitigated would be sufficient in general, and scope that last requirement to extensions which carry explicit application semantics (e.g. DATAGRAM).

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2355#pullrequestreview-202914936

v2.23.0 | Report a Bug | By Email