IETF Logo Mail Archive

Re: [quicwg/base-drafts] Change connection ID with Transport Parameters (#1041)

Martin Thomson <notifications@github.com> Wed, 10 January 2018 03:25 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4683C126D73 for <quic-issues@ietfa.amsl.com>; Tue, 9 Jan 2018 19:25:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7
X-Spam-Level:
X-Spam-Status: No, score=-7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VhlKZcC07yZA for <quic-issues@ietfa.amsl.com>; Tue, 9 Jan 2018 19:25:57 -0800 (PST)
Received: from github-smtp2a-ext-cp1-prd.iad.github.net (github-smtp2-ext4.iad.github.net [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 222EC124B17 for <quic-issues@ietf.org>; Tue, 9 Jan 2018 19:25:57 -0800 (PST)
Date: Tue, 09 Jan 2018 19:25:56 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1515554756; bh=7Lyf2mxdwLupnAD5ZeXdawTBZf8S3/CC3iL6P5qm/Mc=; h=From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=kkWTXsBEg6UPoieBrxhBvEaPWjImlHh1Zk96ebwFo7bYwBFZEv9S7jDM0oPtci0dt xBOnTyLTGLPye5YcOQ4bEshmtr29hzmX9MDt4d9mHCgEmPQSYmscszwD5kTcu38q7g VzUecXfU4CBCMd2Vg0fVuFC+K6vwtiCTMru0iwHw=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abd96ddeca53c6a5c2f8db5b506715dfc2d86337cd92cf00000001166d49c492a169ce111aa501@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1041/c356489098@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1041@github.com>
References: <quicwg/base-drafts/pull/1041@github.com>
Subject: Re: [quicwg/base-drafts] Change connection ID with Transport Parameters (#1041)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5a5587c448f3d_6dbf2ae4221bced0102691"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/cMWRY9gNMBvHZMo-qWbvhpcnNlI>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jan 2018 03:25:59 -0000

It's possible to use the declarations in transport parameters to effect negotiation, sure.  If I declare feature A and you do too, then it's safe to assume that using feature A won't cause problems.  I'd say that we probably need that for - for example - changing the ACK frame format to support new information.  And calling that negotiation isn't a stretch.  Right now, we don't have anything that negotiates and the text reflects that.

As for NEW_CONNECTION_ID, sure, an attacker can insert a connection ID.  The likely effect is to cause packets to be routed incorrectly, likely disrupting the handshake.  We've agreed that if an attacker is able to disrupt the handshake to this degree, then we're not going to try to stop them.  An attacker with that capability could also choose to block the handshake or tamper with it in other ways that would cause failure.  If the concern is misrouting, they could easily rewrite the connection ID.

If the server is able to (maybe because it didn't use the connection ID) and decides to accept the incorrectly-marked packets, then it just became complicit and I'm not sure that we need to worry about that.

One thing that I was wrong about here was that transport parameters are available to a client because the TLS handshake is complete.  There's a nasty race condition there though.  The handshake is really only complete once the client has sent its last flight, and that means using handshake packet protection keys, but using transport parameters from the completed handshake.  It's rather awkward.

We would also need to be clear about what connection ID is used for Handshake packets that the client sends when there is packet loss and it has to acknowledge server Handshake packets.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1041#issuecomment-356489098

v2.29.0 | Report a Bug | By Email | System Status