Re: [quicwg/base-drafts] Retire My Own CID (#2645)

David Schinazi <notifications@github.com> Thu, 06 June 2019 12:20 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EBBE1201CB for <quic-issues@ietfa.amsl.com>; Thu, 6 Jun 2019 05:20:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.605
X-Spam-Level:
X-Spam-Status: No, score=-6.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tB7da74AzVHz for <quic-issues@ietfa.amsl.com>; Thu, 6 Jun 2019 05:20:17 -0700 (PDT)
Received: from out-7.smtp.github.com (out-7.smtp.github.com [192.30.252.198]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A47661200B5 for <quic-issues@ietf.org>; Thu, 6 Jun 2019 05:20:17 -0700 (PDT)
Date: Thu, 06 Jun 2019 05:20:16 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1559823616; bh=K4KVvTkSECVoiiwHuuAQkvjN3YjZ+863Mq9PI186MRI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=UmRVPZbHVXZNn0b0xfEZ8zWu8W73GZzptEDJa6U0K+0eiOvyYjZEYpBseTEpsNnhN bqtxuClANQEMClKo10bmpuA/LklxlJbYX9U/DDw981Z7+sWjsaJu9n+NHMpnKBP4gi 2KFvhoKVoCCqKSIeXbouF01fw1gqjxs69DAhsTQY=
From: David Schinazi <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKYHFYXPBCM3UFLFH5V3AY3YBEVBNHHBUAUCHA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2645/499470589@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2645@github.com>
References: <quicwg/base-drafts/issues/2645@github.com>
Subject: Re: [quicwg/base-drafts] Retire My Own CID (#2645)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cf905008585b_16333faac86cd95c206488"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: DavidSchinazi
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/cgyv9_U3tZvwGQuAko87DREQr0U>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2019 12:20:19 -0000

@nibanks in some implementations the ACK logic is not next to the connection ID management logic. For some of these implementations it would be very hard to ensure that the ACK isn't sent with the CID you'd like to retire. "MUST immediately retire" would add significant complexity to those implementations for very limited benefit.

Also, having the use of a CID you've asked to retire trigger a protocol violation is a security risk. It allows an attacker to close the connection by delaying a valid packet.

I like the idea of adding a `Retire Prior To` field in NEW_CONNECTION_ID frames, but we should make it advisory and not mandatory. Sending it tells the peer that if they keep sending with this CID packets might not get through at some point. But I don't think we should have MUSTs, immediatelys or protocol violations involved.

Is there any reason that wouldn't  serve the needs of your use case?


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2645#issuecomment-499470589