[quicwg/base-drafts] f5d2d1: Remove recommendation to not include tokens
Jana Iyengar <noreply@github.com> Fri, 11 September 2020 05:46 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ADC893A1469 for <quic-issues@ietfa.amsl.com>; Thu, 10 Sep 2020 22:46:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZXkFGFUs-dhf for <quic-issues@ietfa.amsl.com>; Thu, 10 Sep 2020 22:46:24 -0700 (PDT)
Received: from out-27.smtp.github.com (out-27.smtp.github.com [192.30.252.210]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59FAD3A1464 for <quic-issues@ietf.org>; Thu, 10 Sep 2020 22:46:24 -0700 (PDT)
Received: from github-lowworker-fa7043e.ash1-iad.github.net (github-lowworker-fa7043e.ash1-iad.github.net [10.56.109.45]) by smtp.github.com (Postfix) with ESMTP id 7015A9025AF for <quic-issues@ietf.org>; Thu, 10 Sep 2020 22:46:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1599803183; bh=q1SuxO2FbHxMj4BL7gxbcWe2nqAZVROr9Fqq2H7jOOk=; h=Date:From:To:Subject:From; b=BrBsaRMGvqFnA7sZvdapAmXCDNzk2ALL53jhrZ5o//XdOUJpMqYRWTW13mdQ7yQwP kw3rWUeadANH++rY6vprQSLw50n7OXGEyNQrZPxIzGEI8lpYNwXkR6OHOjzhvQJSYW XSyy0aTpi7/C9nR5rzH/Wf6xgvYvQ22uXoJQHTck=
Date: Thu, 10 Sep 2020 22:46:23 -0700
From: Jana Iyengar <noreply@github.com>
To: quic-issues@ietf.org
Message-ID: <quicwg/base-drafts/push/refs/heads/master/903683-2d0650@github.com>
Subject: [quicwg/base-drafts] f5d2d1: Remove recommendation to not include tokens
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-Auto-Response-Suppress: All
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/d1nB9z3GSeNxm9WPZnjcK7nCjKA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Sep 2020 05:46:26 -0000
Branch: refs/heads/master Home: https://github.com/quicwg/base-drafts Commit: f5d2d1af76d9205883d89dc3fc20963883eb7b1a https://github.com/quicwg/base-drafts/commit/f5d2d1af76d9205883d89dc3fc20963883eb7b1a Author: Martin Thomson <mt@lowentropy.net> Date: 2020-09-10 (Thu, 10 Sep 2020) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Remove recommendation to not include tokens This is another judgment call, but as this wasn't a MUST in the first place, we weren't really preventing an attack. This just removes the recommendation to remove NEW_TOKEN tokens from Initial packets to new server addresses. It leaves the generic guidance, which is far more nuanced. I've added some commentary about the effect of withholding tokens on performance, as it seems like that is worth highlighting here. All in all, this leans more toward saying that request forgery is not the responsibility of QUIC deployments. Closes #4076. Commit: 560e56c154094e7883d0fd967bcbfc48e0b0eea3 https://github.com/quicwg/base-drafts/commit/560e56c154094e7883d0fd967bcbfc48e0b0eea3 Author: Martin Thomson <mt@lowentropy.net> Date: 2020-09-11 (Fri, 11 Sep 2020) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Fewer words = good Co-authored-by: Jana Iyengar <jri.ietf@gmail.com> Commit: 2d0650abbce0136885f594c321340fe584fab710 https://github.com/quicwg/base-drafts/commit/2d0650abbce0136885f594c321340fe584fab710 Author: Jana Iyengar <jri.ietf@gmail.com> Date: 2020-09-10 (Thu, 10 Sep 2020) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Merge pull request #4089 from quicwg/remove-new-token-forgery-req Remove recommendation to not include tokens Compare: https://github.com/quicwg/base-drafts/compare/903683bc1e25...2d0650abbce0
- [quicwg/base-drafts] f5d2d1: Remove recommendatio… Jana Iyengar