Re: [quicwg/base-drafts] Be more conservative about migration? (#2143)

MikkelFJ <notifications@github.com> Thu, 13 December 2018 14:10 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07D791252B7 for <quic-issues@ietfa.amsl.com>; Thu, 13 Dec 2018 06:10:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.459
X-Spam-Level:
X-Spam-Status: No, score=-9.459 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yTPjVJuEkEZF for <quic-issues@ietfa.amsl.com>; Thu, 13 Dec 2018 06:10:36 -0800 (PST)
Received: from out-6.smtp.github.com (out-6.smtp.github.com [192.30.252.197]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC7F5124408 for <quic-issues@ietf.org>; Thu, 13 Dec 2018 06:10:35 -0800 (PST)
Date: Thu, 13 Dec 2018 06:10:35 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1544710235; bh=yR8k/RFqXbOxt4FRECvweMcQMrCP5LnGINsevWr30pA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=YbCGFwzbn+f1kteH2/Tz0fmUeNPV/NZhYuzwIdZDBNNsQRtdyfGNf6DQGWJrvGJm5 Nzkd4M7t/JLbLGj7rdqk7qUcFR2YeXVhlkQlSkntS5SZO2/5//H7ecpYLmBUzYDhy7 wHwVTaKGe16umTUXGGAbjZjFSZknQ8asBnNVxJDw=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab71fdd9fac2083c5c6c311b955cf02efa72e0629192cf00000001182a2a5b92a169ce17495be9@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2143/446981296@github.com>
In-Reply-To: <quicwg/base-drafts/issues/2143@github.com>
References: <quicwg/base-drafts/issues/2143@github.com>
Subject: Re: [quicwg/base-drafts] Be more conservative about migration? (#2143)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c12685b7192_50c53ff949ed45b831535"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ews2az3wxdQ35uNOxWZSM9exqyo>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2018 14:10:38 -0000

When you say on-path, do you mean observer? I.e. with the ability to race a packet, or to drop or replace a packet.

I suppose a race will not be successful in this attack.

So the effectiveness on the attack builds on it being cheaper to confuse the connection rather than to actively drop packets. I'm not sure that is a strong case for additional complexity. However, a related attack might be used for amplification attacks by changing the IP to that of the indented victim.

Attacks that can be instigated by observers are much more severe because they are far easier to achieve, especially undetected.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2143#issuecomment-446981296