Re: [quicwg/base-drafts] Move requirements for packet number reset (#3811)
Jana Iyengar <notifications@github.com> Thu, 02 July 2020 02:44 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 968863A08AF for <quic-issues@ietfa.amsl.com>; Wed, 1 Jul 2020 19:44:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.101
X-Spam-Level:
X-Spam-Status: No, score=-3.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JaSYl3FmyA5X for <quic-issues@ietfa.amsl.com>; Wed, 1 Jul 2020 19:44:04 -0700 (PDT)
Received: from out-18.smtp.github.com (out-18.smtp.github.com [192.30.252.201]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EBD133A08C6 for <quic-issues@ietf.org>; Wed, 1 Jul 2020 19:44:03 -0700 (PDT)
Received: from github-lowworker-9bcb4a1.ac4-iad.github.net (github-lowworker-9bcb4a1.ac4-iad.github.net [10.52.25.84]) by smtp.github.com (Postfix) with ESMTP id DF9C36E0026 for <quic-issues@ietf.org>; Wed, 1 Jul 2020 19:44:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1593657842; bh=zxftldpv+XU0RwW4IZlP2Ak+l0F8hCXSqvyxZ00Xrhc=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Y6pmo0v0bV15uuRg+c7u7dtoLAMcDN9aPkIG6CSJdDmDjBhJZhL2FiaYyBM5Dgq/G gGPOTdJtR/JVfnyGbS+G1+sjWUAzHB9Vlvi4p8wI5Y/tGKWD5urLQviUrgC7EWJz4l PgB7VQe/IlC4smcUAq8o+I+sk/uYYB8YsGYMhFg0=
Date: Wed, 01 Jul 2020 19:44:02 -0700
From: Jana Iyengar <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK63BFSBUHL2GUREORN5BEVPFEVBNHHCNKQPJA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3811/review/441311204@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3811@github.com>
References: <quicwg/base-drafts/pull/3811@github.com>
Subject: Re: [quicwg/base-drafts] Move requirements for packet number reset (#3811)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5efd49f2d07e0_2b323f98456cd9605658f6"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: janaiyengar
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/hDo-fXSYI3rU8DpHG9zTl5Y5RVM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jul 2020 02:44:06 -0000
@janaiyengar commented on this pull request. > @@ -4549,13 +4549,9 @@ packets. After a client receives a Retry packet, 0-RTT packets are likely to have been lost or discarded by the server. A client SHOULD attempt to resend data in -0-RTT packets after it sends a new Initial packet. - -A client MUST NOT reset the packet number it uses for 0-RTT packets, since the -keys used to protect 0-RTT packets will not change as a result of responding to -a Retry packet. Sending packets with the same packet number in that case is -likely to compromise the packet protection for all 0-RTT packets because the -same key and nonce could be used to protect different content. +0-RTT packets after it sends a new Initial packet. New packet numbers MUST be +used for any new packets that are sent; as defined in {{retry-continue}}, ```suggestion used for any new packets that are sent; as described in {{retry-continue}}, ``` > +processing a Retry packet. This applies to 0-RTT packets in particular as those +contain confidential information that is most likely to need transmission. The +keys used to protect packets will not change as a result of responding to a +Retry packet. Sending packets with the same packet number is likely to +compromise the packet protection for those packets because the same key and +nonce could be used to protect different content. ```suggestion processing a Retry packet. In particular, 0-RTT packets contain confidential information that will most likely be retransmitted on receiving a Retry packet. The keys used to protect these new 0-RTT packets will not change as a result of responding to a Retry packet. However, the data sent in these packets could be different than what was sent earlier. Sending these new packets with the same packet number is likely to compromise the packet protection for those packets because the same key and nonce could be used to protect different content. ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/3811#pullrequestreview-441311204
- Re: [quicwg/base-drafts] Move requirements for pa… Kazuho Oku
- [quicwg/base-drafts] Move requirements for packet… Martin Thomson
- Re: [quicwg/base-drafts] Move requirements for pa… Jana Iyengar
- Re: [quicwg/base-drafts] Move requirements for pa… Martin Thomson
- Re: [quicwg/base-drafts] Move requirements for pa… Marten Seemann
- Re: [quicwg/base-drafts] Move requirements for pa… Mike Bishop
- Re: [quicwg/base-drafts] Move requirements for pa… ianswett
- Re: [quicwg/base-drafts] Move requirements for pa… Martin Thomson
- Re: [quicwg/base-drafts] Move requirements for pa… Martin Thomson