IETF Logo Mail Archive

Re: [quicwg/base-drafts] Compatible version upgrade (#1901)

MikkelFJ <notifications@github.com> Fri, 26 October 2018 08:25 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D54D5127AC2 for <quic-issues@ietfa.amsl.com>; Fri, 26 Oct 2018 01:25:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FHadxqV1pOeG for <quic-issues@ietfa.amsl.com>; Fri, 26 Oct 2018 01:25:07 -0700 (PDT)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C232130DC9 for <quic-issues@ietf.org>; Fri, 26 Oct 2018 01:25:07 -0700 (PDT)
Date: Fri, 26 Oct 2018 01:25:06 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1540542306; bh=hO1GvSOyD5TkicDpaqDwYsTKEtKeQ10DZP94fQ6juKQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Z90RLeCdbpNOOCrWc2MriwlTLLAkib5jpFbN4rqjkXJE/KlmFSqXNw8C8cBV+wYp2 jEvgDFs/ZfDKFiRPpRHnDNpuqiI20bNSj6Z3BugZsQgqJNyLU9uIRFZJ57rcwYBxMx SdPr2FbAfebbiIXbC20abCmXarzj21rct0/kvK5s=
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abc9de5993a5a583fd5e146f9b80a42a40f43be72492cf0000000117ea916292a169ce1640b1a8@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1901/c433329106@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1901@github.com>
References: <quicwg/base-drafts/pull/1901@github.com>
Subject: Re: [quicwg/base-drafts] Compatible version upgrade (#1901)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bd2cf6280098_75fd3f915c6d45c018550a2"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/huAqUJ9yeWRBmSvqJ9TnRZWz-Uw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2018 08:25:09 -0000

@kazuho writes 

> Is the server allowed to perform a compatible version upgrade against a version included in unsupported_versions? This could happen during the upgrade process of a server cluster. My slight preference goes to allowing that, because that simplifies the design by making the server the sole entity that detects version downgrade. But people might have different opinions.

I think a downgrade attack is a downgrade attack. If protection is not inherent in the protocol the client must protect itself "manually" which is will not happen reliably.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/1901#issuecomment-433329106

v2.23.0 | Report a Bug | By Email