Re: [quicwg/base-drafts] First octet changes (#2006)
Marten Seemann <notifications@github.com> Thu, 15 November 2018 11:43 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6673F126DBF for <quic-issues@ietfa.amsl.com>; Thu, 15 Nov 2018 03:43:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jOLXqFjgESCq for <quic-issues@ietfa.amsl.com>; Thu, 15 Nov 2018 03:43:31 -0800 (PST)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED90C126CC7 for <quic-issues@ietf.org>; Thu, 15 Nov 2018 03:43:30 -0800 (PST)
Date: Thu, 15 Nov 2018 03:43:30 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1542282210; bh=Y1CtRvEsa9rFraLFSKSSD3fKg2n04YqlrdEP+8Gc5Rw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=jPuaSxWQzHb/B+QCKiBoZUaRjr9D9xrlOd7jhxvgnrSVLMbias/fiErHehRAFgLVL lqbq/cFAF9jvr2PGYq7moZOkBA00wt8NAh+6eKN+oYB6i68B+CuHASPeU4sHtllBRl jdrViKN+QCBgikNuqaYVLtJjvxF+XfiqJ8jZU6xI=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abae11397b8d565aa6c027ac94ced906ca9967119792cf0000000118051de292a169ce16b57ba1@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2006/review/175309493@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2006@github.com>
References: <quicwg/base-drafts/pull/2006@github.com>
Subject: Re: [quicwg/base-drafts] First octet changes (#2006)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bed5be238ba8_35f73fd423cd45c44166ea"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/i0Ta5MlzX4H0bjPobSkLN3rTC0s>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Nov 2018 11:43:33 -0000
marten-seemann commented on this pull request.
>
-: The fourth bit (0x10) of byte 0 is set to 1.
+: The next two bits (those with a mask of 0x18) of byte 0 are reserved. These
+ bits are protected using header protection (see Section 5.4 of
+ {{QUIC-TLS}}). The value included prior to protection MUST be set to 0. An
+ endpoint MUST treat receipt of a packet that has a non-zero value for these
+ bits after removing protection as a connection error of type
+ PROTOCOL_VIOLATION.
Sorry for the confusion. I meant "removing packet protection" (not header protection). The reason is that header protection is not authenticated, so an attacker can send a packet, and we'll happily remove header protection (and receive some garbage values). Only when we try to remove packet protection will we discover that this packet was not sent by the peer.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2006#discussion_r233810654
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- [quicwg/base-drafts] First octet changes (#2006) Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… janaiyengar
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… ianswett
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… erickinnear
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Dmitri Tikhonov
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… David Schinazi
- Re: [quicwg/base-drafts] First octet changes (#20… Christian Huitema
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… Dirkjan Ochtman
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… Marten Seemann
- Re: [quicwg/base-drafts] First octet changes (#20… Christian Huitema
- Re: [quicwg/base-drafts] First octet changes (#20… Kazuho Oku
- Re: [quicwg/base-drafts] First octet changes (#20… Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… Martin Thomson
- Re: [quicwg/base-drafts] First octet changes (#20… MikkelFJ
- Re: [quicwg/base-drafts] First octet changes (#20… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… ianswett
- Re: [quicwg/base-drafts] First byte changes (#200… Christian Huitema
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Mike Bishop
- Re: [quicwg/base-drafts] First byte changes (#200… MikkelFJ
- Re: [quicwg/base-drafts] First byte changes (#200… David Schinazi
- Re: [quicwg/base-drafts] First byte changes (#200… David Schinazi
- Re: [quicwg/base-drafts] First byte changes (#200… Dmitri Tikhonov
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Marten Seemann
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… Alexandre Ferrieux
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… janaiyengar
- Re: [quicwg/base-drafts] First byte changes (#200… Kazuho Oku
- Re: [quicwg/base-drafts] First byte changes (#200… MikkelFJ
- Re: [quicwg/base-drafts] First byte changes (#200… janaiyengar
- Re: [quicwg/base-drafts] First byte changes (#200… Igor Lubashev
- Re: [quicwg/base-drafts] First byte changes (#200… Christian Huitema
- Re: [quicwg/base-drafts] First byte changes (#200… Martin Thomson