Re: [quicwg/base-drafts] Forgery limits on packet protection (#3619)
Martin Thomson <notifications@github.com> Fri, 01 May 2020 21:58 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 076AE3A15D8 for <quic-issues@ietfa.amsl.com>; Fri, 1 May 2020 14:58:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.374
X-Spam-Level:
X-Spam-Status: No, score=-2.374 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.82, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p8RM8Ty-f-KD for <quic-issues@ietfa.amsl.com>; Fri, 1 May 2020 14:58:02 -0700 (PDT)
Received: from out-19.smtp.github.com (out-19.smtp.github.com [192.30.252.202]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B058C3A15D9 for <quic-issues@ietf.org>; Fri, 1 May 2020 14:58:02 -0700 (PDT)
Received: from github-lowworker-2e54e43.va3-iad.github.net (github-lowworker-2e54e43.va3-iad.github.net [10.48.17.27]) by smtp.github.com (Postfix) with ESMTP id 4B961521D82 for <quic-issues@ietf.org>; Fri, 1 May 2020 14:58:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1588370281; bh=bF4vEZ9XlEddQBQ9+uCFcSI3o8uqNVjZyMjv+XQ1qJ4=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=zVc/in7s6AHLSV+SM4LeMIogaLsBOMKJ8D1dsZbHDr9Iu8sb4YJ5kyk9zBQFQvloe sObmCjQaWGunBve2th9vOjSOuoMC9fv6g4lbh/qwP3U4LM+grgK2cVDL7AE91KlO07 wKUSnw5zQR4Yscokh1Jlv9kn6PVGRAdKJrf6ETgE=
Date: Fri, 01 May 2020 14:58:01 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK3DPVG5NUBFZD5WZYV4XB6GTEVBNHHCIZC2Y4@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3619/622584353@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3619@github.com>
References: <quicwg/base-drafts/issues/3619@github.com>
Subject: Re: [quicwg/base-drafts] Forgery limits on packet protection (#3619)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5eac9b693c981_422f3fb0012cd9682036a9"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/iO1Oa5D_FJznsj7tcbrWB8tdRJY>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2020 21:58:06 -0000
(Tentative) good news on CCM: Kenny identified a security analysis paper and it seems relatively simple to go from that to numbers. I am not personally concerned about support for key update. 9/15 isn't 15, but that doesn't bother me. It turns out to be a little fiddly to implement, so if people decide to drop connections that hit these limits instead, the effect isn't that bad. Of course, if you want to follow Nick's suggestion, that works too (I remember Dan Bernstein seriously suggesting a cipher that updated every record, back when I first proposed this scheme for TLS). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/3619#issuecomment-622584353
- [quicwg/base-drafts] Forgery limits on packet pro… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Nick Banks
- Re: [quicwg/base-drafts] Forgery limits on packet… martinduke
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Anthony Rossi
- Re: [quicwg/base-drafts] Forgery limits on packet… martinduke
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Antoine Delignat-Lavaud
- Re: [quicwg/base-drafts] Forgery limits on packet… Felix Günther
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Felix Günther
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson
- Re: [quicwg/base-drafts] Forgery limits on packet… Felix Günther
- Re: [quicwg/base-drafts] Forgery limits on packet… Martin Thomson