Re: [quicwg/base-drafts] Allow reuse of stateless reset tokens (#2733)

Martin Thomson <> Wed, 22 May 2019 15:10 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 323AD1201A2 for <>; Wed, 22 May 2019 08:10:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.606
X-Spam-Status: No, score=-6.606 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PpmEG7m5sUPo for <>; Wed, 22 May 2019 08:10:28 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 803CD1201D3 for <>; Wed, 22 May 2019 08:10:24 -0700 (PDT)
Date: Wed, 22 May 2019 08:10:23 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1558537823; bh=GjohOmi8kFUEWgMGHS5YyUdO21YtuA4we+u2PKGoc2M=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=cE+uVNL1OZr1FYzbwGrNi0HaSt4+vkRQXZsleiESBiv1lqSkwWo//+7k4mcijPw/M gtxFuCMQ/7eJDGVVHMBnJkIFwiyc64ClUEs1/wjnkuWjccmUM9cYdfoFFZGQpfcXOa ByJ1k2pcKOVydhKaDa+drZJvob1i3fEiMmtOxm7Q=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2733/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Allow reuse of stateless reset tokens (#2733)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ce5665f6acb8_746a3f862e4cd96826073a0"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 22 May 2019 15:10:32 -0000

martinthomson commented on this pull request.

> @@ -2476,6 +2476,14 @@ the same static key (see {{reset-oracle}}).  A connection ID from a connection
 that is reset by revealing the Stateless Reset Token MUST NOT be reused for new
 connections at nodes that share a static key.
+The same Stateless Reset Token MAY be used for multiple connection IDs on the
+same connection.  An endpoint that reuses a Stateless Reset Token MUST ensure
+that any connection ID used on the connection is matched to the active
+connection, including any routing performed at load balancers, even when a
+connection ID has been retired.  Otherwise, an attacker might be able to send a
+packet with a retired connection ID and cause the endpoint to produce a
+Stateless Reset.
 Note that Stateless Reset packets do not have any cryptographic protection.

I've tweaked the text (there was a grammatical error), but I think that this was related to the change.  It was a minor editorial thing.  It's really hard to get this right.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: