[quicwg/base-drafts] 6f9f8d: Curtail CONNECTION_CLOSE for small Initial
Martin Thomson <noreply@github.com> Mon, 09 December 2019 04:07 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5765A1200CC for <quic-issues@ietfa.amsl.com>; Sun, 8 Dec 2019 20:07:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o8agCJV94zAs for <quic-issues@ietfa.amsl.com>; Sun, 8 Dec 2019 20:07:39 -0800 (PST)
Received: from out-23.smtp.github.com (out-23.smtp.github.com [192.30.252.206]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF94A12004A for <quic-issues@ietf.org>; Sun, 8 Dec 2019 20:07:38 -0800 (PST)
Date: Sun, 08 Dec 2019 20:07:38 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1575864458; bh=WeA60Wl75P+1H7lSuAHMh88fVH6Te5O9CW8vpXYQfe8=; h=Date:From:To:Subject:From; b=nVKQ9TTO4Hi+oxbg0drp/SroBSzzHe3Xh0KVc84K9K3kwKCT3+nr06EEyEn/oTtqm modOQUkNTfiRuj5oxcbJrSOwrZxGOlTe5Lx3CUG/IVHql5D89rSViIf+hOc5wpGuAK q2Xi0CiQJMZi4gTEDY/gKn9m9fJFYo5TTJA5SvuY=
From: Martin Thomson <noreply@github.com>
To: quic-issues@ietf.org
Message-ID: <quicwg/base-drafts/push/refs/heads/close-small-initial/000000-6f9f8d@github.com>
Subject: [quicwg/base-drafts] 6f9f8d: Curtail CONNECTION_CLOSE for small Initial
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-Auto-Response-Suppress: All
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ksAGg6JlvHdbR_nhY7RbGyK6vN8>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2019 04:07:40 -0000
Branch: refs/heads/close-small-initial Home: https://github.com/quicwg/base-drafts Commit: 6f9f8d7ffca4eed3373bb9f64261f85fd5f76b1a https://github.com/quicwg/base-drafts/commit/6f9f8d7ffca4eed3373bb9f64261f85fd5f76b1a Author: Martin Thomson <mt@lowentropy.net> Date: 2019-12-09 (Mon, 09 Dec 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Curtail CONNECTION_CLOSE for small Initial This is trickier than I had imagined. Sending CONNECTION_CLOSE is probably fine, but it's harder to do this correctly now. You can't just send an unauthenticated CONNECTION_CLOSE because that might disrupt a real connection. So there are two goals in tension: 1. Don't kill an active connection (attempt) unnecessarily. 2. Provide feedback about errors. The observation is that an attacker can disrupt connections by eliciting a CONNECTION_CLOSE, so feedback naturally leads to an exposure to a DoS attack. That's unfortunate, but we have established that we don't care about DoS by an on-path attacker prior to handshake completion. Anything we do here has got to be best effort. DoS prevention would say that you just discard junk, and that is probably the right answer. But we have a number of cases where the robustness of the system depends on getting feedback. Either way, we agreed to allow CONNECTION_CLOSE in Initial, so the exposure exists anyway. So this contains advice. Maybe too much advice, but I thought that I'd see what people thought. Closes #3269.
- [quicwg/base-drafts] 6f9f8d: Curtail CONNECTION_C… Martin Thomson