Re: [quicwg/base-drafts] Remove DoS vector for spoofed connection migration (#2893)

Eric Kinnear <> Mon, 22 July 2019 20:42 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 746CC1200A3 for <>; Mon, 22 Jul 2019 13:42:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id L_lj-tIgIrjF for <>; Mon, 22 Jul 2019 13:42:45 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 573031200DE for <>; Mon, 22 Jul 2019 13:42:45 -0700 (PDT)
Date: Mon, 22 Jul 2019 13:42:44 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1563828164; bh=za2gq3r8qiBvy35mOSv+sWWjaGw6wVc8F0ntLuBXCEI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=ItTAzBpqv5sXTIU9hIakKYblXGQ4UVQ91qkt/sXOxls0HmNtshJAicCokwEiLd22x EKfoFqXhxmLshNh5vbRtwP/PuASfwnLvrUgnkOAMJe9IgxXdelOmdf6YWe8HW/3zDm Ba4j1SJEYWq7Wp2GjxIl+ILkdUSg9zzF85txPjEk=
From: Eric Kinnear <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2893/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Remove DoS vector for spoofed connection migration (#2893)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d361fc46fa1a_5ea23fc75a2cd95c716256"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: erickinnear
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 22 Jul 2019 20:42:48 -0000

erickinnear commented on this pull request.

> -INVALID_MIGRATION.  Similarly, an endpoint MUST NOT initiate migration if its
-peer supplies a zero-length connection ID as packets without a Destination
-Connection ID cannot be attributed to a connection based on address tuple.
-Not all changes of peer address are intentional migrations. The peer could
-experience NAT rebinding: a change of address due to a middlebox, usually a NAT,
-allocating a new outgoing port or even a new outgoing IP address for a flow.  An
-endpoint MUST perform path validation ({{migrate-validate}}) if it detects any
-change to a peer's address, unless it has previously validated that address.
+An endpoint also MUST NOT send packets from a different local address, actively
+initiating migration, if the peer sent the `disable_active_migration` transport
+parameter during the handshake. An endpoint which has sent this transport
+parameter, but detects that a peer has nonetheless migrated to a different
+network MUST either drop the incoming packets on that path without generating a
+stateless reset or proceed with path validation and allow the peer to migrate.
+This helps to prevent third parties in the network causing connections to close

Changed in e7d2297, thanks!

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: