Re: [quicwg/base-drafts] Invalid CONNECTION_CLOSE frames (#2475)

Mike Bishop <> Fri, 15 February 2019 18:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 953D912D4E6 for <>; Fri, 15 Feb 2019 10:58:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.383
X-Spam-Status: No, score=-6.383 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id YHnzY1tR-Mzk for <>; Fri, 15 Feb 2019 10:58:13 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D3FBB124BAA for <>; Fri, 15 Feb 2019 10:58:12 -0800 (PST)
Date: Fri, 15 Feb 2019 10:58:11 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1550257091; bh=uffvE2Kznzs1xKmMsYvA4z+nrGGIIBRDl6Iu2v62P1g=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Cczj1UobJoIfWLNf3kO82KduH+RMUpeYJzkkVAPGT4r8F5BXUtxR4dwNWJaXpvHp3 h+AcagDP2q19bpAhu/C6vmBHaN9pXdomxn3dLTD4tI8bS4gnr3T7VU+QH4haJ38vzx D4mz3y/24Rdtvn7Mngk/SoSSq7ztRdND6RaeNMhE=
From: Mike Bishop <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2475/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Invalid CONNECTION_CLOSE frames (#2475)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c670bc385e93_23803f97c8ed45b4387596"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 15 Feb 2019 18:58:15 -0000

I *think* this is addressing the injected packet case -- if you ignore an injected CONNECTION_CLOSE, you shouldn't send the real peer anything about it, or you've just allowed an attacker to inject authenticated traffic in the connection.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: