Re: [quicwg/base-drafts] Allow server to enforce port-Retry packet numbering (#3989)
Kazuho Oku <notifications@github.com> Tue, 11 August 2020 01:08 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 365AC3A0E73 for <quic-issues@ietfa.amsl.com>; Mon, 10 Aug 2020 18:08:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id blzwnQ33A2wD for <quic-issues@ietfa.amsl.com>; Mon, 10 Aug 2020 18:08:56 -0700 (PDT)
Received: from out-27.smtp.github.com (out-27.smtp.github.com [192.30.252.210]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 181753A0E6C for <quic-issues@ietf.org>; Mon, 10 Aug 2020 18:08:56 -0700 (PDT)
Received: from github-lowworker-56fcc46.va3-iad.github.net (github-lowworker-56fcc46.va3-iad.github.net [10.48.102.32]) by smtp.github.com (Postfix) with ESMTP id 18B14900087 for <quic-issues@ietf.org>; Mon, 10 Aug 2020 18:08:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1597108135; bh=+GH2UxzifTWVfCBm5J+2aFkgNJYR37enZqnoDxRKtBw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=iCInl/Zs0l00sxtXRkLYbkOq8iJQq4650zyoo61OYq1zAkYoGped9OvAtTz/kUtRl dPYMEBeo8rI5C9ZPGKQsY638MYC76MKMi5hCtqgIVDo7FZ+YtawY1gXzvmPO8K4nHP wCT1b9MG55TCom78qmEg8H4Th21TFXHQX5rz9EUI=
Date: Mon, 10 Aug 2020 18:08:55 -0700
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKZCDBSQ4EA2UCHW7CF5HXIKPEVBNHHCQTDTBE@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3989/671666057@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3989@github.com>
References: <quicwg/base-drafts/issues/3989@github.com>
Subject: Re: [quicwg/base-drafts] Allow server to enforce port-Retry packet numbering (#3989)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f31efa74d1f_3c1a16f874412d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ntZhRVFiHfoK8REuMSYQX8hoDhg>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2020 01:08:57 -0000
Aside from it not being trivial to enforce, I am not sure how much I like the idea of enforcing correctness for Initial packets. And that is because injection of Initial packets is the way for middleboxes to disrupt the connection. IIRC, we have allowed endpoints to ignore suspicious Initial packets, and I tend to think that we do not need to suggest that an endpoint can (IMO needlessly) strict. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/3989#issuecomment-671666057
- [quicwg/base-drafts] Allow server to enforce port… Dmitri Tikhonov
- Re: [quicwg/base-drafts] Allow server to enforce … Martin Thomson
- Re: [quicwg/base-drafts] Allow server to enforce … ianswett
- Re: [quicwg/base-drafts] Allow server to enforce … Kazuho Oku
- Re: [quicwg/base-drafts] Allow server to enforce … Dmitri Tikhonov
- Re: [quicwg/base-drafts] Allow server to enforce … Mike Bishop
- Re: [quicwg/base-drafts] Allow server to enforce … ianswett
- Re: [quicwg/base-drafts] Allow server to enforce … Kazuho Oku
- Re: [quicwg/base-drafts] Allow server to enforce … Lucas Pardue
- Re: [quicwg/base-drafts] Allow server to enforce … Marten Seemann
- Re: [quicwg/base-drafts] Allow server to enforce … ekr
- Re: [quicwg/base-drafts] Allow server to enforce … Kazuho Oku
- Re: [quicwg/base-drafts] Allow server to enforce … Marten Seemann
- Re: [quicwg/base-drafts] Allow server to enforce … Marten Seemann
- Re: [quicwg/base-drafts] Allow server to enforce … Martin Thomson
- Re: [quicwg/base-drafts] Allow server to enforce … Kazuho Oku
- Re: [quicwg/base-drafts] Allow server to enforce … Lucas Pardue
- Re: [quicwg/base-drafts] Allow server to enforce … Jana Iyengar