Re: [quicwg/base-drafts] Add retry integrity tag (#3120)

Kazuho Oku <notifications@github.com> Fri, 15 November 2019 10:16 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B875A120111 for <quic-issues@ietfa.amsl.com>; Fri, 15 Nov 2019 02:16:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Level:
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cZAgw_JFqtv6 for <quic-issues@ietfa.amsl.com>; Fri, 15 Nov 2019 02:16:06 -0800 (PST)
Received: from out-18.smtp.github.com (out-18.smtp.github.com [192.30.252.201]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 076A21200FB for <quic-issues@ietf.org>; Fri, 15 Nov 2019 02:16:05 -0800 (PST)
Received: from github-lowworker-2ef7ba1.ac4-iad.github.net (github-lowworker-2ef7ba1.ac4-iad.github.net [10.52.16.66]) by smtp.github.com (Postfix) with ESMTP id F22A76E009D for <quic-issues@ietf.org>; Fri, 15 Nov 2019 02:16:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1573812964; bh=CHX6Lq9rd4zTqxDT2tyFyPtsRBg2ADrVGjmqwSDG5M0=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=qrsAuTG9E+a9kXfSBKKwJJnIRYN18rvTwO5sneQxpmYrYlRDexXFRLGskKJm0uorT lV5OzlMMWojn/YwF1lYyKCpdKhk7gJG8OvtZ6lfXeaVtehrn9aZmwRtGhzsHQU5NKj AQzr3bYEuU8iz5UVxXpIGWKvjp1TMkjhvx4JE/tE=
Date: Fri, 15 Nov 2019 02:16:04 -0800
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKZI74OL44QLVNDSIAN33OWWJEVBNHHB4UZE54@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3120/c554300804@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3120@github.com>
References: <quicwg/base-drafts/pull/3120@github.com>
Subject: Re: [quicwg/base-drafts] Add retry integrity tag (#3120)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dce7ae4e3dbe_6ff43fdb4cacd96c8798ba"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/pQyyqzAakeCsrhHrUd2DJAJhnnw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Nov 2019 10:16:08 -0000

@DavidSchinazi 
> the zero key can be per-version (by which I mean that QUICv1 uses a zero key, and QUICv2 can decide to use a different key)

I think we should change the Retry key for every draft version (or every time we change the Initial salt), as that would prevent ossification assuming that we would be running certain number of draft versions concurrently.

I also prefer having a non-zero salt for the upcoming draft version, as it would be an indication to the implementors that the key is a "constant", rather than zeros that endpoints might synthetically generate (e.g., by using `bzero`).

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3120#issuecomment-554300804