Re: [quicwg/base-drafts] Connection migration must be negotiated (#1271)

Praveen Balasubramanian <notifications@github.com> Fri, 06 April 2018 18:18 UTC

Date: Fri, 06 Apr 2018 18:17:23 +0000
From: Praveen Balasubramanian <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abe19cfb6a34cfb40513062ecb86abc8976c4f22ac92cf0000000116df7bb392a169ce129955d7@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1271/379334910@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1271@github.com>
References: <quicwg/base-drafts/issues/1271@github.com>
Subject: Re: [quicwg/base-drafts] Connection migration must be negotiated (#1271)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ac7b9b39cdc6_292253faabb252f381987d8"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/qOTFoXz7M9gpVSt1AlS3HndM4Qg>

>>My main concern is that implementations, especially server implementations, MUST implement migration support, even if they allow it to be configured "off".
There is unfortunately no way to enforce this. Regardless of server support or infra issue the server must be able to veto this. I also think since QUIC has very poor signaling for DDoS prevention, server infra may dynamically start rejection migrations when under attack.

NAT re-binding can be solved by keep-alives and existing load balancers allow 2-tuple load balancing for UDP which means a NAT-rebinding where the port changes will not suffer the same issue.



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1271#issuecomment-379334910

Re: [quicwg/base-drafts] Connection migration opt… Martin Thomson
Re: [quicwg/base-drafts] Connection migration opt… erickinnear
Re: [quicwg/base-drafts] Connection migration opt… janaiyengar
Re: [quicwg/base-drafts] Connection migration opt… Mike Bishop
Re: [quicwg/base-drafts] Connection migration opt… erickinnear
Re: [quicwg/base-drafts] Connection migration opt… erickinnear
Re: [quicwg/base-drafts] Connection migration opt… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration opt… Tommy Pauly
Re: [quicwg/base-drafts] Connection migration opt… erickinnear
[quicwg/base-drafts] Connection migration must be… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration mus… Nick Banks
Re: [quicwg/base-drafts] Connection migration mus… ianswett
Re: [quicwg/base-drafts] Connection migration mus… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration mus… Tommy Pauly
Re: [quicwg/base-drafts] Connection migration mus… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration mus… Tommy Pauly
Re: [quicwg/base-drafts] Connection migration mus… Nick Banks
Re: [quicwg/base-drafts] Connection migration mus… Mike Bishop
Re: [quicwg/base-drafts] Connection migration mus… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration mus… Nick Banks
Re: [quicwg/base-drafts] Connection migration mus… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration mus… ianswett
Re: [quicwg/base-drafts] Connection migration mus… Ryan Hamilton
Re: [quicwg/base-drafts] Connection migration mus… ekr
Re: [quicwg/base-drafts] Connection migration mus… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration mus… Martin Thomson
Re: [quicwg/base-drafts] Connection migration opt… Kazuho Oku
Re: [quicwg/base-drafts] Connection migration opt… ianswett
Re: [quicwg/base-drafts] Connection migration opt… Praveen Balasubramanian
Re: [quicwg/base-drafts] Connection migration opt… Nick Banks