IETF Logo Mail Archive

[quicwg/base-drafts] Servers can't migrate. Period. (#2031)

Martin Thomson <notifications@github.com> Wed, 21 November 2018 04:48 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BADCE130E7A for <quic-issues@ietfa.amsl.com>; Tue, 20 Nov 2018 20:48:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.47
X-Spam-Level:
X-Spam-Status: No, score=-8.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sUdEQkIfVrfr for <quic-issues@ietfa.amsl.com>; Tue, 20 Nov 2018 20:48:42 -0800 (PST)
Received: from out-11.smtp.github.com (out-11.smtp.github.com [192.30.254.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AA4F127333 for <quic-issues@ietf.org>; Tue, 20 Nov 2018 20:48:42 -0800 (PST)
Date: Tue, 20 Nov 2018 20:48:40 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1542775721; bh=uIsyWYF4deTCVDome5NMqOwbMF6MGGnZfq6tllgImH8=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=YlJYAeKgE/ASYyxspOH5zpxlg/yoAr/9RmCSQ3K+YKSV5pruoxJ+5v6oO1KVLhDNM F2S9faZNrg+1OnQR8LrTJl25UaycPvVW2oHChdvVMaDK5fSqJ5LY4TgW2iUuubGNKP QaeKLn5SV4OGIrc7QIcDaoiFChpjCypV1YSPEubo=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab1e7131a63ed59e982fdbee01a6e4090b84c9c3ee92cf00000001180ca5a892a169ce16d36b25@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2031@github.com>
Subject: [quicwg/base-drafts] Servers can't migrate. Period. (#2031)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bf4e3a8d07bb_45673f8cbf4d45b4119639"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/qmiG9rp4z1YDcufvPifLDtpu-a0>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 04:48:44 -0000

This was a bit weak in the past, but it is part of our defense strategy for attacks on migration and rebinding.  Not that this totally prevents attack, but it means that an attacker looking to force a migration has to observe and race packets sent by both endpoints if this is true.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/2031

-- Commit Summary --

  * Servers can't migrate.  Period.

-- File Changes --

    M draft-ietf-quic-transport.md (2)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/2031.patch
https://github.com/quicwg/base-drafts/pull/2031.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2031

v2.23.0 | Report a Bug | By Email