[quicwg/base-drafts] 39c57e: Perform stateless reset token comparisons in const...
Martin Thomson <noreply@github.com> Tue, 15 October 2019 23:45 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0619512081A for <quic-issues@ietfa.amsl.com>; Tue, 15 Oct 2019 16:45:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2NIytCMmz9ao for <quic-issues@ietfa.amsl.com>; Tue, 15 Oct 2019 16:45:56 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD5911207FC for <quic-issues@ietf.org>; Tue, 15 Oct 2019 16:45:55 -0700 (PDT)
Date: Tue, 15 Oct 2019 16:45:54 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1571183154; bh=jLCsdXvREjOy8HUkxvorhKqrfIyCZE59pL9rv082Rjo=; h=Date:From:To:Subject:From; b=vnRf05YOgxUh57veyFNxX+rMYRQiWEdVV8tZkQ72fn5183B5ljBHJ5lRkwrIf56hk QFvAYJjp6RB3WIZ8QBnJnVxdGCVRU3JJUHak8Qqy3//g9XOaK/QiHTzKhC4dG7nmXW 4O0ThdzAzM1ZL+3i+0yMnnvLiYVDRcxMYaVmy7I8=
From: Martin Thomson <noreply@github.com>
To: quic-issues@ietf.org
Message-ID: <quicwg/base-drafts/push/refs/heads/ct-sr/b5dba2-59a823@github.com>
Subject: [quicwg/base-drafts] 39c57e: Perform stateless reset token comparisons in const...
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-Auto-Response-Suppress: All
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/s7VEjLXDA7jMKILmjkAfacvI8as>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Oct 2019 23:45:58 -0000
Branch: refs/heads/ct-sr Home: https://github.com/quicwg/base-drafts Commit: 39c57edf6215964673155837dcf97880cac2fb63 https://github.com/quicwg/base-drafts/commit/39c57edf6215964673155837dcf97880cac2fb63 Author: Martin Thomson <martin.thomson@gmail.com> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Perform stateless reset token comparisons in constant time Otherwise information about the token might leak. As @mikkelfj says, there is no strict need to compare across the entire set of values. That could leaks two things: that the inbound packet was dropped and the total number of stateless reset tokens. Both are things that we might care about, but will probably find prohibitive to protect. Closes #2152. Commit: c42516d7681ebbd61839bf83910dd37fc05465b1 https://github.com/quicwg/base-drafts/commit/c42516d7681ebbd61839bf83910dd37fc05465b1 Author: Martin Thomson <martin.thomson@gmail.com> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Be a little clearer about what is being protected Commit: 3bd85b455bad9d6e6196f6f04454701661d077f8 https://github.com/quicwg/base-drafts/commit/3bd85b455bad9d6e6196f6f04454701661d077f8 Author: Kazuho Oku <kazuhooku@gmail.com> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- add example that uses PRF Commit: 03979a0235d6fd3ff79555911c79bc5c10e2b61a https://github.com/quicwg/base-drafts/commit/03979a0235d6fd3ff79555911c79bc5c10e2b61a Author: Martin Thomson <mt@lowentropy.net> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Fix stateless reset ordering; use datagrams This removes the strict requirement on processing order for stateless reset. This allows endpoints to decide whether to process every packet this way or to just treat those that fail to be processed for other reasons. This also switches to detection on a *datagram* basis. Closes #3085. Commit: 354183119367ddc2f08ae4604c1323600d5bfe4c https://github.com/quicwg/base-drafts/commit/354183119367ddc2f08ae4604c1323600d5bfe4c Author: Martin Thomson <mt@lowentropy.net> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Reword again Commit: 562ac4e7deaf80d50082f89507e72d9b5b71ecc6 https://github.com/quicwg/base-drafts/commit/562ac4e7deaf80d50082f89507e72d9b5b71ecc6 Author: Martin Thomson <mt@lowentropy.net> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- duplicates are just duplicate packet numbers Co-Authored-By: Jana Iyengar <jri.ietf@gmail.com> Commit: a5ecd238daf0f59a35460085c8b05a2c6011243a https://github.com/quicwg/base-drafts/commit/a5ecd238daf0f59a35460085c8b05a2c6011243a Author: Martin Thomson <mt@lowentropy.net> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- compares Co-Authored-By: Jana Iyengar <jri.ietf@gmail.com> Commit: 0b654d69abd679010d3640b7a63d8488bc81f0ff https://github.com/quicwg/base-drafts/commit/0b654d69abd679010d3640b7a63d8488bc81f0ff Author: Martin Thomson <mt@lowentropy.net> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- any packet Commit: 59a8238dd289a5c7e54a40ca9a791227ae69284d https://github.com/quicwg/base-drafts/commit/59a8238dd289a5c7e54a40ca9a791227ae69284d Author: Martin Thomson <mt@lowentropy.net> Date: 2019-10-15 (Tue, 15 Oct 2019) Changed paths: M draft-ietf-quic-transport.md Log Message: ----------- Apply Jana's suggestion Compare: https://github.com/quicwg/base-drafts/compare/b5dba271d4bd...59a8238dd289
- [quicwg/base-drafts] 39c57e: Perform stateless re… Martin Thomson