IETF Logo Mail Archive

Re: [quicwg/base-drafts] Let server abort on post-Retry packet number reset (#3990)

Jana Iyengar <notifications@github.com> Fri, 28 August 2020 20:19 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B53E43A0B8B for <quic-issues@ietfa.amsl.com>; Fri, 28 Aug 2020 13:19:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.483
X-Spam-Level:
X-Spam-Status: No, score=-1.483 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id urd2NSjpN4PU for <quic-issues@ietfa.amsl.com>; Fri, 28 Aug 2020 13:19:24 -0700 (PDT)
Received: from out-26.smtp.github.com (out-26.smtp.github.com [192.30.252.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 807CE3A09F7 for <quic-issues@ietf.org>; Fri, 28 Aug 2020 13:19:24 -0700 (PDT)
Received: from github-lowworker-5fb2734.va3-iad.github.net (github-lowworker-5fb2734.va3-iad.github.net [10.48.19.27]) by smtp.github.com (Postfix) with ESMTP id A8CF85E0048 for <quic-issues@ietf.org>; Fri, 28 Aug 2020 13:19:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1598645963; bh=1gQlSaBLznOPkmIE8Q8VsxCegQ5q3mzdueOZR0hYKwg=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=wQI7zOOQvsH7dlegKJ00+VBiYmMSTr7FoVa41ArdH8mlh72f7nN91bmJSgx5P0AZk YzLAqdyoF2ZljX6Vuy54qPEkP8nxQVwqo/66wjtLwZs5jLXOpPATM98DlK8GpZ32rU hN7seNrhrl9SPW8RXpnEVFMfPoeHPPNs9iWYdjHA=
Date: Fri, 28 Aug 2020 13:19:23 -0700
From: Jana Iyengar <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK22WDOQBNLYK2R25HV5KVD4XEVBNHHCQTEK7Y@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3990/review/478002646@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3990@github.com>
References: <quicwg/base-drafts/pull/3990@github.com>
Subject: Re: [quicwg/base-drafts] Let server abort on post-Retry packet number reset (#3990)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f4966cb98088_33fe1964733f1"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: janaiyengar
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/sIrwyiT_j21k6uvRrvnE_eW7tuo>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2020 20:19:26 -0000

@janaiyengar commented on this pull request.



> @@ -4807,6 +4807,8 @@ responding to a Retry packet. However, the data sent in these packets could be
 different than what was sent earlier. Sending these new packets with the same
 packet number is likely to compromise the packet protection for those packets
 because the same key and nonce could be used to protect different content.
+A server MAY abort the connection if it detects that the client reset the

We certainly don't mention a general rule anywhere, but we can't stop an endpoint from enforcing MUSTs on its own. I think it's useful to explicitly call it out out here because this is the sort of place where we want to call explicit attention. 

I would have liked a SHOULD here, but calling it out with a MAY is still useful I think.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3990#discussion_r479516271

v2.23.0 | Report a Bug | By Email