Re: [quicwg/base-drafts] Encrypting Retry token (#3274)
Praveen Balasubramanian <notifications@github.com> Sat, 07 December 2019 13:31 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42837120024 for <quic-issues@ietfa.amsl.com>; Sat, 7 Dec 2019 05:31:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.454
X-Spam-Level:
X-Spam-Status: No, score=-6.454 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNfuaJpY7xSj for <quic-issues@ietfa.amsl.com>; Sat, 7 Dec 2019 05:31:49 -0800 (PST)
Received: from out-19.smtp.github.com (out-19.smtp.github.com [192.30.252.202]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0199120219 for <quic-issues@ietf.org>; Sat, 7 Dec 2019 05:31:43 -0800 (PST)
Received: from github-lowworker-c5134a3.ac4-iad.github.net (github-lowworker-c5134a3.ac4-iad.github.net [10.52.23.55]) by smtp.github.com (Postfix) with ESMTP id 85BB65208A7 for <quic-issues@ietf.org>; Sat, 7 Dec 2019 05:31:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1575725502; bh=+VrtH/s/I0R8k4/yRBRJecY/bfkuqSMmIUJwTScnJ1Y=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Gq6hNrSW+H9Uzh96lkDj9vupzrtIRyx+VKaWrs47GX+zz1uxgo8AEn4mL9Ak5u4qo SXwDJ2GTzzJ4qjXTAmuByp8WcDJQXq0CYD53yXsSHvrI3U2nFR7KPj/Chs1gtgZuRo wimO2M+YjQyU1cTPbSFKESCM/dQcqdwXqGe80VS0=
Date: Sat, 07 Dec 2019 05:31:42 -0800
From: Praveen Balasubramanian <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK55YC6OCDCZV7UD3KN37DOD5EVBNHHB7CUNWA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3274/562851528@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3274@github.com>
References: <quicwg/base-drafts/issues/3274@github.com>
Subject: Re: [quicwg/base-drafts] Encrypting Retry token (#3274)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5deba9be6abd9_8fb3fa8408cd96c1260a4"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: pravb
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/sRS_a2Wd3sxIKWAqfonnBPDUT1g>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Dec 2019 13:31:51 -0000
I too think anything more than a checksum is unnecessary here. For a corner case scenario where there is NATting, we should not make the common case expensive. Given this is a DoS protection scenario when the system is deemed to be under attack, the mechanism we pick must be the least CPU intensive. My vote is to just keep simple checksum. Anything more is unnecessary because no need has been demonstrated for it. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/3274#issuecomment-562851528
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- [quicwg/base-drafts] Encrypting Retry token (#327… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… Kazuho Oku
- Re: [quicwg/base-drafts] Encrypting Retry token (… Kazuho Oku
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… David Schinazi
- Re: [quicwg/base-drafts] Encrypting Retry token (… ekr
- Re: [quicwg/base-drafts] Encrypting Retry token (… Dmitri Tikhonov
- Re: [quicwg/base-drafts] Encrypting Retry token (… ekr
- Re: [quicwg/base-drafts] Encrypting Retry token (… Nick Banks
- Re: [quicwg/base-drafts] Encrypting Retry token (… Nick Banks
- Re: [quicwg/base-drafts] Encrypting Retry token (… Jana Iyengar
- Re: [quicwg/base-drafts] Encrypting Retry token (… Christian Huitema
- Re: [quicwg/base-drafts] Encrypting Retry token (… David Schinazi
- Re: [quicwg/base-drafts] Encrypting Retry token (… Praveen Balasubramanian
- Re: [quicwg/base-drafts] Encrypting Retry token (… MikkelFJ
- Re: [quicwg/base-drafts] Encrypting Retry token (… ianswett
- Re: [quicwg/base-drafts] Encrypting Retry token (… MikkelFJ
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… MikkelFJ
- Re: [quicwg/base-drafts] Encrypting Retry token (… MikkelFJ
- Re: [quicwg/base-drafts] Encrypting Retry token (… Martin Thomson
- Re: [quicwg/base-drafts] Encrypting Retry token (… Kazuho Oku
- Re: [quicwg/base-drafts] Encrypting Retry token (… martinduke
- Re: [quicwg/base-drafts] Encrypting Retry token (… Jana Iyengar
- Re: [quicwg/base-drafts] Encrypting Retry token (… ekr
- Re: [quicwg/base-drafts] Encrypting Retry token (… Jana Iyengar