IETF Logo Mail Archive

Re: [quicwg/base-drafts] Remove amplification throttle if the server receives Initial that echoes its high entropy SCID. (#3834)

MikkelFJ <notifications@github.com> Wed, 22 July 2020 07:18 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3B833A0E9D for <quic-issues@ietfa.amsl.com>; Wed, 22 Jul 2020 00:18:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.555
X-Spam-Level:
X-Spam-Status: No, score=-1.555 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id himzbNunrm2M for <quic-issues@ietfa.amsl.com>; Wed, 22 Jul 2020 00:18:00 -0700 (PDT)
Received: from out-11.smtp.github.com (out-11.smtp.github.com [192.30.254.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 087BD3A0E9C for <quic-issues@ietf.org>; Wed, 22 Jul 2020 00:17:59 -0700 (PDT)
Received: from github-lowworker-d93c4b6.va3-iad.github.net (github-lowworker-d93c4b6.va3-iad.github.net [10.48.17.47]) by smtp.github.com (Postfix) with ESMTP id 7989A261576 for <quic-issues@ietf.org>; Wed, 22 Jul 2020 00:17:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1595402279; bh=l6AgVhduYn2QY9VWKGqn3AbY1LBAmQuwZT3x4MGnnjo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Zun3z8lknd7pg9Xnhdevd+t7HudG8BDXsuvnOO9jmG6YQejjg9T7RTTuGLr07u/MM EhFZKvQ//owfFdE7mCyv+eQC5zio6VnOOsu2rJqpLTbPoVYZ0/SrkZQKwOtYAYvH9+ puF+vIGszzYMg5BfOA7ce2lJMPoLs4XCozHfzNdQ=
Date: Wed, 22 Jul 2020 00:17:59 -0700
From: MikkelFJ <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK5E7TMU6UTOW7DEVPN5EPESPEVBNHHCN2E4VA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/3834/662287250@github.com>
In-Reply-To: <quicwg/base-drafts/issues/3834@github.com>
References: <quicwg/base-drafts/issues/3834@github.com>
Subject: Re: [quicwg/base-drafts] Remove amplification throttle if the server receives Initial that echoes its high entropy SCID. (#3834)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f17e8273300d_5ec13fcd37ecd9681854b7"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/tWzA_9dVnKKZgQjMyt8i5dZbkOE>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 07:18:02 -0000

> Yes, the Initial padding was discussed, and I think that as it depends on the client making an assessment of the entropy present in the connection ID, it is a non-starter.

I see this concern, but consider a use case where it is expensive to send a large initial packet but the client has an a-priory key to generate trusted initial CIDs. In that case the client knows that entropy is sufficient and the server can validate the DCID. This can be done, for example, and deployment dependent, by using a blake-2b hash.

For battery powered low-power radio devices, sending large initials can be prohibitive.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/3834#issuecomment-662287250

v2.23.0 | Report a Bug | By Email