Re: [quicwg/base-drafts] Handshake loss recovery interacts poorly with amplification attack defense (#1764)

MikkelFJ <> Sun, 23 September 2018 06:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5FEC2130E89 for <>; Sat, 22 Sep 2018 23:04:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id c7YhQWmWtozD for <>; Sat, 22 Sep 2018 23:04:41 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id EB829130DDD for <>; Sat, 22 Sep 2018 23:04:40 -0700 (PDT)
Date: Sat, 22 Sep 2018 23:04:39 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1537682679; bh=dRmb26OwriRu6JyVNYf8vHfZZThHStW61QJfntnHXR0=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=0dIO6tpZKFSle5p6IItQZntiAMj237IluzUwN9GUlXnCCMs2dyv4Z0uvo7GNDoXdq Xhyco/SUL4zUF1e5DADxkmy+IrrCZW6r/ZqF2t0HMQt19gniPv5NYgT6qYuFQ/N5tg VLtSnWQFCSimg0hgfmgahqusfwnb6SNHbJcbmPQo=
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/1764/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Handshake loss recovery interacts poorly with amplification attack defense (#1764)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ba72cf7b1990_781e3fcf58ad45b42367e0"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 23 Sep 2018 06:04:46 -0000

What if the server is just counting packets? Then some clients would not be inclined to send a full initial packet, but the smallest possible that will convince the server to proceed. The server would just increment the count and ignore duplicates.

What if the server incorrectly fails to count packets that are considered duplicates - so handshakes still hang - i.e. specific advice is needed to prevent this?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: