Re: [quicwg/base-drafts] Recommend discarding bad, unauthentication packets (#2141)

MikkelFJ <> Thu, 13 December 2018 16:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0286D128CFD for <>; Thu, 13 Dec 2018 08:02:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -9.459
X-Spam-Status: No, score=-9.459 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EMB1_WLQmBbi for <>; Thu, 13 Dec 2018 08:02:26 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0D970128CB7 for <>; Thu, 13 Dec 2018 08:02:26 -0800 (PST)
Date: Thu, 13 Dec 2018 08:02:25 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1544716945; bh=dD1vFdKAnNVcoBmHvLJ0zZ1KnK7cgNvG7la9W2jcFq0=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=BN6L/B0kDUFO2CPOGtrveOgEs2+e/uTBJ1Tu/UerXr53gzCJDZGsPVGPYQh+uhacH NdrMt1IwhGJf6wcBTh/mabG8t15JVtQ6HqiZ+eAXQYIdyxobcYUaxuS7wUVye443rp J/l9j9nxxnI2sjrrudw14Ia2Rx1/ZvVaex9lVRYY=
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2141/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Recommend discarding bad, unauthentication packets (#2141)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c12829132be4_2fb13fa5de8d45b43618d3"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 13 Dec 2018 16:02:29 -0000

mikkelfj commented on this pull request.

> @@ -1000,6 +1000,12 @@ to more quickly identify when a connection becomes unusable.
 Packets that are matched to an existing connection, but for which the endpoint
 cannot remove packet protection, are discarded.
+Invalid packets without packet protection, such as Initial, Retry, or Version
+Negotiation, SHOULD be discarded without altering connection state.  An endpoint

When I say can't close, I mean you should drop packets. Or close if you already affected state as the PR says - even if injection because you can no longer trust yourself - therefore you need to validate carefully before applying state, especially during handshake. You definitely shouldn't try to recover.

That said, perhaps we need to clarify exactly when we switch from dropping to closing. You need to have established a secure line of communication. Bogus TLS can be injection attacks as well as endpoint sourced nonsense.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: