Re: [quicwg/base-drafts] Client's initial source CID is unauthenticated (#1479)

Kazuho Oku <notifications@github.com> Wed, 27 June 2018 04:30 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EFD913116C for <quic-issues@ietfa.amsl.com>; Tue, 26 Jun 2018 21:30:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.01
X-Spam-Level:
X-Spam-Status: No, score=-8.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZzzPwA4sFKHz for <quic-issues@ietfa.amsl.com>; Tue, 26 Jun 2018 21:30:02 -0700 (PDT)
Received: from out-3.smtp.github.com (out-3.smtp.github.com [192.30.252.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 780D5130F2D for <quic-issues@ietf.org>; Tue, 26 Jun 2018 21:30:02 -0700 (PDT)
Date: Tue, 26 Jun 2018 21:30:01 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1530073801; bh=JGM3ViMSNzXs4N7t2JSlC0Q4yjZkrvBcf9R1d+zresg=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=FxaKiwXimGUqE0pyq92o/rd3LMA+zJJ3jluogQwPJw+InACqaL92tytksf9hFLQNu gTnFV3cgqZJS6AhVaywKUl4JpvXCYwwygS8tVt1cGGScJ1dN0BpkTCwqqjf/kgcWzA FujDHT1u5ukRVAbWOXTdqLn5c7YGS4y3Oom5Nh9s=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab1bd4f5e3d84229d9ef057565d0f1e50b7a6dbaf392cf00000001174ad4c992a169ce1403e20c@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1479/400539297@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1479@github.com>
References: <quicwg/base-drafts/issues/1479@github.com>
Subject: Re: [quicwg/base-drafts] Client's initial source CID is unauthenticated (#1479)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b3312c9d18c4_65753fef47482f80113570"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/zkbpEHGhQB4kRIuQ8C9VYwz9_MQ>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jun 2018 04:30:10 -0000

> Regarding the IP address authentication, is that statement true considering Retry packets and tokens? Isn't one point of the Retry packet to validate the client source address?

Yeah I'd say that the server "validates" the path, but it doesn't "authenticate" the path by asking the client prove that it has selected that IP address (which is impossible for a client to prove when NAT is involved).

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/1479#issuecomment-400539297