IETF Logo Mail Archive

RE: How does a server identify a new connection?

"Lubashev, Igor" <ilubashe@akamai.com> Thu, 29 November 2018 21:38 UTC

Return-Path: <ilubashe@akamai.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6B39130DF2 for <quic@ietfa.amsl.com>; Thu, 29 Nov 2018 13:38:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.161
X-Spam-Level:
X-Spam-Status: No, score=-4.161 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OG0x_hUdlDsK for <quic@ietfa.amsl.com>; Thu, 29 Nov 2018 13:38:36 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32850126DBF for <quic@ietf.org>; Thu, 29 Nov 2018 13:38:36 -0800 (PST)
Received: from pps.filterd (m0122332.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id wATLauZI032226; Thu, 29 Nov 2018 21:38:25 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=jan2016.eng; bh=IpgInQT6c5EKv9E82LYfq6RF6BGT0UuoS2nGSalN1mc=; b=ivm8VlGPonqwadZIkLQfaJ3Gi4ZnHQAKT4riOdNb84a/14W1OahDqYtgTxlRIxhI/Btg 3luJVNWyE+yXQZwQYAY3R0qMb7teckUKPXYrPEKcAJtLkQjmOD/u5O1Smo2JXhar9VTF xPEBrdRg8EALqJf3SHys+qy/NAHeApbnUxEO61A/ExbqlweMebjfswZowUwW87NRBtg3 RYD/h3lwDoEsTPj0ACqtfkL5lHVoAFL4/j1InYEThEeL0p9vW3dREF+L/OefEMpCsgRC 9BrB2Fp4KfJpEW3nQf9ch8lGeJ5n3kCSeLAYxH74jCC79QF19SDhv1WanhHWoLHtuviF yw==
Received: from prod-mail-ppoint3 (a96-6-114-86.deploy.static.akamaitechnologies.com [96.6.114.86] (may be forged)) by mx0a-00190b01.pphosted.com with ESMTP id 2p271wu5cd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 29 Nov 2018 21:38:25 +0000
Received: from pps.filterd (prod-mail-ppoint3.akamai.com [127.0.0.1]) by prod-mail-ppoint3.akamai.com (8.16.0.21/8.16.0.21) with SMTP id wATLZh5E012996; Thu, 29 Nov 2018 16:38:24 -0500
Received: from email.msg.corp.akamai.com ([172.27.25.34]) by prod-mail-ppoint3.akamai.com with ESMTP id 2ny2v1qfdq-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 29 Nov 2018 16:38:23 -0500
Received: from USTX2EX-DAG1MB5.msg.corp.akamai.com (172.27.27.105) by ustx2ex-dag1mb4.msg.corp.akamai.com (172.27.27.104) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Thu, 29 Nov 2018 15:36:21 -0600
Received: from USTX2EX-DAG1MB5.msg.corp.akamai.com ([172.27.27.105]) by ustx2ex-dag1mb5.msg.corp.akamai.com ([172.27.27.105]) with mapi id 15.00.1365.000; Thu, 29 Nov 2018 15:36:21 -0600
From: "Lubashev, Igor" <ilubashe@akamai.com>
To: Christian Huitema <huitema@huitema.net>, Mike Bishop <mbishop@evequefou.be>, Kazuho Oku <kazuhooku@gmail.com>, Martin Thomson <martin.thomson@gmail.com>
CC: IETF QUIC WG <quic@ietf.org>
Subject: RE: How does a server identify a new connection?
Thread-Topic: How does a server identify a new connection?
Thread-Index: AQHUh4vL20WMBlDxlkGATHQiX0E9d6VmbmCAgAABMACAAAKMgIAAAw8AgABxJlCAAJyTAIAAGbsA//+fB5A=
Date: Thu, 29 Nov 2018 21:36:20 +0000
Message-ID: <5e0e15b3942244f9b14e540f7baba53c@ustx2ex-dag1mb5.msg.corp.akamai.com>
References: <CANatvzzaW-y6y6qN-K4W91WL+3A0fV3SLbOqcq5+SB=qXDpRXw@mail.gmail.com> <CABkgnnV9ONF5LEuCnpy8BsOHnFGidFbVKoMOeM9EohabMBMV6A@mail.gmail.com> <CANatvzxyUm86dNYAwiXeY_xHtcQBKuVWxa_3=9rgmFJtC4u+yw@mail.gmail.com> <CABkgnnUwK37q7jMSiKseJJtWUN1dxv-uV3M9btdjNurHw_NG9w@mail.gmail.com> <CANatvzxDcBz77F07wnJyPnHwJCj08DhbVi_2wtWYquroZtODxg@mail.gmail.com> <67268dd11a054e6eb7101abaafb0faa8@ustx2ex-dag1mb5.msg.corp.akamai.com> <CY4PR22MB09837FF9D76CA77FCAA0E808DAD20@CY4PR22MB0983.namprd22.prod.outlook.com> <4eaba056-b1b1-ed08-d65c-db0374e26648@huitema.net>
In-Reply-To: <4eaba056-b1b1-ed08-d65c-db0374e26648@huitema.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.35.252]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-11-29_13:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=918 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1811290181
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-11-29_13:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=912 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1811290181
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/eeWGSgbH4YMTb-W027W2Kmcwubg>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Nov 2018 21:38:38 -0000

> -----Original Message-----
> From: Christian Huitema <huitema@huitema.net>
> 
> On 11/29/2018 11:06 AM, Mike Bishop wrote:
> 
> > For the first property, Igor’s idea seems sensible.  If the initial
> > DCID were a hash of the unencrypted packet payload, that doesn’t
> > require interpreting the ClientHello, just the bytes at the transport.
> > Then the server would accept Initials with either this property or a
> > valid token from a Retry.
> 
> This is making the assumption that if the client repeats an Initial packet, the
> content will be exactly the same. I know that this is false in at least one case:
> the first UDP packet contains a short Initial packet coalesced with a 0-RTT
> packet; the repeated Initial packet contains a long Initial packet, padded up
> to the required length.
> 
> If you want to make that work, you want the DCID to be a hash of the crypto
> frame inside the Initial packet.

I am not sure I see why the coalesced packet matters, since the protection is for the integrity of the Initial QUIC packet only (not the entire UDP datagram).  It seems to be better to protect the entire packet and not just the crypto frame(s).


> But I don't understand very well how that's
> supposed to be verified by the server. Do we want to specify a default hash
> algorithm?

The server would need to know the algorithm used.  Any cryptographic hash function would do, but it would need to be specified.

The downside, of course, is another case of multi-path encryption: plaintext -> DCID -> initial packet encryption.

- Igor

v2.23.0 | Report a Bug | By Email