IETF Logo Mail Archive

Re: Questions about Version Negotiation Concerning Possible Handshake Interruption

<alexandre.ferrieux@orange.com> Sat, 10 February 2018 08:34 UTC

Return-Path: <alexandre.ferrieux@orange.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 094A71274D2 for <quic@ietfa.amsl.com>; Sat, 10 Feb 2018 00:34:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.321
X-Spam-Level:
X-Spam-Status: No, score=-0.321 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FORGED_MUA_MOZILLA=2.309, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F2MB69bFJ09j for <quic@ietfa.amsl.com>; Sat, 10 Feb 2018 00:34:47 -0800 (PST)
Received: from orange.com (mta134.mail.business.static.orange.com [80.12.70.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1F081243F6 for <quic@ietf.org>; Sat, 10 Feb 2018 00:34:46 -0800 (PST)
Received: from opfednr01.francetelecom.fr (unknown [xx.xx.xx.65]) by opfednr22.francetelecom.fr (ESMTP service) with ESMTP id 0C12921253; Sat, 10 Feb 2018 09:34:45 +0100 (CET)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.3]) by opfednr01.francetelecom.fr (ESMTP service) with ESMTP id DFD481A0054; Sat, 10 Feb 2018 09:34:44 +0100 (CET)
Received: from lat6466.rd.francetelecom.fr (10.168.234.4) by OPEXCLILM5D.corporate.adroot.infra.ftgroup (10.114.31.3) with Microsoft SMTP Server (TLS) id 14.3.382.0; Sat, 10 Feb 2018 09:34:44 +0100
Message-ID: <6937_1518251684_5A7EAEA4_6937_191_1_5A7EAEA5.2000605@orange.com>
Date: Sat, 10 Feb 2018 09:34:45 +0100
From: alexandre.ferrieux@orange.com
Organization: Orange
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:8.0) Gecko/20111113 Thunderbird/8.0
MIME-Version: 1.0
To: Christian Huitema <huitema@huitema.net>
CC: Lingmo Zhu <zlm2006@gmail.com>, Mikkel Fahnøe Jø rgensen <mikkelfj@gmail.com>, Kazuho Oku <kazuhooku@gmail.com>, "quic@ietf.org" <quic@ietf.org>, Martin Thomson <martin.thomson@gmail.com>
Subject: Re: Questions about Version Negotiation Concerning Possible Handshake Interruption
References: <1d386744-c46a-842a-b172-24e290e03668@gmail.com> <CABkgnnVRn+1sNZQFB8BZc4VyzN5usLmYJ3xLo+p2uTeW_0Ji_Q@mail.gmail.com> <CAN1APdfpJ0rYPPiOgfcdDRx3noh+YYvJatP0MYTqRRXMBwF6pA@mail.gmail.com> <3d558827-f2a7-877c-e00a-d6a22ef241c5@gmail.com> <CANatvzzZEuJ3TY=+0BMLqbBE5mScG_Jnrypg3xkciykOX78G8A@mail.gmail.com> <CAN1APdfov8Q3E+5NkT5pmMeU=eB=fsnDFe_=BK7TDE0TpXD3yA@mail.gmail.com> <142211e0-c7c9-642f-69ef-5f0d722b77cc@gmail.com> <529ac475-5291-2b2e-acf9-05efe720d584@huitema.net>
In-Reply-To: <529ac475-5291-2b2e-acf9-05efe720d584@huitema.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.168.234.4]
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/hMVZAK3saZbd-06dVd8ueuJkypQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Feb 2018 08:34:48 -0000

On 10/02/2018 07:24, Christian Huitema wrote:
>
>
> On 2/9/2018 3:06 PM, Lingmo Zhu wrote:
>>
>>  IMHO we can see that such interference is pretty easy to be used and
>>  it could leading to aborted QUIC connection and probably a fallback to
>>  any old approach for higher level protocol. Even virus targeting home
>>  routers could do that, without gov involved. For what outcome, I think
>>  it's pretty simple: forcing higher level protocol fallback to other
>>  transport protocol. Since QUIC has been designed much more secure than
>>  older protocols, it could be hard to do some eavesdropping or
>>  hijacking. But if fallback happens, it would be another story.
>>  Considering DNS over QUIC, a virus-infected home router could
>>  interfere with QUIC handshake cause fallback to TLS, then RST may
>>  cause fallback to clear text, which is easy to be hijacked and leads
>>  client to some phishing site.
>>
>
> In theory, it should be possible to protect against "man on the side"
> attacks. Do some kind of speculative execution on the first packet that
> you receive, but also keep the context available for some time in case a
> "better" packet comes later. With that approach, the attacker could not
> just inject a "packet of death"; they will also need to suppress the
> correct response from the actual server. That's an interesting idea.
> Have you tried some experiments?

Alternatively, what about a "no fallback" mode for sensitive applications like DNS ?

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email