Re: Wrong level protection ACKs: why not an error

Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Tue, 29 May 2018 19:38 UTC

Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC5A312EBD7 for <quic@ietfa.amsl.com>; Tue, 29 May 2018 12:38:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tz9OvMlg0nDh for <quic@ietfa.amsl.com>; Tue, 29 May 2018 12:38:42 -0700 (PDT)
Received: from mail-io0-x229.google.com (mail-io0-x229.google.com [IPv6:2607:f8b0:4001:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EA9412EB4F for <quic@ietf.org>; Tue, 29 May 2018 12:38:42 -0700 (PDT)
Received: by mail-io0-x229.google.com with SMTP id e15-v6so10628670iog.1 for <quic@ietf.org>; Tue, 29 May 2018 12:38:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to; bh=CkCeiC+Jo0ec3q40nsb4J0cOBXrPZ02IJmmVsh72uqs=; b=GUB9TdW80hx8xjZsZI8w2iheGWAQNlde62KRWk82uTMCQ7GLr6lDeeBJNOAjaeCN34 SshXVddIBG8l98RqPW+ENr+Mn0lmxPg4R2Ms/iPO8bG87YMadkYV90cp0/UFff1atsB1 PAgYA/41rEKBkdWSqECvRU39ouidO6vidNNwAVGK8h6BbQJhjFjtl6c/1nIXvImsDsgf k9+Ff3IxOQS7+VnCV/WQj6isH5Ow3okWfZtH1PA3fYyis/UdYLZc3TwjPtjmTJSVKGSt 1L6ZZD/p+pfb+EUTeFwi28JppHVsIAUP9llNl8RJvR1dCo9XAMGw8GL+7VDSI1vZKkXf e80A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to; bh=CkCeiC+Jo0ec3q40nsb4J0cOBXrPZ02IJmmVsh72uqs=; b=Fwo126j3HwnIVKOv63uvXkG7DEb48/AQFNJV6vGlUcH5uacwsxdEYhMcjK5E9qFqU9 aswZeDjRUNu34ylSt75d4Vp9ZFa5mL2gbhrza62uYvvMY5zegFLQmVdCcfY8HYwCNcER v0iv4phBud7X2hjyd5JlcHbJOcAa9bwmwDkkqdL0JeeJ7qXpv09JZQeCsPNlAYilmp4+ Lcg9czxTNPJYZYu+VOeXjFzNDRkUo4GF3MgLDL9YZn/GFLcyTJjiqPJpk4rsJfwpC8Sm YR9lVEiIljNP1D5VgJNCXDiaqQEQxInQp8kgMrmb1eCqH/T+ha9Pw0wfcpiTUqMgVELs 5doA==
X-Gm-Message-State: ALKqPwft6Lv6BXsIh9zag+tigsLmTPLLFYbD/ghCPzgsr8c+8P6z0Q7U S3JgD2KZ7V5P16G0VW6yceAstdHwk4BIhrgZ1B4=
X-Google-Smtp-Source: ADUXVKLdZ8l02Y2JOdRd/ksK7IpkJUws4MeyCHQdo3nTqsLsSCBf0PizpW9lN2USMPKCMJxTPNzKMISZ0CFHkCKkZmE=
X-Received: by 2002:a6b:39d4:: with SMTP id g203-v6mr16944191ioa.165.1527622721384; Tue, 29 May 2018 12:38:41 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Tue, 29 May 2018 12:38:40 -0700
From: =?UTF-8?Q?Mikkel_Fahn=C3=B8e_J=C3=B8rgensen?= <mikkelfj@gmail.com>
In-Reply-To: <20180529193427.GA2500@ubuntu-dmitri>
References: <20180529193427.GA2500@ubuntu-dmitri>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Tue, 29 May 2018 12:38:40 -0700
Message-ID: <CAN1APdcpMmVVDydLNErfJKfa6_fH8LPWfNzaupi_Kxx+qA-Jxw@mail.gmail.com>
Subject: Re: Wrong level protection ACKs: why not an error
To: Dmitri Tikhonov <dtikhonov@litespeedtech.com>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a8bd26056d5d61d6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/lRp23T3RpWtjekKWmGvmGpbcT0w>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2018 19:38:50 -0000

Anything in early handshake it is vulnerable to attacks.
It is better to drop ill-formed packets than allowing them to interrupt the
handshake since you can’t be sure who the sender is.


On 29 May 2018 at 21.35.01, Dmitri Tikhonov (dtikhonov@litespeedtech.com)
wrote:

The Draft states:

A packet that is not protected and claims to acknowledge a packet
number that was sent with packet protection is not valid. An
unprotected packet that carries acknowledgments for protected packets
MUST be discarded in its entirety.

This seems odd. Why is this not a connection error? Do we expect
the peer not to be able to construct a valid ACK?

- Dmitri.