You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The contents of the "security and privacy considerations" section seems to be
advice for middlebox authors. I think that it may have been better to name the
section something else. However, there is no information that is missing, so I
don't really have any recommendations for changing things.
The text was updated successfully, but these errors were encountered:
I understand the concern, but of the options I can think of, doing nothing seems best.
I considered:
Moving this text to Section 2 (and removing the redundant point to the appendix)
Moving this text to a new section entitled "Middlebox Considerations" or some such
Doing nothing
I think we can justify this on the basis that these can be thought of as attacks. Maybe not on the protocol, or specific deployments of it, but on the ability of the protocol to evolve. Critically, these are attacks that this draft does not protect against.
Agreed. It's worth noting that this isn't a protocol document, this is documenting the unchanging aspects of the protocol. Section 1 says "The primary goal of this document is to ensure that it is possible to deploy new versions of QUIC."
Given that, it's reasonable to argue that the security considerations apply to the evolvability of QUIC.
Reviewer: Yoav Nir
Review result: Ready
The contents of the "security and privacy considerations" section seems to be
advice for middlebox authors. I think that it may have been better to name the
section something else. However, there is no information that is missing, so I
don't really have any recommendations for changing things.
The text was updated successfully, but these errors were encountered: