You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
5.8 says the ODCID field "mitigates an off-path attacker's ability to inject
a Retry".
First, in quic-transport you defined an off-path attacker (21.1) as someone who
can observe but not alter packets. I don't think that's what you mean here, so
please use another a term here or explicitly define what you mean in this
document. Come to think of it, there are some inconsistent usages of this term
in quic-transport as well (14.2.1,17.2.1, 17.2.2 )
Secondly, it is not clear to me what protection this offers beyond the DCID
field in the actual Retry Packet (which corresponds to the SCID of the Initial).
The text was updated successfully, but these errors were encountered:
@martinduke said:
The text was updated successfully, but these errors were encountered: