From c3828d3f165f0380ec60388942515ba5b189bd78 Mon Sep 17 00:00:00 2001 From: martinduke Date: Tue, 13 Nov 2018 14:32:46 -0800 Subject: [PATCH 1/2] Refine minimum DCID length of Initial This is meant to almost entirely mitigate #1810 by making sure that the reply to a VN packet ends up at the same server. It reduces the spurious downgrade attack signal to a corner case of a corner case. It is much more lightweight than alternatives, if we're looking for a minimum-footprint change. --- draft-ietf-quic-transport.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index b88199aa8a..7e24622d83 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -1318,6 +1318,11 @@ packet is received from the server, the client MUST use the same value unless it abandons the connection attempt and starts a new one. The initial Destination Connection ID is used to determine packet protection keys for Initial packets. +A client SHOULD select a Destination Connection ID length long enough to fulfill +the minimum for every QUIC version it supports. This makes it easier to detect +version downgrade attacks, by increasing the chance Initial packets are routed +to the same server. + The client populates the Source Connection ID field with a value of its choosing and sets the SCIL field to match. From ecd2d27cd6deb13f731646f30570fdc3cb9f1ed9 Mon Sep 17 00:00:00 2001 From: martinduke Date: Tue, 13 Nov 2018 20:58:54 -0800 Subject: [PATCH 2/2] Address MT's comment? --- draft-ietf-quic-transport.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 7e24622d83..430bb7d685 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -1319,9 +1319,8 @@ abandons the connection attempt and starts a new one. The initial Destination Connection ID is used to determine packet protection keys for Initial packets. A client SHOULD select a Destination Connection ID length long enough to fulfill -the minimum for every QUIC version it supports. This makes it easier to detect -version downgrade attacks, by increasing the chance Initial packets are routed -to the same server. +the minimum for every QUIC version it supports. This increases the chance +subsequent Initial packets are routed to the same server. The client populates the Source Connection ID field with a value of its choosing and sets the SCIL field to match.