On Tue, Jun 13, 2023 at 3:21 PM Marten Seemann <[email protected]> wrote:
> It might not be safe to use the ACK Delay received in an Initial packet. > An attacker could rewrite the value such that the client's RTT estimate > becomes very close to zero, which would lead to very short retransmission > timers. > I don't think this is the case. Applying ACK Delay can't reduce the RTT estimate below min_rtt, and min_rtt is set based on observed RTT without delay adjustment. (https://www.rfc-editor.org/rfc/rfc9002#section-5.3-7.4) An attacker can, at worst, reduce the RTT estimate to min_rtt.
