These changes look fine. Mostly. I'm really concerned about shipping a protocol that enables the sorts of attacks that connection IDs enable. I think that we should discuss that issue when we meet. I know that Hannes' new draft is an attempt to tackle this issue, but that's a long way from being done. If we ship a spec with this hole, it will only be usable in certain narrow contexts, like with ICE, where this really isn't a concern anyway.
This is something we are grappling with in QUIC too. A good design that handles migration to new network paths is non-trivial. Adding a connection ID is just the smallest and easiest part. But it leaves the protocol in the worst possible state. Functionally, you can move to a new path. And everything works fine, unless you have an attacker. But without any further defense, you are completely exposed to that attacker, both to the connection being denied service and to being used for amplification attacks. Nit: Search for "use the with" in the newly added text. On Mon, Jul 15, 2019, at 13:19, Joseph Salowey wrote: > This the working group last call for > draft-ietf-tls-dtls-connection-id-06. The diff between the version that > was last called (-03) and the current version can be found here: > https://tools.ietf.org/rfcdiff?url2=draft-ietf-tls-dtls-connection-id-06.txt&url1=draft-ietf-tls-dtls-connection-id-03 > > Please focus your review on the changes since the previous last call > and send comments to the list by July 22, 2019. > > Thanks, > > C,S & J > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls > _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
