Hello, Martin,
On 17/12/20 03:07, Martin Thomson wrote:
Everything else Christian says here about QUIC is accurate. I see
nothing there that suggests a problem in need of attention. I would
also point to
https://tools.ietf.org/html/draft-ietf-quic-load-balancers for a more
nuanced treatment of the connection ID selection problem.
So, in previous exchanges, it was claimed that "there were no
implications arising from CIDs".
But the very Abstract of the document you're referencing says:
QUIC connection IDs allow continuation of connections across address/
port 4-tuple changes, and can store routing information for stateless
or low-state load balancers. They also can prevent linkability of
connections across deliberate address migration through the use of
protected communications between client and server.
That reads like privacy implications in my book. And should be part of
the core spec.
Thanks,
--
Fernando Gont
SI6 Networks
e-mail: fgont@xxxxxxxxxxxxxxx
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
--
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
