Re: PONG (was Re: Why do DATA frames have padding?) from Roberto Peon on 2014-05-07 (ietf-http-wg@w3.org from April to June 2014)

From: Roberto Peon <grmocg@gmail.com>
Date: Wed, 7 May 2014 13:16:16 -0700
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Mike Bishop <Michael.Bishop@microsoft.com>, Greg Wilkins <gregw@intalio.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <CAP+FsNe5xL1A9=H-EV63+gSVewQdL9jxutLLKBVJQ=t8fLUiyA@mail.gmail.com>

You'd also have to correctly guess the value of the payload that was/would
have been included in the PING.
If the party sending PINGs always uses a random int64, there is a
1/1.8*10^19 chance that you can mess something up.

-=R

On Wed, May 7, 2014 at 1:09 PM, Martin Thomson <martin.thomson@gmail.com>wrote:

> On 7 May 2014 12:51, Mike Bishop <Michael.Bishop@microsoft.com> wrote:
> > Heh -- sending a PING response without having gotten a PING in the first
> place (or yet, if it's in flight) has the potential to mess with many state
> machines....  That's an interesting attack.
>
> Well, it is if you maintain state for PING like that.
>
> More seriously, if you had not considered this option, it's
> conceivable that others won't.  Is this something we need to patch in
> the spec?
>
>

Received on Wednesday, 7 May 2014 20:16:43 UTC