Re: Review of draft-thomson-http-replay-latest

On Fri, Aug 4, 2017 at 2:52 AM, Martin Thomson <>
> Let me walk this back a little.  I sat down and tried to see how
> inconsistent application of the defenses could be exploited and I drew
> a blank.  It looks like the concerns here largely devolve to whether
> actions taken have side-effects.
> We could probably simplify the position then and say that if the
> request is safe to process, then that needs to be constant - different
> nodes at different times can't reach different conclusions.  That's
> the consistency we need.  If we don't have that, then an attacker can
> go shopping for someone to exploit.

I am fine with requiring the resource having to be either always safe, or
always unsafe, including:
 1. Requiring this to be consistent across small-term timescales, and path
    through which the request gets processed.
 2. Banning resources which process the same request differently based on
    whether it was received through 0-RTT or 1-RTT ("processing" here means
    not rejecting).

I assume this means we no longer need to be able to find the early data
on the wire?

Received on Friday, 4 August 2017 19:58:48 UTC