On 02/11/17 23:34, Martin Thomson wrote: > On Fri, Nov 3, 2017 at 3:32 AM, Matt Caswell <m...@openssl.org> wrote: >> Just skimming this old thread...doesn't this fail in the case where the >> five tuple has been reused? In that case five_tuples.lookup will return >> an old stale connection which the server thinks is still valid so we >> never get to lookup the connection id. With an explicit marking we would >> not fail in this scenario. > > I'm assuming that once a connection is closed (or moved), the entry is > removed. There's some fudging needed there for migrations (it might > be in two places at once for a while), but I don't see a significant > problem. (Note that I didn't include the update parts of this code - > when a packet decrypts successfully, you need to update the > five_tuples list.) >
Imagine the scenario where you have a large number of clients sitting behind a NAT middlebox talking to a server. If the NAT crashes/reboots then all of the associations are lost and the server will not know to remove any of them from its table. It then seems highly likely that a tuple will get reused with stale connections in the server's table. It was my understanding that it is precisely this sort of problem that this draft was attempting to address. Explicit marking would solve this. Matt _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls