Closed emanjon closed 1 year ago
emanjon
commented
2 years ago How does the attacks in draft-ietf-core-attacks-on-coap and the mitigations (Request-tag and ETag processing) defined in RFC 9175 apply to the Q-Block1 and Q-Block2 Options defined in 9177?
emanjon
commented
2 years ago @chrysn can you make an update describing how the attacks applies or do not applies to Q-Block1 and Q-Block2 Options defined in 9177?
chrysn
commented
1 year ago I'll take that one (and see what is left of #3 after doing that); my current assumption (which I'll check) is that the attack applies likewise. Then, the new text would say "This is about 7959 blockwise transfer. It applies likewise to 9177" (if that is true).
emanjon
commented
1 year ago @chrysn Achim made the general comment:
With a list of preconditions it would be easier to see, if a system is affected by that attack or not.
Check if preconditions for the fragment attack is stated clearly enough.
emanjon
commented
1 year ago @chrysn @gselander
Do you think we could fix and close #2 and #3 and submit next week?
chrysn
commented
1 year ago Sorry it took longer; there is now https://github.com/core-wg/attacks-on-coap/pull/8.
Check if preconditions for the fragment attack is stated clearly enough.
The section "Attack difficulty" that lists preconditions was already added after Achim's 2022-02 comments, and I think suffices.
chrysn
commented
1 year ago Having checked the original comment: I think that once #8 is merged, this issue can be closed.
emanjon
commented
1 year ago Closing as #8 has been mergerd
Mohamed Boucadair https://mailarchive.ietf.org/arch/msg/core/4czSZYmRgMVgRA2d8mVpGUBwD0w/
It would helpful to explicit in Section 2.1 that this is about 7959, not the new block (to-be-RFC9177). Assessing the case of the new-block would be useful as well.