-
Notifications
You must be signed in to change notification settings - Fork 365
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Matching of plain request and DTLS response #142
Comments
The idea here was that the transport layer may indeed attach some context information in the response (even if the request was sent via UDP). However, in this case, we simply do not care. |
My understanding was:
Any example?
Depending on the "token" definition (unique per directed connection/unique per peer for outgoing), there may be missinterpretations. So someone using DTLS relays on its secure mapping but would wrongely be delivered to a unsecure request. |
I agree if we replace
The transport layer might include information about the path MTU determined for the peer or whatever. The point is: not all information contained in the context is necessarily security related. |
Hm, so should we check, if the request has no context, if the response context is "secure"? |
If the request has no context then we only need to check whether the source of the response is the same as the destination of the request, right? |
Seems, that, if the request is sent in plain, its not checked, that the response is also plain.
May be this is not really important, but its also no big issue.
So, does anbody depend on that behavior?
The text was updated successfully, but these errors were encountered: