Comments (1)
francoismichel
commented on July 30, 2024
There are a few commands, especially monitoring ones, that would indeed benefit from a further-reduced connection establishment time thanks to 0-RTT while still being safe.
0RTT data exchanged over an HTTP/3 connection must be replay-safe, as an on-path attacker could simply replay 0-RTT packets which could allow replaying the executed commands (we don't want an attacker to replay our recently issued apt-get upgrade or worse 😄).
In the same idea, HTTP defines the GET, HEAD, OPTIONS and TRACE method as a replay-safe method to be used with 0-RTT. The CONNECT method used by SSH3 is not replay safe, but we could allow a user to define a set of replay-safe, idempotent commands that could be issued in single-command, non-interactive sessions using 0-RTT. That could be helpful for monitoring purposes, for instance. (e.g., issuing the df or free command. We discuss it a bit in our SSH3 article whose preprint is available here, Section 6.2: https://arxiv.org/pdf/2312.08396.pdf.
from ssh3.
Related Issues (20)
- Certs by SPIRE
- Implement mTLS
- Remove unnecessary HTTP layer HOT 3
- Unable to install on Termux HOT 3
- Erratic behavior when SSH-ing with IPv6 hosts HOT 1
- [BeforeSuite] [FAILED] [8.752 seconds]
- Add support for passkeys HOT 2
- SSH version 3 exists already (known as SSH G3 since 2005) HOT 1
- proxy-jump error HOT 17
- SSH Agent forwarding does not work
- Not an IETF draft (yet) HOT 1
- Using a different QUIC implementation HOT 2
- Rename SSH3 => SSHH3 ? HOT 26
- BUG: Insufficient locking in cmd/ssh3-server HOT 1
- Access denied from the server: unauthorized HOT 3
- Debian packaging build failures HOT 1
- add support for PKCS11 HOT 2
- the connection was closed by the application: INTERNAL_ERROR ... sendmsg: invalid argument HOT 2
- Any concept/idea to share with NGINX/SSL port 443? HOT 7
- Too low OIDC information for debugging HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh3.