Return-Path: Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id DA68EC0051 for ; Mon, 24 Aug 2020 20:33:49 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id C4B6488320 for ; Mon, 24 Aug 2020 20:33:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a4gxCCt7Il4t for ; Mon, 24 Aug 2020 20:33:48 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by hemlock.osuosl.org (Postfix) with ESMTPS id A55B788301 for ; Mon, 24 Aug 2020 20:33:48 +0000 (UTC) Received: by mail-pj1-f47.google.com with SMTP id n3so193118pjq.1 for ; Mon, 24 Aug 2020 13:33:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=voskuil-org.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=gCMEnYmqnUT0FE6ixSVjSyJ5w0cGUQH2u76EuEaN+4Q=; b=pASqSd2L5G1ztFLdRcPXJbNmedi6UwL6kw2liaAf951orUf62nA1ZgRi6Ar1O5581o Vgg8UwdTNmExbtcKMwUEgsANxxH1Xb0BIpx1UfaKBFijC6k+I29/r7qnmGmu4N9JWJzJ Bp8GZj8bi1oc6/HU87WLsx/nY4CgG7YgLTjpb9XGIvW5e5hIa3Oh1+VYDvzwOsgvalpt 6t7e+lwfgceo0F4GX2i93VdPYMOaCRRSj89qi+PPlT3fus+/w1q4RV1UP3+KaPN780yD q0bUxnePtrWYVdAUhUtgktkQkvwoLjRprjpuQlDpQdGwh/0w3G9CSh+86ck9u6VzKgkc pX6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=gCMEnYmqnUT0FE6ixSVjSyJ5w0cGUQH2u76EuEaN+4Q=; b=qMZxmy0COWXRiDa9KnznMzq4LuckZsqcRhUPFrsHzsUiYjCIGrQYNcTGp7DBCYrv4H KeJO7y264a8OTgFQNTgogBKDsdCQ3Zrx7QiY5M67j9l1J++AOFd8C35JhFqw+ClRKDS8 /h2sX6H8YJ/rPthrBUVnNcc2tWVQ0cEZFLhYTdSwKvBVBfgHmZb17qYpsinTC6Zhe7UC ZT6Or7qkIaVCJqB3KAnJxSmiwwLvJdxDjDNG7bFHHTntIvSJYjqFDvF258avvC1xKNtl l6X/35wowTm/IgcdOI6gzPMZj3+N7GH5TYQTyO2pJ1x+Bsa5lrZtLAE70cM1dcSH8mk1 675w== X-Gm-Message-State: AOAM533+N9illR4R8ppZcaGCkIRRjDGqOXQSfY/VcCaieu3qSO9yFXWM X0ymhxOi1sNkenE8eLbj/e6wgQ== X-Google-Smtp-Source: ABdhPJyRx/JOj5tRtDap7U4gfJEfWw8xW5PsYnSG4fR9sdccFqBmlBgKKn5ZhupU0pQJa4iMT5dwKg== X-Received: by 2002:a17:90b:784:: with SMTP id l4mr774024pjz.96.1598301228148; Mon, 24 Aug 2020 13:33:48 -0700 (PDT) Received: from ?IPv6:2600:380:705e:6b65:8d01:1dee:2537:4ab1? ([2600:380:705e:6b65:8d01:1dee:2537:4ab1]) by smtp.gmail.com with ESMTPSA id z15sm10656448pgz.13.2020.08.24.13.33.46 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 24 Aug 2020 13:33:47 -0700 (PDT) Content-Type: multipart/alternative; boundary=Apple-Mail-643A9781-4A7F-48A5-9F56-2391D62C4996 Content-Transfer-Encoding: 7bit From: Eric Voskuil Mime-Version: 1.0 (1.0) Date: Mon, 24 Aug 2020 13:33:46 -0700 Message-Id: References: In-Reply-To: To: Jeremy X-Mailer: iPhone Mail (17G80) X-Mailman-Approved-At: Mon, 24 Aug 2020 20:36:22 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Generalizing feature negotiation when new p2p connections are setup X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Aug 2020 20:33:50 -0000 --Apple-Mail-643A9781-4A7F-48A5-9F56-2391D62C4996 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable I see no requirement for anything here apart from exchanging a list of suppo= rted =E2=80=9Cfeatures=E2=80=9D. Conditionally hiding a feature provides no b= enefit. Any peer that wants it can get it (obfuscation being weak security),= and otherwise it=E2=80=99s a non-issue. e > On Aug 24, 2020, at 13:22, Jeremy wrote: >=20 >> On Mon, Aug 24, 2020 at 1:17 PM Eric Voskuil wrote: >> I said security, not privacy. You are in fact exposing the feature to any= node that wants to negotiate for it. if you don=E2=80=99t want to expose th= e buggy feature, then disable it. Otherwise you cannot prevent peers from ac= cessing it. Presumably peers prefer the new feature if they support it, so t= here is no need for this complexity. >=20 > I interpreted " This seems to imply a security benefit (I can=E2=80=99t di= scern any other rationale for this complexity). It should be clear that this= is no more than trivially weak obfuscation and not worth complicating the p= rotocol to achieve.", to be about obfuscation and therefore privacy. >=20 > The functionality that I'm mentioning might not be buggy, it might just no= t support peers who don't support another feature. You can always disconnect= a peer who sends a message that you didn't handshake on (or maybe we should= elbow bump given the times). --Apple-Mail-643A9781-4A7F-48A5-9F56-2391D62C4996 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
I see no requirement for a= nything here apart from exchanging a list of supported =E2=80=9Cfeatures=E2=80= =9D. Conditionally hiding a feature provides no benefit. Any peer that wants= it can get it (obfuscation being weak security), and otherwise it=E2=80=99s= a non-issue.

e

On Aug 24, 2= 020, at 13:22, Jeremy <jlrubin@mit.edu> wrote:
<= blockquote type=3D"cite">

On Mon, Aug 24, 2020 at 1= :17 PM Eric Voskuil <eric@voskuil.org= > wrote:
I said security, not privacy. You are in fa= ct exposing the feature to any node that wants to negotiate for it. if you d= on=E2=80=99t want to expose the buggy feature, then disable it. Otherwise yo= u cannot prevent peers from accessing it. Presumably peers prefer the new fe= ature if they support it, so there is no need for this complexity.

I interpret= ed " This seems to imply a security benefit (I can=E2=80=99t discern any other=20= rationale for this complexity). It should be clear that this is no more=20 than trivially weak obfuscation and not worth complicating the protocol=20 to achieve.", to be about obfuscation and therefore privacy.

The functionality that I'm mentioning might not be buggy, it might just= not support peers who don't support another feature. You can always disconn= ect a peer who sends a message that you didn't handshake on (or maybe we sho= uld elbow bump given the times).
= --Apple-Mail-643A9781-4A7F-48A5-9F56-2391D62C4996--