IETF Logo Mail Archive

[quicwg/base-drafts] handling of KeyUpdate in other epochs are specified in RFC 8446, do not override (#4412)

Kazuho Oku <notifications@github.com> Sun, 29 November 2020 04:38 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D27B83A1068 for <quic-issues@ietfa.amsl.com>; Sat, 28 Nov 2020 20:38:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.099
X-Spam-Level:
X-Spam-Status: No, score=-3.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qMdf3gh7jDwH for <quic-issues@ietfa.amsl.com>; Sat, 28 Nov 2020 20:38:13 -0800 (PST)
Received: from smtp.github.com (out-17.smtp.github.com [192.30.252.200]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 651563A0FD8 for <quic-issues@ietf.org>; Sat, 28 Nov 2020 20:38:13 -0800 (PST)
Received: from github.com (hubbernetes-node-c708c29.va3-iad.github.net [10.48.109.45]) by smtp.github.com (Postfix) with ESMTPA id 8116A5C0030 for <quic-issues@ietf.org>; Sat, 28 Nov 2020 20:38:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1606624692; bh=nu5GDfXfuK3TbeA+OsGzXq4mLyZEdA0X0e+09mV/ofs=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=PEhQypT7/Xb+2l88Ek0JAtC7MqKdnqymYAevEPmNlXNM1JYlx4ohkNyCah/FgkHsE SHb3ShuTQEXL+LCM4uX23yKjEcLwBwScKXhxaUBVJhjbkOqbOSd0Tyv35pqu4EbDxI HBtoFKBMgrkFQbZLDo8Nb9MDxOOkNIPWOU9RlmLI=
Date: Sat, 28 Nov 2020 20:38:12 -0800
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKYUJXRJJE3LDAMQMIF5Z4DLJEVBNHHCZX3BKQ@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/4412@github.com>
Subject: [quicwg/base-drafts] handling of KeyUpdate in other epochs are specified in RFC 8446, do not override (#4412)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5fc325b47dbd9_630119b42569e4"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/0kOXaQ4R8r21wJeQoa_EEtVpph4>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Nov 2020 04:38:15 -0000

QUIC-TLS defines some &quot;adjustments&quot;(https://quicwg.org/base-drafts/draft-ietf-quic-tls.html#name-quic-specific-adjustments-t) to TLS 1.3.

As they are adjustments, we are updating TLS only when necessary. However, discussion in #4410 seems to have revealed one corner case that is ambiguous. This PR addresses that problem.

To be specific, TLS 1.3 defines the necessary action when an endpoint receives KeyUpdate massage in epoch other than 1-RTT. However, current statement in QUIC-TLS can be read as if it is updating that. This PR makes it clear that the &quot;adjustment&quot; applies to only when the use of KeyUpdate is permitted by TLS 1.3 but not in QUIC-TLS.

Closes #4410.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/4412

-- Commit Summary --

  * handling of KeyUpdate in other epochs are specified in RFC 8446, do not override

-- File Changes --

    M draft-ietf-quic-tls.md (4)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/4412.patch
https://github.com/quicwg/base-drafts/pull/4412.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/4412

v2.23.0 | Report a Bug | By Email