Re: [quicwg/base-drafts] Rules for discarding old keys (#1636)
Martin Thomson <notifications@github.com> Wed, 08 August 2018 01:51 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE55E130DC4 for <quic-issues@ietfa.amsl.com>; Tue, 7 Aug 2018 18:51:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.01
X-Spam-Level:
X-Spam-Status: No, score=-8.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0CtdfKNfPKZd for <quic-issues@ietfa.amsl.com>; Tue, 7 Aug 2018 18:51:18 -0700 (PDT)
Received: from out-2.smtp.github.com (out-2.smtp.github.com [192.30.252.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A85FA127332 for <quic-issues@ietf.org>; Tue, 7 Aug 2018 18:51:18 -0700 (PDT)
Date: Tue, 07 Aug 2018 18:51:17 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1533693077; bh=kaNGXVJ1SFhkkjHanVphkuCxD+wN5RqHtAE3IERfqZs=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=V7eqwtZstONIKcr7ZJB0FkVkWO++uxfsa97eslouvxSzD2W95p8NxcjlfSOgAztbA /Zgi2kW/pxagk7SU0Emszthv/Yj1jcJuua9ozJnmFyj3KZUsxBcQ0oscccxF1U8PT7 L0gkc++R45ntl/GJhrfx/N+2pMTe3rG9dv5ES/c8=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abaf4266632e1498128baf874686709bf61304c88392cf0000000117820e9592a169ce14c102a5@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1636/review/144243534@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1636@github.com>
References: <quicwg/base-drafts/pull/1636@github.com>
Subject: Re: [quicwg/base-drafts] Rules for discarding old keys (#1636)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b6a4c95e0946_79ad3fe9a66be62430442e"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/2yYSCdX0p5NmCAmQ5aCM6GO8DQY>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.27
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Aug 2018 01:51:21 -0000
martinthomson commented on this pull request. > +handshake, as well as when keys are updated (see {{key-update}}). + +QUIC endpoints MUST retain keys until they are no longer needed. If packets +from a lower encryption level contain CRYPTO frames, frames that retransmit that +data MUST be sent at the same encryption level. Similarly, an endpoint +generates acknowledgements for packets at the same encryption level as the +packet being acknowledged. Thus, it is possible that keys for a lower +encryption level are needed for a short time after keys for a newer encryption +level are available. + +An endpoint can only discard keys for a given encryption level only after it has +both received and acknowledged all CRYPTO frames for that encryption level and +when it has had all CRYPTO frames for that encryption level acknowledged by its +peer. However, this does not guarantee that no further packets will need to be +received or sent at that encryption level because a peer might not have received +all the acknowledgements necessary to reach the same state. Yes, I think so. The previous paragraph is intended to highlight the reasons why keys might be retained in a general sense. The second paragraph is intended to be more precise about what the requirements are. A small tweak to the lead-in of each should help emphasize the difference. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/1636#discussion_r208435074
- [quicwg/base-drafts] Rules for discarding old key… Martin Thomson
- Re: [quicwg/base-drafts] Rules for discarding old… Mike Bishop
- Re: [quicwg/base-drafts] Rules for discarding old… Martin Thomson
- Re: [quicwg/base-drafts] Rules for discarding old… Martin Thomson
- Re: [quicwg/base-drafts] Rules for discarding old… Martin Thomson
- Re: [quicwg/base-drafts] Rules for discarding old… Mike Bishop
- Re: [quicwg/base-drafts] Rules for discarding old… Martin Thomson
- Re: [quicwg/base-drafts] Rules for discarding old… Martin Thomson