Re: [quicwg/base-drafts] TLS MUST NOT deliver server 1RTT Rx keys until getting Finished (#3173)

Kazuho Oku <> Thu, 31 October 2019 05:32 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D88BC120119 for <>; Wed, 30 Oct 2019 22:32:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.381
X-Spam-Status: No, score=-6.381 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ndlu2ELIPiud for <>; Wed, 30 Oct 2019 22:32:17 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 41ABD120115 for <>; Wed, 30 Oct 2019 22:32:17 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 3E51C520145 for <>; Wed, 30 Oct 2019 22:32:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1572499936; bh=1oFuUaoCwbqffriPDXQuaZ9kSVTo7Ne9KVdpJUkEmJk=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=TsO3JjGmik7HuXWp+e9vqH5oARW+0MpfqpVNFEVdM6+8qUD++IJGaRXnnEgVV1VEm D/fXbt6n7WIB92LehFJl6+OFwfAY7Zkg+r1gAteDm1wvG6eL9M5+f51mPI8ULc/STB V04Rr+kmKlGmJQnX4Ng8PqOCZtTA26lUL71sKp8A=
Date: Wed, 30 Oct 2019 22:32:16 -0700
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3173/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] TLS MUST NOT deliver server 1RTT Rx keys until getting Finished (#3173)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dba71e02f420_7a403f85858cd9689232bc"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 31 Oct 2019 05:32:19 -0000

I think it's worth noting this, though I tend to agree with @martinthomson that we cannot write this down using an normative language because that is a requirement of TLS.

That said, I actually wonder if we can have a section discussing Implementation Pitfalls. TLS 1.3 has an appendix dedicated to that (see [RFC 8446, Appendix C](])), and it has been extremely helpful to me. I think it would be nice to have something like that in the QUIC drafts.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: