Re: [quicwg/base-drafts] Packet Number Must Be Decrypted to Read Initial Token Field (#1492)

Kazuho Oku <> Wed, 27 June 2018 22:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CA9C8130E2C for <>; Wed, 27 Jun 2018 15:07:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.01
X-Spam-Status: No, score=-8.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id A-9oAJuJ8fao for <>; Wed, 27 Jun 2018 15:07:48 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C2480124BE5 for <>; Wed, 27 Jun 2018 15:07:48 -0700 (PDT)
Date: Wed, 27 Jun 2018 15:07:47 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1530137268; bh=nva7y9QTD+4w+jOBgatplFAEnnPfHIA2dGEa2kNYZgQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=av7yzIng4ibsrjhZEQ9/l97Inc/PUNPRBDf1biohQoZBZPuaYqXtDzvlfICW5xZe3 /1dCQ/4bZIsqokHZzVebFrVMupkUeMJ7a1lr7bVoWUYTBGdE4h38aV1Ko+IQHMG9I9 mZ0OP5ZqwlBqndkGKfjgFr6eZ6YbDOFphk/Qi3tk=
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/1492/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Packet Number Must Be Decrypted to Read Initial Token Field (#1492)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b340ab3f276e_4d913fd915848f7c5834f"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 27 Jun 2018 22:07:51 -0000

@ianswett @martinthomson Isn't the issue about the format of the *Initial* packet, not about *Retry*?

I agree with @nibanks that the current format of the Initial packet that places token after packet number is incorrect, for two reasons:
* token is not a good source of randomness for PNE
* token should be accessible by middleboxes that do not want to deal with PNE

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: