Re: [quicwg/base-drafts] Rewrite key update section (#3050)

Kazuho Oku <> Mon, 04 November 2019 01:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 526B4120144 for <>; Sun, 3 Nov 2019 17:07:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TctogeLNlyS4 for <>; Sun, 3 Nov 2019 17:07:06 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B86131200EB for <>; Sun, 3 Nov 2019 17:07:06 -0800 (PST)
Date: Sun, 03 Nov 2019 17:07:06 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1572829626; bh=i9eJNuupbeIBW3mjRgWlRlNiNYCXaHU6cqjgrNZpPyM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=n73aKqXwrUO7JeY6HDxtiFhDndtsxn2dpOh1RhjQgkCdTF0CbxfQa83kC7NPHvlxx OtlJXo1sl1yFlIs+Xj5fy4Tf4LSs4kXdHTRCtNAwcFtWsEercp6yyn6pSIyeGd97/I lKZa4Xjl7R9XweTe9oW+JIB5mJTuuk6Uzz/vrp8c=
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3050/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Rewrite key update section (#3050)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5dbf79ba4f84_46a73fada7ecd96838979c"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 04 Nov 2019 01:07:08 -0000

kazuho commented on this pull request.

-The KEY_PHASE bit allows a recipient to detect a change in keying material
-without necessarily needing to receive the first packet that triggered the
-change.  An endpoint that notices a changed KEY_PHASE bit can update keys and
-decrypt the packet that contains the changed bit.
+The Key Phase bit indicates which packet protection keys are used to protect the
+packet.  The Key Phase bit is initially set to 0 for the first set of 1-RTT
+packets and toggled to signal each subsequent key update.

Yeah that's true, but it's like filling a land mine that would explode once we change the definition of handshake complete.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: