Re: [quicwg/base-drafts] Rework Key Update (#2237)

martinduke <> Wed, 20 March 2019 19:45 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9F911127873 for <>; Wed, 20 Mar 2019 12:45:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.384
X-Spam-Status: No, score=-6.384 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id yQ3Oey3efSlJ for <>; Wed, 20 Mar 2019 12:45:18 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B74CE12008F for <>; Wed, 20 Mar 2019 12:45:17 -0700 (PDT)
Date: Wed, 20 Mar 2019 12:45:16 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1553111116; bh=/yd+stjAt61bdeeU3ejwho966E5Rw5O346bCZn+ELf4=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=B+v+RgDVkBQgXwaaWo3RZ/cBPNv9/Ro2VJ2a+c9T1LWI8f85MIURFTAwYHsfVxuWs 19IhEtJz0gwZAHP+Gv0NrTiQfpdcTwIwkHszlOiPpeTTGkNb2wiov4SYAHNtPrlxLX c7e9s1mRW9nUjs+QSqvetySUztee+u4oyjc5GGPY=
From: martinduke <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2237/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Rework Key Update (#2237)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c92984ce6e1e_62333fbe146d45b894192"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 20 Mar 2019 19:45:20 -0000

I thought we were moving towards *key* separation between QUIC and TCP/TLS, but not *secret* separation. Even with key update, we get key separation when using the quic labels for key and iv, and I see no reason to also worry about the label when we update the secret.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: