Re: [quicwg/base-drafts] NEW_TOKEN token and encryption (#2543)

Erik Sy <> Tue, 16 April 2019 08:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 65BE41204A7 for <>; Tue, 16 Apr 2019 01:57:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.597
X-Spam-Status: No, score=-6.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5ktf_QUyiRdk for <>; Tue, 16 Apr 2019 01:57:17 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5163312047C for <>; Tue, 16 Apr 2019 01:57:17 -0700 (PDT)
Date: Tue, 16 Apr 2019 01:57:16 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1555405036; bh=eYe8Zc8jH2+IW/j/4wz0iBA3feMk90ixstmg7D+9QEE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Mrxqu+zXat42CdfMIGd3zdeYxBSvWiDz1ks4RmoNEuEwSjd/g61rw7RUMuz/5ZLw+ PhUC41p9oVTX2v3+Umte/W8xnCAKUbz0HwS3JJ5B0lo1MI0o+dDqPo90PWKCdRWMaS tHlHuL+u1wMcQXGaNpRR7Fb6HM8HpzREaVYDGz3Y=
From: Erik Sy <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2543/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] NEW_TOKEN token and encryption (#2543)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cb598ec6f09c_64603f83be0d45b83552bd"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kirsey
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 16 Apr 2019 08:57:27 -0000

I was asked to move #2587 here. I miss the point, that the server SHOULD NOT construct the same token multiple times because this leads to additional scenarios where tracking by a network observer becomes feasible. The referenced PR does not fix this problem.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: