Re: [quicwg/base-drafts] Encrypting Retry token (#3274)

Kazuho Oku <> Thu, 28 November 2019 03:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 76CB4120116 for <>; Wed, 27 Nov 2019 19:34:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.454
X-Spam-Status: No, score=-6.454 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id cDADF1WBCZ7L for <>; Wed, 27 Nov 2019 19:34:13 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F3E95120956 for <>; Wed, 27 Nov 2019 19:34:12 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 17DCBA06CD for <>; Wed, 27 Nov 2019 19:34:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1574912052; bh=ZpLJ1vsvJXP9RRxgSs32c3p57ZIw3965GsudOX3flOE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=EzlzmbUPtSiiNCHRKQnywTlBpNpZckcYaLVezQTWEUu7Tk7ueItT86YvY/VIPILya dUJ7UF/6htazDpdGw9zy00MpEFQxoI3GBRLpmZUHqZVX3xtTOAO8YxkQTzb0PIf2L6 PpqyqeqkEx4Lp5JQC6FoQCoXMhBLg+m3NrGzTJ2E=
Date: Wed, 27 Nov 2019 19:34:12 -0800
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3274/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Encrypting Retry token (#3274)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ddf403488b2_1a073fdba26cd960407993"; charset=UTF-8
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 28 Nov 2019 03:34:14 -0000

Regarding the numbers, Martin, thank you for collecting them.

I think that the benchmark confirms our expectation that the cost of running AES (based on fixed key, with different nonce) does not matter when a conventional CPU with AES offloading is used.

Though I think the other question might be if we can require all the DDoS mitigation boxes to be capable of running AES fast.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: