IETF Logo Mail Archive

[quicwg/base-drafts] clarify that old keys should always be dropped (#2191)

Marten Seemann <notifications@github.com> Sat, 15 December 2018 06:35 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6A82128CF3 for <quic-issues@ietfa.amsl.com>; Fri, 14 Dec 2018 22:35:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.459
X-Spam-Level:
X-Spam-Status: No, score=-9.459 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jVuuILlXMmCE for <quic-issues@ietfa.amsl.com>; Fri, 14 Dec 2018 22:35:28 -0800 (PST)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C09D312008A for <quic-issues@ietf.org>; Fri, 14 Dec 2018 22:35:27 -0800 (PST)
Date: Fri, 14 Dec 2018 22:35:26 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1544855726; bh=CPjN0LOwN/N3MwGfp4Xx658iHp7EwkuI5I2cOjZwt28=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=hgwevlBXvS2mNDfkgcksPv8K/Z+Tp6H7QfhgPbAYh9mtw8veuElxMXXSpKunlM4y/ D1ccmxf92cj7tnIqpArVtmFmX6TicpEj3gM2Fn8Ph2QxpZykSJRUS5L1a6H+E8dGLG LUCU/eYiOssWp9a/UWaqaxlPX7uaRJbBHrfLUK9I=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4aba593ebee4ec2dd08b3f6e36241d183bebed965ad92cf00000001182c62ae92a169ce175386ef@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2191@github.com>
Subject: [quicwg/base-drafts] clarify that old keys should always be dropped (#2191)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c14a0ae5f2cc_b973f870b0d45b8193189"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/CVRDGOXV85vPsH2U3Qr9ZpZJjIk>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Dec 2018 06:35:30 -0000

The old text said
> Keys and their corresponding secrets SHOULD be discarded when an endpoint has
received all packets with packet numbers lower than the lowest packet number
used for the new key. An endpoint might discard keys if it determines that the
length of the delay to affected packets is excessive.

A peer typically can't know when it received all packets with packet numbers lower than the lowest packet number used for the new key, since packets might have been lost or packet number might have been skipped. Dropping old keys shouldn't be a "might", it should be a SHOULD.
You can view, comment on, or merge this pull request online at:

  https://github.com/quicwg/base-drafts/pull/2191

-- Commit Summary --

  * clarify that old keys should always be dropped

-- File Changes --

    M draft-ietf-quic-tls.md (15)

-- Patch Links --

https://github.com/quicwg/base-drafts/pull/2191.patch
https://github.com/quicwg/base-drafts/pull/2191.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2191

v2.36.0 | Report a Bug | By Email | System Status