Re: [quicwg/base-drafts] Discard Initial keys as soon as possible (#2045)

Christian Huitema <> Mon, 26 November 2018 19:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 01F4F130F59 for <>; Mon, 26 Nov 2018 11:15:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id EmOs79jCrv9e for <>; Mon, 26 Nov 2018 11:15:55 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8CBF7130E9E for <>; Mon, 26 Nov 2018 11:15:55 -0800 (PST)
Date: Mon, 26 Nov 2018 11:15:54 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1543259754; bh=GBlkR6dZVIj76ity00UuaiXn5pju1io4lMUIsQHSRvc=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=s8C7Ov4n+yIEdSuW/a626W3XhvHOace6XFK6B6rjDURpqGYXvHvvW7He27iLAnyUu O+kHyajHuYFxTfTqj6zzeRyYFOdrrRFH/NuLMUtumfBd4nmoHtht6Xu84hcDMU+6rc c3Uoxer5f0BGHwRUURZ3/Cjy6o6PzvMlfVQd5y6I=
From: Christian Huitema <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2045/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Discard Initial keys as soon as possible (#2045)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bfc466acc7a7_50663fa5e3ad45bc6044af"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 26 Nov 2018 19:15:57 -0000

@ianswett the main problem with "no ACK" is that we will need special handling of retransmissions on the server. The server would need to trigger retransmission of Initial packets upon reception of a duplicate CH, and that's clearly some new ad hoc code. 

Also, what if the server does not like any of the key shares proposed in the Client Hello? Client sends CH1, server replies with HRR, client sends a modified CH2, server sends SH. If the client repeats CH1, the server should repeat HRR; if the client repeats CH2, the server needs to repeat the CH. I assume this could work if the client always coalesced an ACK with CH2, but this coalescing is optional, not mandated.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: