Re: [quicwg/base-drafts] Consider simplifying Packet Number Encryption (#1575)

David Schinazi <> Sat, 29 September 2018 17:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E8D86130DCB for <>; Sat, 29 Sep 2018 10:38:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ykHOMILj0UU6 for <>; Sat, 29 Sep 2018 10:38:06 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 909101286D9 for <>; Sat, 29 Sep 2018 10:38:06 -0700 (PDT)
Date: Sat, 29 Sep 2018 10:38:05 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1538242685; bh=3+2tDaYyn7NbFBBgTN01ppPJKvGdiHan1k6icWFadso=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=We1CKKxVUdlnUgoQNQUhD9xHF2H5YcPleTyGmVY/3j2D7mrHFjqFOO+F/o/kHd0KP E3QAIb6+NtAu/5201Grqru7FtPciLnHn/j1J+Sbtnm70WTqUcIxd1fylX39QPVIrBF W6apcYbqzI66vc1D5KdBVwMkdwfQpx5YNRffAvew=
From: David Schinazi <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/1575/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Consider simplifying Packet Number Encryption (#1575)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bafb87d454c3_71f53fb14dcd45b81586fe"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: DavidSchinazi
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 29 Sep 2018 17:38:09 -0000

I think requiring 3 octets of frames is more restrictive that we need to be. I would prefer saying that QUIC packets MUST verify `length(packet number) + length(payload) >= 4`, and if implementors want to do that by always ensuring 3 bytes of frames that's fine.

I meant that we XOR over the payload if the packet number length is < 4. When we're encrypting the PN, I'm not sure the distinction between PN and payload is relevant - there's nothing wrong with changing the start of the payload in my mind. And it simplifies the implementation.

But we can put this on hold until we've landed on what the PN encoding looks like.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: