Re: [quicwg/base-drafts] Receiver's behavior on key update (#2791)

David Schinazi <> Wed, 19 June 2019 21:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 893941205F1 for <>; Wed, 19 Jun 2019 14:26:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.605
X-Spam-Status: No, score=-6.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aR4I3C0Gv0yg for <>; Wed, 19 Jun 2019 14:26:29 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D63B21201F8 for <>; Wed, 19 Jun 2019 14:26:28 -0700 (PDT)
Date: Wed, 19 Jun 2019 14:26:27 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1560979588; bh=ypqQroeOiHlkF0Is8NsBwX2+CBY1hQjIjxsjGgLmD6g=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=lOjTTO5OLDoL25zqOhxkVE7puVTUqd+gNzvA8zEshMEvqRrICBK1UjAJ1kv61CYk8 dwfxt89M4WK6QlvlD1h9QJo2iaC+YMsTWbSpXnhrIaZK1fwCFlWLJ77cfncHuO6kYH HVHELxheNXKaHvF0YRTc5YQgA7v7ywWHccU2SGOk=
From: David Schinazi <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2791/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Receiver's behavior on key update (#2791)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d0aa883e8be1_5ee43f7e42ecd95c81518c"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: DavidSchinazi
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 19 Jun 2019 21:26:32 -0000

@kazuho Thanks, I like the text referring to key phases and corresponding keys rather than keys directly.

However, you've dropped the requirement to immediately perform a key update when you unprotect with the next key phase. How about changing the start of the second to last paragraph to something like:

If the packet can be unprotected using the next receive key and IV, then the
endpoint switches to the next key phase: both send and receive keys associated
with the next key phase become current. The next packet sent by the endpoint
MUST then use the new send key. Once an endpoint has sent a packet...

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: