Re: [quicwg/base-drafts] Does a Retry really need to change the CID? (#2837)

Martin Thomson <> Wed, 07 August 2019 23:22 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 13339120232 for <>; Wed, 7 Aug 2019 16:22:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.454
X-Spam-Status: No, score=-6.454 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id U2q28rvUTAEH for <>; Wed, 7 Aug 2019 16:22:25 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 901AB1200DF for <>; Wed, 7 Aug 2019 16:22:25 -0700 (PDT)
Date: Wed, 07 Aug 2019 16:22:24 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1565220144; bh=cwjKqS8YPm5h0xY2VAvapSlU39I08+fK3TpRAqguqBQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Z4M8xaC16ojo46NZoOMZk3YPU5WBmUkDt3SPtyZWHZUbXQLraf6WVN62Pdi9tmfGV 4FxySDCQZls2axRW9wpdV+4PUvbBepksmbq3jorAeq9+4In2+ZWAY+/OHFE2gvohUq PDm9UOqBftiDl/BdNrrB3JSK7FyuynoRff7l7ry0=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2837/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Does a Retry really need to change the CID? (#2837)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d4b5d306778d_7e163fb7a9acd96077822"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 07 Aug 2019 23:22:27 -0000

By not allowing it to change you have a stronger assurance in that the server has to have a key.

Having just implemented Retry (yeah, it is like that...) I don't see any advantage either side of this from an implementation perspective. Either way, the server either holds state or puts the odcid in the token. The client implementation is very slightly easier and more efficient if the key doesn't change.  

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: