Re: [quicwg/base-drafts] Clarify crypto context for Connection Close (#1818)

Kazuho Oku <> Tue, 02 October 2018 02:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B4C04127B92 for <>; Mon, 1 Oct 2018 19:21:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8.456
X-Spam-Status: No, score=-8.456 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.456, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id M1zoWFx9dvyW for <>; Mon, 1 Oct 2018 19:21:00 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B06001286D9 for <>; Mon, 1 Oct 2018 19:21:00 -0700 (PDT)
Date: Mon, 01 Oct 2018 19:20:58 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1538446858; bh=KYM7HiJw4tYizelEBQ6BEzGQcWRgb/IpF5A08MPNPaM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=knRnkmxj6b7WJPgnGpHUE4IRGWI+YZZufzL6OvZaLradmyuyoKB2LnnatqGLH7CW0 mUvnrKorHVnoZFbdCD4vyTXRjT6SwfLJexjtKIKn2ZwXgEx2HhLIA7zOvAUjQFe9k3 TeGS1QEVLP7xBNYQvjtEBxrOMGHaNsB26lR1UJcA=
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/1818/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Clarify crypto context for Connection Close (#1818)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5bb2d60a3adb4_58653f84bfad45c013841e"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 02 Oct 2018 02:21:03 -0000

kazuho commented on this pull request.

> @@ -2606,6 +2606,16 @@ An endpoint sends a closing frame (CONNECTION_CLOSE or APPLICATION_CLOSE) to
 terminate the connection immediately.  Any closing frame causes all streams to
 immediately become closed; open streams can be assumed to be implicitly reset.
+If the endpoint has successfully decrypted a 1-RTT packet from its peer, it
+SHOULD send CONNECTION_CLOSE in a 1-RTT packet. If not, and it has received a

FWIW, a client "knows that the peer can decrypt a 1-RTT packet" when it receives the first ACK for a 1-RTT packet it has sent. A server knows that when it obtains the 1-RTT read key from the TLS stack (i.e. when a ClientFinished received from the client is processed without an error).

We might want to clarify that.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: