Re: [quicwg/base-drafts] Bound 0-to-1-RTT Transition (#2466)

ianswett <> Wed, 17 April 2019 19:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5DD7C120387 for <>; Wed, 17 Apr 2019 12:13:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id JZb89EFUMWPI for <>; Wed, 17 Apr 2019 12:13:06 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 69BBB120363 for <>; Wed, 17 Apr 2019 12:13:06 -0700 (PDT)
Date: Wed, 17 Apr 2019 12:13:05 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1555528385; bh=Arxw2dmgxh1ZyPBWxM0QdstZP7U7LV7LcEEQ/W70qD8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=g7QphL93dsfgAhkkYZ47jfr8ZZqpU+SR5wwrLJ/+NyAvZzzHEUkMh/RqD9H+K+3oo dBgvSQmI8HB5BKkfjtlSKXaS1qcv3LnvJ7Wg+vKZqOAzT2CSY7Pzb5MgxdIaEXl/5l kLjNaJvmYaJmDq/PxTmInYBHoLwyd9JBRI7bHNWI=
From: ianswett <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2466/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Bound 0-to-1-RTT Transition (#2466)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cb77ac15c48b_439a3faeeaccd96c1439fc"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 17 Apr 2019 19:13:08 -0000

ianswett commented on this pull request.

> @@ -2631,7 +2641,10 @@ number 0.  Subsequent packets sent in the same packet number space MUST increase
 the packet number by at least one.
 0-RTT and 1-RTT data exist in the same packet number space to make loss recovery
-algorithms easier to implement between the two packet types.
+algorithms easier to implement between the two packet types.  However, a client
+MUST NOT continue sending 0-RTT packets after beginning to use 1-RTT packets.
+Servers MUST drop 0-RTT packets with greater packet numbers than the lowest
+packet number they have received in a 1-RTT packet.

An attacker can't replay any packets except Initial with a higher packet number, unless the attacker has the keys(in which case, you have bigger problems).

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: