Re: [quicwg/base-drafts] Which DCID determines Initial keys (#3862)

ekr <> Wed, 08 July 2020 12:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id EE2113A097B for <>; Wed, 8 Jul 2020 05:34:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.483
X-Spam-Status: No, score=-1.483 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id kK70DuMmHRdn for <>; Wed, 8 Jul 2020 05:34:24 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 93BAC3A0979 for <>; Wed, 8 Jul 2020 05:34:24 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id B5D816A0546 for <>; Wed, 8 Jul 2020 05:34:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1594211663; bh=bCyQ7ay91yqWDnfBinBJ0DfL3VVvnrwFs2VfKLyIvkI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=RskZYL7Uhu5CPsVed18ziD6HYZpf1iIM2lQCc2XlAxiLudqol26AG+cyykmU+QJ5q Kj8ORECHhcZjfL3zk1SIccjFv4BjZBGy/ZHBIVzr3qI98dbuMvHD36E9IByKBbavTq whHAYEfEj72Bc0NrrP56opz9Pe4rp2JkbvB1psfw=
Date: Wed, 08 Jul 2020 05:34:23 -0700
From: ekr <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/3862/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Which DCID determines Initial keys (#3862)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f05bd4fa69ae_2ae73fb5dfccd95c111148"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ekr
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 08 Jul 2020 12:34:26 -0000

@ekr commented on this pull request.

> +The Destination Connection ID field from the first Initial packet sent by a
+client is used to determine packet protection keys for Initial packets.  These
+keys change after receiving a Retry packet; see Section 5.2 of {{QUIC-TLS}}.

Initial packets derive their packet protection key from their Destination Connection ID field. This means that these keys will change after receiving a Retry packet; see Section 5.2 of {{QUIC-TLS}}.

I don't think it helps to single out the first Initial which actually isn't special.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: