Re: [quicwg/base-drafts] Encrypting token in Retry packet (#3477)

Quoc-Viet Nguyen <> Sun, 23 February 2020 08:00 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 29F163A101E for <>; Sun, 23 Feb 2020 00:00:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.554
X-Spam-Status: No, score=-1.554 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Iy09wTMsOdaS for <>; Sun, 23 Feb 2020 00:00:26 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2D8C03A0042 for <>; Sun, 23 Feb 2020 00:00:25 -0800 (PST)
Date: Sun, 23 Feb 2020 00:00:25 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1582444825; bh=vz/ppKWF1JGOjqjKeYKDh0C8IT9bJL3L3BN+tDt1Jeg=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=YLrJbX8wJ/2+CRDYhfu1Ragm9ZLXMWvCEjrhV1iP3xGWXC0DlcAMsJ6W05nZhTsdT Mf1RJcFQJZIP1z4lOUcRiWo/SuEKK6xksGN6vYYvCERX2VXw8XjrXwDhfrSxUQuvNf Xw9ZN+7EKjR5SpwdzV+sWN1i6RqNW8YSIGuNjpxA=
From: Quoc-Viet Nguyen <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3477/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Encrypting token in Retry packet (#3477)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e52311928209_1c1f3f8c5b8cd968234023"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: nqv
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 23 Feb 2020 08:00:27 -0000

If HKDF-Expand-Label is expensive, can we use ODCID such as first 128 bit as the secret key and the remain as the nonce? Or can we generalize it and say SHA256 of user data (ODCID in this case) will be AEAD key and nonce?

WRT pseudo packet. I think on client side, I still need to allocate memory for a copy of received retry packet plus odcid to verify the integrity tag.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: