Re: [quicwg/base-drafts] Encrypting token in Retry packet (#3477)

Martin Thomson <> Sat, 22 February 2020 23:47 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AEAC93A0AD8 for <>; Sat, 22 Feb 2020 15:47:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.554
X-Spam-Status: No, score=-1.554 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7RLa7v_vBYtG for <>; Sat, 22 Feb 2020 15:47:57 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 90BDC3A0AD5 for <>; Sat, 22 Feb 2020 15:47:57 -0800 (PST)
Date: Sat, 22 Feb 2020 15:47:56 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1582415276; bh=TVZZVoPk4837fPufN9GFvNeauoJKBPIyrTY6rMux2nQ=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=DPzK0WjVT1cOTfPIAxapHoITw75maCCkDXK2CKm0gtYbvXfHlL4HzRPypBv1qJYns g2tMT4T7qo3t6s1+OI6AUzzARRIuOgY0hpna+XgG4qZOqd3nBihBy1KOmQT9YPRmqW 5SiZB+zNDbAN5o9qQd1v1cjkePViId16X5hPQ/60=
From: Martin Thomson <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/3477/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Encrypting token in Retry packet (#3477)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5e51bdac7f064_34133ff1836cd964376613"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 22 Feb 2020 23:47:59 -0000

This idea was discussed and dismissed.  The problem here is that the HKDF application required to get the keys is significantly more expensive than applying the AEAD.  The cost of producing a Retry was considered important enough not to take this cost.

The pseudo-packet is relatively inexpensive in practice.  Allocating an extra 21 bytes and pre-filling the connection ID in that space doesn't end up costing that much.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: