Re: [quicwg/base-drafts] Client MUST use 1-RTT packets if it reads 1-RTT packets (#2458)

Mike Bishop <> Thu, 14 February 2019 22:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7290F1311EA for <>; Thu, 14 Feb 2019 14:16:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -7.999
X-Spam-Status: No, score=-7.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ZMr_TVwnjFD1 for <>; Thu, 14 Feb 2019 14:16:39 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E36751311E6 for <>; Thu, 14 Feb 2019 14:16:38 -0800 (PST)
Date: Thu, 14 Feb 2019 14:16:37 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1550182597; bh=0vbWhaBSXDSRcdP/eCGYGejvBzRAxSPIv3Xv0Au84Uk=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=d1/jGCouqiQCtJlapWJq56NYnkD8vYV+tOGGaFcsM+V0XR046emb/2mZnPmkexHWf j0VCPPpJpcNmhbAYPO/RFpai4w2SBaBVZm8kVOW8jgQlnd/8RPWKZ5aUpyZbFd6cnZ JPTng8LNEhvmNNekjjYs+7MMfvtmTFDx26rP1uDU=
From: Mike Bishop <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2458/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Client MUST use 1-RTT packets if it reads 1-RTT packets (#2458)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c65e8c59300f_40353fae95ad45c0298941"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 14 Feb 2019 22:16:40 -0000

This actually is already addressed in the TLS draft, as @martinthomson pointed out in another thread:  [TLS 4.9](, "Though an endpoint might retain older keys, new data MUST be sent at the highest
  currently-available encryption level."

If you have 1-RTT keys, you MUST use them.  There's currently no server verification that you do so, however.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: