Re: [quicwg/base-drafts] RETIRE_KEYS proposal (#2492)

Kazuho Oku <> Thu, 07 March 2019 21:12 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9873212DF72 for <>; Thu, 7 Mar 2019 13:12:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aH4OxtSa2x0m for <>; Thu, 7 Mar 2019 13:12:56 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E2DAC12D4EB for <>; Thu, 7 Mar 2019 13:12:55 -0800 (PST)
Date: Thu, 07 Mar 2019 13:12:54 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1551993174; bh=stNFI3ZrnLSt84rJk75j1fDZ7ZYkEDhysoy1YskLJjE=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=1x9K+fiDprxANUzUD+vcCHROkaID8j89m4Vuuk+4tOsPP9PDmTYElKjbZqQsesAGO wdu1NTEshbNv50If927s8m0WMolfkcaUz8FtX8zgVH47pZCPs86dELYtvb8oziRPdt XjSSX5vJzdJ/htSAuPXPmBAlNWLNzhL9zvVxHLKU=
From: Kazuho Oku <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2492/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] RETIRE_KEYS proposal (#2492)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c818956cdb95_54813f9dbaed45bc474d5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Mar 2019 21:12:57 -0000

> Wouldn't it be safer to still discard initial/handshake keys after some time?

I can see that argument for Initial keys. At the moment, we require endpoints to drop the Initial keys at the earliest moments. There's a trade-off between relying on an explicit signal (that might get missed) vs. having a uniform way of retiring keys.

OTOH, I think we should solely rely on an explicit signal for dropping handshake keys. There is no risk in keeping the key forever (because only the peer can send Handshake packets that successfully validates), and because there is a tail.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: