IETF Logo Mail Archive

Re: [quicwg/base-drafts] Rework Key Update (#2237)

Martin Thomson <notifications@github.com> Wed, 09 January 2019 21:46 UTC

Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC65512DD85 for <quic-issues@ietfa.amsl.com>; Wed, 9 Jan 2019 13:46:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.553
X-Spam-Level:
X-Spam-Status: No, score=-7.553 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8NSqwDg5aNhh for <quic-issues@ietfa.amsl.com>; Wed, 9 Jan 2019 13:46:37 -0800 (PST)
Received: from o11.sgmail.github.com (o11.sgmail.github.com [167.89.101.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A7685130FCB for <quic-issues@ietf.org>; Wed, 9 Jan 2019 13:46:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=FnsNQ7KbnOAhIktzFvUmgZlD6+8=; b=WZJcagTmpagyORPz YAyoERFqR51oB/biWrVfxiIkGt66IYyUXS1soJ1YZUdWoZaPqkXbbRDI8mXM3QS+ 5QUqzXTdbHC5BbhAH0xfow8GEuawfNdXS6uibAnDlnbtcvD3IiPyuECKtBE1CQYQ FgPlhujrGrtXzyTbEwe5GIEFBHE=
Received: by filter0114p1iad2.sendgrid.net with SMTP id filter0114p1iad2-11168-5C366BBB-1F 2019-01-09 21:46:35.663019166 +0000 UTC m=+152121.637164768
Received: from github-lowworker-e55e3e3.cp1-iad.github.net (unknown [192.30.252.41]) by ismtpd0044p1iad1.sendgrid.net (SG) with ESMTP id EIp100gnQZ26JSXi3yqBzw for <quic-issues@ietf.org>; Wed, 09 Jan 2019 21:46:35.562 +0000 (UTC)
Received: from github.com (localhost [127.0.0.1]) by github-lowworker-e55e3e3.cp1-iad.github.net (Postfix) with ESMTP id 87387180F1B for <quic-issues@ietf.org>; Wed, 9 Jan 2019 13:46:35 -0800 (PST)
Date: Wed, 09 Jan 2019 21:46:35 +0000
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab2264453e95ba43f64c3b81c8d98264fd9ffb085c92cf00000001184e2dbb92a169ce1770e975@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2237/review/190953489@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2237@github.com>
References: <quicwg/base-drafts/pull/2237@github.com>
Subject: Re: [quicwg/base-drafts] Rework Key Update (#2237)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c366bbb83fe7_5ffd3fbf72ed45c437954b"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak32/WLNzaenfWLaxNQ/xY3wlt/SuhmJOgvOKk PqaxcxKub0mo9shd7O34KouDZiSIxbVst6Os9HCPt51NObAZKlcOJDLV11YcRd/kLOCcd2IwlptDdN 13yT4PDPnewkKPB/PcG5pbwflnwUbNIfhgSqC2HPtEXnZCq6FNxZZyR6zvjhY6tbCfaisYXBgH0jtE o=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/k-t_ph2sxAi76tCIkdIBJeQVkOM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Jan 2019 21:46:39 -0000

martinthomson commented on this pull request.



>  
-If the packet can be decrypted and authenticated using the updated key and IV,
-then the keys the endpoint uses for packet protection are also updated.  The
-next packet sent by the endpoint will then use the new keys.
+The endpoint uses the key and IV to protect all subsequent packets, clears the
+Key Update Permitted bit, and toggles the value of the low Key Phase bit.
+
+An endpoint MUST NOT initiate more than one key update at a time.  A new key
+cannot be used until the endpoint has successfully processed a packet with a
+matching Key Phase and the Key Update Permitted bit set.  Together, these
+indicate that the key update was received and acted on.
+
+Once an endpoint has received and successfully processed packets with the same
+Key Phase value, this indicates that the peer has also updated keys.  The
+endpoint can then set the Key Update Permitted bit to 1 on packets it

Yeah, I struggled with this too.  I want people to enable key updates, but the fact is that we can't really enforce it.  If we didn't want to allow peers to minimize the number of active keys, you could allow endpoints to punish them if they acknowledged a packet with a matching key phase in a packet that didn't include the Key Update Permitted bit.  I will try to work in a SHOULD somehow.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2237#discussion_r246557796

v2.23.0 | Report a Bug | By Email