Re: [quicwg/base-drafts] Do Initial secrets change after Retry packet? (#2823)

ianswett <> Tue, 09 July 2019 01:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 13D301200DF for <>; Mon, 8 Jul 2019 18:37:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.596
X-Spam-Status: No, score=-6.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iavoKQHmUbhz for <>; Mon, 8 Jul 2019 18:37:22 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id EFB95120091 for <>; Mon, 8 Jul 2019 18:37:21 -0700 (PDT)
Date: Mon, 08 Jul 2019 18:37:20 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1562636240; bh=w79PaQxz25kaAnth4sQPJPsAxBSIRZ6HitZWJFGeO/8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=w4EBjFEnSxzrif007djxO6/30y2waVvoSFnjlu7cs5cbs4HKusb5KqmyhNCrPh9Oj v6PxZugqHjEx6meBPMRTIB0wv4w8rf/l6bwFXBL4jL8To+C+LxuUi4GbliZ8f0B9lF lRK2Uj06BEBWXyRalN3d1fGnhpmIrYZNmK3JGnDA=
From: ianswett <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2823/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Do Initial secrets change after Retry packet? (#2823)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d23efd0d6634_2a673fed2aacd968698881"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ianswett
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 09 Jul 2019 01:37:24 -0000

Of note, in section 2.6 of the new draft from @kazuho and @huitema on protection Initials it says:
"The Destination Connection ID of the Initial packet MUST be set to the value specified by the Retry packet, however the keys for encrypting and authenticating the packet MUST continue to be the original ones."

This aligns with the first option.  It seems like the first option also allows us to remove a transport param, which is a nice property.

Given that, is anyone actively opposed to the first option assuming someone else(ie: myself or Nick) writes a PR?

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: