Re: [quicwg/base-drafts] Rework Key Update (#2237)

martinduke <> Wed, 20 March 2019 23:30 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 646AB12D84D for <>; Wed, 20 Mar 2019 16:30:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.597
X-Spam-Status: No, score=-6.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id AAHMgxtIMOM0 for <>; Wed, 20 Mar 2019 16:30:33 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6D16D1277E5 for <>; Wed, 20 Mar 2019 16:30:33 -0700 (PDT)
Date: Wed, 20 Mar 2019 16:30:32 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1553124632; bh=2VF/x8agFcnA6P+2DQlV0mfQisvRyX35kRPmfWSMda8=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=K8TBX8BAGBG6zRsLiaUFcK0CBSbkLunpvWHr4Cg2SjTDb9ptWwYKNGTo5WVwCw3dG eiXdE05fpVYagfv5S0tPgYTwFDDLJOFLO94MKm0ejtgW7gdb5W7rP15bfEjrrSS8l1 SOVpPNDaTyjGte4Z2JF4HkVLOeNfDeCUK9BFA+AE=
From: martinduke <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2237/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Rework Key Update (#2237)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c92cd18b2c9_45383f7f420d45c07219c3"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinduke
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 20 Mar 2019 23:30:35 -0000

Section 6 of quic-tls refers me to 7.2 of RFC 8446. I read and implemented this (literally) last week and found this to be totally unambiguous, as other sections of quic-tls clearly indicate the labels used to derive key and iv. Perhaps others found it less clear.

I am not sure how TCP and QUIC would be mixed. Key update doesn't change resumption secrets, and if TCP and QUIC are sharing the same TLS instance (?) you're going to have a problem with or without this change.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: