Re: [quicwg/base-drafts] Output of the discard keys design team (#2673)

David Schinazi <> Thu, 09 May 2019 20:45 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C8888120145 for <>; Thu, 9 May 2019 13:45:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.393
X-Spam-Status: No, score=-6.393 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ASAq2uj98Qk8 for <>; Thu, 9 May 2019 13:45:15 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2DB0A1200E3 for <>; Thu, 9 May 2019 13:45:15 -0700 (PDT)
Date: Thu, 09 May 2019 13:45:14 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1557434714; bh=MbAsQzXAI+og558aBNPLbrJqzFHqG67ecW04ECKIUjw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=atLh3Y8tZ+KaYbgvY7Zyyni11osnag8vMY1Vv0MDVSHVj2Gii8wNI37TYaNdlyFMA gZaqbSPcbdmMTvDmDNfEHXMXpEzPa3boSjBWjBBFbMD5TXogxqvUoHNe30UPL/aOxn WO7V4Fk92sZfAwFHyYkgh08JtjlXFeh14s17Pquw=
From: David Schinazi <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/pull/2673/review/>
In-Reply-To: <quicwg/base-drafts/pull/>
References: <quicwg/base-drafts/pull/>
Subject: Re: [quicwg/base-drafts] Output of the discard keys design team (#2673)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5cd4915a2c6ed_77413ffb0facd95c160850"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: DavidSchinazi
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 09 May 2019 20:45:17 -0000

DavidSchinazi commented on this pull request.

> +
+### Discarding 0-RTT Keys
+Clients SHOULD discard 0-RTT keys as soon as they install 1-RTT keys, since
+they have no use after that moment.
+0-RTT and 1-RTT packets share the same packet number space, and clients do not
+send 0-RTT packets after sending a 1-RTT packet ({{using-early-data}}).
+Therefore a server MAY discard 0-RTT keys as soon as it receives a 1-RTT
+packet.  However, due to packet reordering, a 0-RTT packet could arrive after
+a 1-RTT packet.  Servers MAY temporarily retain 0-RTT keys to allow decrypting
+reordered packets without requiring their contents to be retransmitted with
+1-RTT keys.  Servers MUST discard 0-RTT keys within three times the Probe
+Timeout (PTO, see {{QUIC-RECOVERY}}) after receiving a 1-RTT packet.  A server
+MAY discard 0-RTT keys earlier if it determines that it has received all 0-RTT
+packets, which can be done by keeping track of packet numbers.


You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: