Script updating gh-pages from 58cd0b4. [ci skip]

quicwg · Sep 6, 2019 · 3b0d587 · 3b0d587
1 parent 517c888
commit 3b0d587
Show file tree

Hide file tree

Showing 3 changed files with 1,392 additions and 1,392 deletions.
diff --git a/ianswett-initial-secrets-constant/draft-ietf-quic-tls.html b/ianswett-initial-secrets-constant/draft-ietf-quic-tls.html
@@ -951,7 +951,7 @@ <h2 id="rfc.section.5.2">
 <p id="rfc.section.5.2.p.3">The connection ID used with HKDF-Expand-Label is the Destination Connection ID in the Initial packet sent by the client.  This will be a randomly-selected value unless the client creates the Initial packet after receiving a Retry packet, where the Destination Connection ID is selected by the server.</p>
 <p id="rfc.section.5.2.p.4">The value of initial_salt is a 20 byte sequence shown in the figure in hexadecimal notation. Future versions of QUIC SHOULD generate a new salt value, thus ensuring that the keys are different for each version of QUIC. This prevents a middlebox that only recognizes one version of QUIC from seeing or modifying the contents of packets from future versions.</p>
 <p id="rfc.section.5.2.p.5">The HKDF-Expand-Label function defined in TLS 1.3 MUST be used for Initial packets even where the TLS versions offered do not include TLS 1.3.</p>
-<p id="rfc.section.5.2.p.6">The secrets used for protecting Initial packets do not change during the connection, even though the destination connection ID in client Initial packets changes after receiving a Retry.  A server that sends a Retry therefore needs to either remember the original connection ID or save the original connection ID in the Retry token.</p>
+<p id="rfc.section.5.2.p.6">The secrets used for protecting Initial packets do not change during the connection, even though the destination connection ID in client Initial packets changes after receiving a Retry.  A server that sends a Retry therefore needs to either remember the original connection ID or save the original connection ID in the Retry token.  Because the initial connection ID is included in the server&#8217;s transport parameters, the only difference is when in the packet processing this connection ID is utilized.</p>
 <p><a href="#test-vectors-initial" class="xref">Appendix A</a> contains test vectors for the initial packet encryption.</p>
 <h2 id="rfc.section.5.3">
 <a href="#rfc.section.5.3">5.3.</a> <a href="#aead" id="aead">AEAD Usage</a>

diff --git a/ianswett-initial-secrets-constant/draft-ietf-quic-tls.txt b/ianswett-initial-secrets-constant/draft-ietf-quic-tls.txt
@@ -1045,7 +1045,10 @@ Internet-Draft                QUIC over TLS               September 2019
    the connection, even though the destination connection ID in client
    Initial packets changes after receiving a Retry.  A server that sends
    a Retry therefore needs to either remember the original connection ID
-   or save the original connection ID in the Retry token.
+   or save the original connection ID in the Retry token.  Because the
+   initial connection ID is included in the server's transport
+   parameters, the only difference is when in the packet processing this
+   connection ID is utilized.
 
    Appendix A contains test vectors for the initial packet encryption.
 
@@ -1054,9 +1057,6 @@ Internet-Draft                QUIC over TLS               September 2019
    The Authentication Encryption with Associated Data (AEAD) [AEAD]
    function used for QUIC packet protection is the AEAD that is
    negotiated for use with the TLS connection.  For example, if TLS is
-   using the TLS_AES_128_GCM_SHA256, the AEAD_AES_128_GCM function is
-   used.
-
 
 
 
@@ -1066,6 +1066,9 @@ Thomson & Turner          Expires March 9, 2020                [Page 19]
 Internet-Draft                QUIC over TLS               September 2019
 
 
+   using the TLS_AES_128_GCM_SHA256, the AEAD_AES_128_GCM function is
+   used.
+
    Packets are protected prior to applying header protection
    (Section 5.4).  The unprotected packet header is part of the
    associated data (A).  When removing packet protection, an endpoint
@@ -1111,9 +1114,6 @@ Internet-Draft                QUIC over TLS               September 2019
 
    Some AEAD functions have limits for how many packets can be encrypted
    under the same key and IV (see for example [AEBounds]).  This might
-   be lower than the packet number limit.  An endpoint MUST initiate a
-   key update (Section 6) prior to exceeding any limit set for the AEAD
-   that is in use.
 
 
 
@@ -1122,6 +1122,10 @@ Thomson & Turner          Expires March 9, 2020                [Page 20]
 Internet-Draft                QUIC over TLS               September 2019
 
 
+   be lower than the packet number limit.  An endpoint MUST initiate a
+   key update (Section 6) prior to exceeding any limit set for the AEAD
+   that is in use.
+
 5.4.  Header Protection
 
    Parts of QUIC packet headers, in particular the Packet Number field,
@@ -1169,10 +1173,6 @@ Internet-Draft                QUIC over TLS               September 2019
 
 
 
-
-
-
-
 Thomson & Turner          Expires March 9, 2020                [Page 21]
 
 Internet-Draft                QUIC over TLS               September 2019