Addressing nits from final review

quicwg · May 3, 2018 · 8e7540f · 8e7540f
1 parent a1c4d41
commit 8e7540f
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 12 deletions.
diff --git a/draft-ietf-quic-tls.md b/draft-ietf-quic-tls.md
@@ -866,9 +866,9 @@ connection.  For example, if TLS is using the TLS_AES_128_GCM_SHA256, the
 AEAD_AES_128_GCM function is used.
 
 QUIC packets are protected prior to applying packet number encryption
-({{pn-encrypt}}).  Thus, the unprotected packet number is part of the AAD.  When
-removing packet protection, an endpoint first removes the protection from the
-packet number.
+({{pn-encrypt}}).  The unprotected packet number is part of the associated data
+(A).  When removing packet protection, an endpoint first removes the protection
+from the packet number.
 
 All QUIC packets other than Version Negotiation and Stateless Reset packets are
 protected with an AEAD algorithm {{!AEAD}}. Prior to establishing a shared
@@ -941,8 +941,8 @@ Packet number protection is applied after packet protection is applied (see
 {{aead}}).  The ciphertext of the packet is sampled and used as input to an
 encryption algorithm.
 
-For packets with a long header, the ciphertext starting
-immediately after the packet number is used (that is, octet 17 onwards).
+For packets with a long header, the ciphertext starting immediately after the
+packet number is used.
 
 For packets with a short header, the packet number length is not known before
 decryption, so it is assumed to be the smaller of the maximum possible packet

diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md
@@ -345,8 +345,9 @@ Payload Length:
 Packet Number:
 
 : The Packet Number is a 32-bit field that follows the two connection IDs.
-  {{packet-numbers}} describes the use of packet numbers.  Packet numbers are
-  protected separately to the packet payload.
+  Packet numbers are not encrypted as part of packet protection, but instead
+  have additional confidentiality protection. {{packet-numbers}} describes the
+  use of packet numbers.
 
 
 Payload:
@@ -454,7 +455,8 @@ Packet Number:
 
 : The length of the packet number field depends on the packet type.  This field
   can be 1, 2 or 4 octets long depending on the short packet type.  Packet
-  numbers are protected separate to the packet payload.
+  numbers are not encrypted as part of packet protection, but instead have
+  additional confidentiality protection.
 
 Protected Payload:
 
@@ -696,10 +698,10 @@ continue to use the same Destination Connection ID for 0-RTT packets, see
 
 The version field for protected packets is the current QUIC version.
 
-The packet number field contains a packet number, which is protected separately
-from the rest of the packet (see {{QUIC-TLS}} for details).  The underlying
-packet number increases with each packet sent, see {{packet-numbers}} for
-details.
+The packet number field contains a packet number, which has additional
+confidentiality protection that is applied after packet protection is applied
+(see {{QUIC-TLS}} for details).  The underlying packet number increases with
+each packet sent, see {{packet-numbers}} for details.
 
 The payload is protected using authenticated encryption.  {{QUIC-TLS}} describes
 packet protection in detail.  After decryption, the plaintext consists of a