Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Receiver's behavior on key update #2791

Closed
wants to merge 12 commits into from
Closed

Receiver's behavior on key update #2791

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
27cbd9c
explain the procedure of the receiver installing new 1-RTT keys
kazuho Jun 14, 2019
d3a809c
Marten's rewording
marten-seemann Jun 14, 2019
557c663
remove redundancy
kazuho Jun 14, 2019
656539b
s/MAY limit to two/SHOULD retain at least two/, clarify which side of…
kazuho Jun 17, 2019
be1d0bb
merge the calculation logic of the next key to the paragraph describi…
kazuho Jun 17, 2019
8ce0e91
editorial suggestions by @marten-seemann
kazuho Jun 17, 2019
13424d8
derive every time when receiving a packet with a new key-phase, until…
kazuho Jun 17, 2019
1b30bfd
"MAY limit to two" is "MUST at least two" rather than a SHOULD
kazuho Jun 18, 2019
20c3351
clarify how the keys are retained / dropped, based on suggestions fro…
kazuho Jun 19, 2019
a087a88
s/decrypt and authenticate/unprotect/
kazuho Jun 19, 2019
43943c1
clarify how to detect a misbehaving peer
kazuho Jun 19, 2019
1768b35
describe how the key phase is inceremented in response to peer-initia…
DavidSchinazi Jun 20, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 6 additions & 8 deletions draft-ietf-quic-tls.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1165,14 +1165,12 @@ another key update can be initiated.
Endpoints MAY limit the number of keys they retain to two sets for removing
packet protection.

An endpoint installs the new keys, possibly replacing the old keys, when it
unprotects the header protection of a received packet and detects that the
packet uses a new key phase. The detection can be done by tracking the lowest
packet number among the packets received with the currently active key phase.
If a packet is received that has a different KEY_PHASE bit and a lower packet
number than this value, the endpoint uses the old keys for unprotecting the
packet, if these keys are still available. If the packet has a higher packet
number, the endpoint installs the updated keys.
An endpoint can detect which keys to use by tracking the lowest packet number
among the packets received with the currently active key phase. If a packet is
received that has a different KEY_PHASE bit and a lower packet number than this
value, the endpoint uses the old keys for unprotecting the packet, if these keys
are still available. If the packet has a higher packet number, the endpoint
installs the updated keys.

Updating keys multiple times rapidly can cause packets to be effectively lost if
packets are significantly reordered. Therefore, an endpoint SHOULD NOT initiate
Expand Down