From 0a7c2875e2ecc6e08c097c5f8ced96265be51ec0 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Mon, 22 Jul 2019 08:32:06 -0400 Subject: [PATCH 1/2] Confidentiality for server transport parameters Closes #2920. --- draft-ietf-quic-transport.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index e429fee772..52f7bae2e3 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -1225,12 +1225,14 @@ properties: * 1-RTT keys have forward secrecy -* authenticated values for the transport parameters of the peer (see +* authenticated values for transport parameters of both endpoints, and + confidentiality protection for server transport parameters (see {{transport-parameters}}) * authenticated negotiation of an application protocol (TLS uses ALPN {{?RFC7301}} for this purpose) + The first CRYPTO frame from a client MUST be sent in a single packet. Any second attempt that is triggered by address validation (see {{validate-handshake}}) MUST also be sent within a single packet. This avoids From 75a2cb2e5f3ed838b4885e7f3d82d98e8a27e2c3 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Thu, 8 Aug 2019 10:50:11 +1000 Subject: [PATCH 2/2] Remove extra line Co-Authored-By: Jana Iyengar --- draft-ietf-quic-transport.md | 1 - 1 file changed, 1 deletion(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 52f7bae2e3..2430643d82 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -1232,7 +1232,6 @@ properties: * authenticated negotiation of an application protocol (TLS uses ALPN {{?RFC7301}} for this purpose) - The first CRYPTO frame from a client MUST be sent in a single packet. Any second attempt that is triggered by address validation (see {{validate-handshake}}) MUST also be sent within a single packet. This avoids