From 1126251530f1f4d7fa9ae7fb843bdfe95bdf7611 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Wed, 8 Jul 2020 15:24:05 +1000 Subject: [PATCH] Which DCID determines Initial keys This is better defined elsewhere, but it doesn't hurt to repeat it. Closes #3840. --- draft-ietf-quic-transport.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md index 553cd9e8ce..5edde8e60d 100644 --- a/draft-ietf-quic-transport.md +++ b/draft-ietf-quic-transport.md @@ -1539,8 +1539,11 @@ Initial or Retry packet from the server, the client populates the Destination Connection ID field with an unpredictable value. This Destination Connection ID MUST be at least 8 bytes in length. Until a packet is received from the server, the client MUST use the same Destination Connection ID value on all packets in -this connection. This Destination Connection ID is used to determine packet -protection keys for Initial packets. +this connection. + +The Destination Connection ID field from the first Initial packet sent by a +client is used to determine packet protection keys for Initial packets. These +keys change after receiving a Retry packet; see Section 5.2 of {{QUIC-TLS}}. The client populates the Source Connection ID field with a value of its choosing and sets the Source Connection ID Length field to indicate the length.