From 9182b4034eabbc4a2e7de3e0f43f197bc4e61ec4 Mon Sep 17 00:00:00 2001 From: EKR Date: Thu, 12 Oct 2017 15:01:08 -0700 Subject: [PATCH] SHA-1 is 20 bytes. Fixes #865 --- draft-ietf-quic-tls.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-quic-tls.md b/draft-ietf-quic-tls.md index 888685ed5e..ab069b8f15 100644 --- a/draft-ietf-quic-tls.md +++ b/draft-ietf-quic-tls.md @@ -665,7 +665,7 @@ connection ID. Specifically: The HKDF for the cleartext packet protection keys uses the SHA-256 hash function {{FIPS180}}. -The salt value is a 16 octet sequence shown in the figure in hexadecimal +The salt value is a 20 octet sequence shown in the figure in hexadecimal notation. Future versions of QUIC SHOULD generate a new salt value, thus ensuring that the keys are different for each version of QUIC. This prevents a middlebox that only recognizes one version of QUIC from seeing or modifying the