You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the KEY_PHASE is flipped twice in two consecutive received packet, the connection must be aborted. From draft-ietf-quic-tls-16:
An endpoint does not always need to send packets when it detects that
its peer has updated keys. The next packet that it sends will simply
use the new keys. If an endpoint detects a second update before it
has sent any packets with updated keys, it indicates that its peer
has updated keys twice without awaiting a reciprocal update. An
endpoint MUST treat consecutive key updates as a fatal error and
abort the connection.
The text was updated successfully, but these errors were encountered:
When the KEY_PHASE is flipped twice in two consecutive received packet
That's not quite right: it is an error for KEY_PHASE to be flipped in any packet that is numbered after a prior KEY_PHASE flip and received before the local endpoint has sent a packet using the new keys. In other words, an endpoint may not initiate a key update until it has received a packet encrypted using the current keys.
When the KEY_PHASE is flipped twice in two consecutive received packet, the connection must be aborted. From draft-ietf-quic-tls-16:
The text was updated successfully, but these errors were encountered: