You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With #8, we won't be using the TLS traffic secrets for key derivation. Because the application keys will be derived from the exporters, and exporters don't change over the lifetime of a connection, we will need to build an independent key schedule. As such, the TLS connection will be dead. The only reason that stream 1 might be needed after the conclusion of the handshake is to send more or updated NewSessionTicket messages.
KeyUpdate on the other hand will do nothing useful. We can ensure key freshness by updating the QUIC packet protection keys. Updating the redundant TLS application keys is pointless.
The text was updated successfully, but these errors were encountered:
With #8, we won't be using the TLS traffic secrets for key derivation. Because the application keys will be derived from the exporters, and exporters don't change over the lifetime of a connection, we will need to build an independent key schedule. As such, the TLS connection will be dead. The only reason that stream 1 might be needed after the conclusion of the handshake is to send more or updated NewSessionTicket messages.
KeyUpdate on the other hand will do nothing useful. We can ensure key freshness by updating the QUIC packet protection keys. Updating the redundant TLS application keys is pointless.
The text was updated successfully, but these errors were encountered: