Encrypted CID nonce should be 8 bytes

martinduke / draft-duke-quic-load-balancers

An internet draft to standardize the way that QUIC servers and load balancers can support routable, unlinkable connection IDs

Other

2 stars 4 forks source link

Closed martinduke closed 6 years ago

martinduke commented 6 years ago

At the moment, the AES-CTR nonce is (scid_len - sid_len). This should really be 16 Bytes.

martinduke commented 6 years ago

After some discussions with Kazuho and others, I believe that an 8 Byte nonce is sufficient.