Hi all, The TLS working group has been advancing an Extended Key Update capability for TLS 1.3 (draft-ietf-tls-extended-key-update). In summary, this specification introduces a mechanism that performs a fresh key exchange between parties, rather than merely deriving a new key from the existing cryptographic material.
Building on that work, Hannes and I would like to propose an Extended Key Update mechanism for QUIC. This proposal adapts the previous TLS 1.3 specific work to QUIC and replaces the regular Key Update if both parties agree to the Extended Key Update. Periodic fresh key exchanges is a well-established practice in cryptographic protocols designed for long-lasting communications and is present in IKEv2 and SSH. Since QUIC is increasingly deployed in scenarios such as VPNs and IoT, where maintaining long sessions is critical and full re-establishment could be disruptive, we believe that this proposal will further promote QUIC adoption. Looking forward to your feedback. Best Regards, Yaroslav ---------- Forwarded message --------- From: <[email protected]> Date: Sun, Feb 23, 2025 at 10:00 PM Subject: New Version Notification for draft-rosomakho-quic-extended-key-update-00.txt To: Hannes Tschofenig <[email protected]>, Yaroslav Rosomakho < [email protected]> A new version of Internet-Draft draft-rosomakho-quic-extended-key-update-00.txt has been successfully submitted by Yaroslav Rosomakho and posted to the IETF repository. Name: draft-rosomakho-quic-extended-key-update Revision: 00 Title: Extended Key Update for QUIC Date: 2025-02-23 Group: Individual Submission Pages: 8 URL: https://www.ietf.org/archive/id/draft-rosomakho-quic-extended-key-update-00.txt Status: https://datatracker.ietf.org/doc/draft-rosomakho-quic-extended-key-update/ HTML: https://www.ietf.org/archive/id/draft-rosomakho-quic-extended-key-update-00.html HTMLized: https://datatracker.ietf.org/doc/html/draft-rosomakho-quic-extended-key-update Abstract: This document specifies an Extended Key Update mechanism for the QUIC protocol, building on the foundation of the TLS Extended Key Update. The TLS Extended Key Update specification enhances the TLS protocol by introducing key updates with forward secrecy, eliminating the need to perform a full handshake. This feature is particularly beneficial for maintaining security in scenarios involving long-lived connections. This specification replaces the QUIC Key Update mechanism described in the "Using TLS to Secure QUIC" specification. The IETF Secretariat -- This communication (including any attachments) is intended for the sole use of the intended recipient and may contain confidential, non-public, and/or privileged material. Use, distribution, or reproduction of this communication by unintended recipients is not authorized. If you received this communication in error, please immediately notify the sender and then delete all copies of this communication from your system.
