Key updates as defined by RFC 9000 are not an optional feature. Any implementation that doesn't implement key updates is not compliant with the RFC and has to expect that transfers will randomly break. Even worse, ignoring a key update won't immediately kill the connection, but will eventually result in a connection timeout.
quic-go is very aggressive and initiates the first key update after the first 100 short header packets. Subsequent key updates are triggered every 100k packets. On Sat, 22 Jul 2023 at 07:05, Nick Banks <nibanks= [email protected]> wrote: > Hello, > > For MsQuic, we have a hook to force a key update that can be used by test > code. Additionally, we have a knob to set a smaller threshold for the > number of bytes transferred to trigger the update scenario. Feel free to > look at our test code here > <https://github.com/microsoft/msquic/blob/main/src/test/lib/HandshakeTest.cpp#L2196> > . > > Thanks, > Nick > > Sent from Outlook <http://aka.ms/weboutlook> > ------------------------------ > *From:* QUIC <[email protected]> on behalf of Kaushal Bhandankar < > [email protected]> > *Sent:* Saturday, July 22, 2023 3:04 AM > *To:* [email protected] <[email protected]> > *Subject:* Key Update implementation priority > > You don't often get email from [email protected]. Learn why this is > important <https://aka.ms/LearnAboutSenderIdentification> > > I would like to know how popular QUIC implementations force key-update to > evaluate the need to implement it. > > Chromium > Firefox Browser (neqo) > mvfst > quiche > > Regards, > Kaushal >
