On Tue, Jan 26, 2016 at 02:17:57PM +0000, Sara Dickinson via RT wrote: > > > On 25 Jan 2016, at 18:42, Kurt Roeckx via RT <r...@openssl.org> wrote: > > > > On Mon, Jan 25, 2016 at 06:24:55PM +0000, Sara Dickinson via RT wrote: > >> Hi, > >> > >> I would like to request that support be added to OpenSSL to enable client > >> applications to make use use of TCP Fast Open > >> (https://tools.ietf.org/html/rfc7413 > >> <https://tools.ietf.org/html/rfc7413>) when initiating the TLS handshake > >> on Linux (TCP Fast Open is available in Linux kernel > 4.1). > > > > I've seen that request, and I have tought about it. I'm just > > wondering if that comes with security consequences, like replay > > attacks. > > Not that I am aware of. I've seen the question of security vulnerabilities of > TFO raised a few times but never with any concrete examples, just > speculation. I've also observed Chromium using TFO with TLS.
It's just that I've seen this speculation at other places, and didn't understand it. > I can take the question to the TCPM and/or TLS WG if that is helpful? I don't think it's needed. Kurt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
