I don’t know if there are any deployment of RFC 4507. If not, we are safe; otherwise there are interop problems for session resumption.
Xuelei > On Jun 5, 2019, at 2:19 PM, Jamil Nimeh <jamil.j.ni...@oracle.com> wrote: > > Hi Xuelei, > > Given that 4507 is obsoleted in favor of 5077 is there really that much value > to supporting this older/broken extension format? Do we know of clients that > still adhere to 4507? Otherwise it seems better to stick to 5077 and the > approach in TLS 1.3 and not try to go back and support an earlier obsoleted > approach to this feature. >> >> These lines took me to the cooperation behaviors between RFC 5077 and RFC >> 4507. It looks like we don't support RFC 4507 format of SessionTicket >> extension. As RFC 5077 and RFC 4507 use the same extension ID for different >> extension format. There are potential compatibility issues, and make >> session resumption impossible. I would like to have a workaround to accept >> both formats. For example, using the a cookie at the beginning of the >> ticket, as described in appendix-A of RFC 5077. >> >> >> I will review the rest of this class in the afternoon or tomorrow. >> >> Thanks, >> Xuelei > > > > > >
