There are also very common cases of using multiple CDNs or server farms with different capabilities but with the same host name, or of switching a live site between platforms. As others have mentioned, the behaviors need to be well defined and result in extra rtt rather than hard failure to allow 0rtt to be safely deployable.
- Erik On Jun 22, 2016 5:58 AM, "Martin Thomson" <martin.thom...@gmail.com> wrote: On 22 June 2016 at 12:01, Watson Ladd <watsonbl...@gmail.com> wrote: > Why isn't 0-RTT an extension in the Client Hello to deal with this? You can't stream extensions, which unfortunately is required given how most software interacts with their TLS stack. Let's be clear, the actual risk we're talking about is pretty-much confined to screw-ups. The deployment screwup where you left one server speaking TLS 1.2 somewhere before turning 0-RTT on; and TLS MitM, which calling a screw-up might be too positive a statement. Of course, David is right that screw-ups like this are too common for us to do nothing about them. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls