On Thu, Sep 01, 2016 at 05:48:02AM -0700, Eric Rescorla wrote: > On Thu, Sep 1, 2016 at 3:31 AM, Hubert Kario <hka...@redhat.com> wrote: > > > > I'm afraid that requiring the server to keep the connection open for > > essentially arbitrary amount of time while it consumes garbage data is not > > unlike the Apache slowloris attack. > > It's not required to. It can close the connection at any time.
Should there be recommendation for clients to cut transfer and send Finished if the client receives EncryptedExtensions without early_data extension? -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
