On Thu, Sep 1, 2016 at 6:15 AM, Ilari Liusvaara <ilariliusva...@welho.com> wrote:
> On Thu, Sep 01, 2016 at 05:48:02AM -0700, Eric Rescorla wrote: > > On Thu, Sep 1, 2016 at 3:31 AM, Hubert Kario <hka...@redhat.com> wrote: > > > > > > I'm afraid that requiring the server to keep the connection open for > > > essentially arbitrary amount of time while it consumes garbage data is > not > > > unlike the Apache slowloris attack. > > > > It's not required to. It can close the connection at any time. > > Should there be recommendation for clients to cut transfer and send > Finished if the client receives EncryptedExtensions without > early_data extension? > I thought that was implicit, but i'd take a PR that did that. -Ekr > > -Ilari >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
