On Thu, May 4, 2017 at 11:29 AM, Andrei Popov <andrei.po...@microsoft.com> wrote:
> > - Providers already work hard to maximize user affinity to a data > center for other operational reasons; re-routing is relatively rare and > quickly repaired by issuing a new ticket. > > Understood, but isn’t an attacker going to be able to re-route at will? > Yes, but I don't see the significance. If the attacker reroutes the user, or replays a ticket, to a different data center - the ticket won't work, it'll degrade gracefully to a regular connection. Of course the attacker succeeded in slowing the user down, but that's possible anyway. Maybe you're thinking of a strike register that shares a global namespace? That would be an implementation error; tickets should be scoped to the location they are issued from, and checked against its strike register (or not used at all). -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls