On Thu, May 04, 2017 at 02:49:20PM -0500, Nico Williams wrote: > On Thu, May 04, 2017 at 02:44:06PM -0500, Benjamin Kaduk wrote: > > On 05/04/2017 02:39 PM, Nico Williams wrote: > > > The SHOULD should say that the server-side needs to apply a replay cache > > > OR fallback onto a full exchange when the 0-rtt data payload involves a > > > non-idempotent operation. > > > > You seem confused on this key point. The server commits to accepting or > > rejecting *all* early data, *before* it can look inside and see what it > > is (in particular, whether or not it is idempotent). > > Sure, that's fine. You could run an HTTP server that only accepts > HEADs, GETs, maybe DELETEs, and accepts 0-rtt and have the client send > all POSTs and such to a different HTTP server.
Also, a server could accept all sorts of 0-rtt data and at the application-layer cause extra round-trips and force the client to re-request. Not all existing application protocols will support that, naturally. For HTTP... maybe a redirect? Nico -- _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
