On Tue, Jun 13, 2017 at 05:10:39PM +0000, Andrei Popov wrote: > * My fear is that, even with RFC 2119 terminology, 0RTT will likely be > the cause of many problems in the future > * and that being extra careful here is important… :) > > I agree with this assessment. A MUST would certainly work for me. There are > two reasons I suggested SHOULD: > > 1. A MUST would be non-enforceable (a TLS client or server can’t enforce > the use of a particular API by the peer).
I would say what the endpoint _itself_ does is more relevant than what the _peer_ does. I gave some examples of things going badly wrong if the application does not opt-in, especially at client side. And on server side, the requirement to only accept "safe" things for 0-RTT can't be done without opt-in. > 2. There’s lack of consensus on the topic of 0RTT and I’m trying to > suggest a compromise😊. Not in all aspects of it. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls