On Tue, Jun 13, 2017 at 06:57:05PM +0000, Andrei Popov wrote: > Regarding RFC language, I think we could be more specific: > > > > 1. A TLS implementation SHOULD/MUST only send 0-RTT application data if the > application has explicitly opted in; > > 2. A TLS implementation SHOULD/MUST only accept 0-RTT application data if the > application has explicitly opted in; > > 3. When delivering 0-RTT application data to the application, a TLS > implementation SHOULD/MUST provide a way for the application to distinguish > it from the rest of the application data.
First of these has to be MUST, or you get problems like I outlined earlier. And to implement checking for client only sending "safe" data, you need the second and third. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls