On Fri, Mar 6, 2020, at 12:28, Benjamin Kaduk wrote: > Other than this bit about giving resumption_count of zero additional > semantics than "I am requesting zero tickets if resumption succeeds", I > actually think this proposal is quite good. The comments I left on PR > 18 are effectively advocating for something like this.
Yeah, I think that's perfect. We don't have to get into implications or inferences. > For an example of mechanism without policy, if a client successfully > resumes and asks for zero tickets in the resumption case, but the server > issues a ticket anyway, we can pretty reliably conclude that the > original ticket is no longer valid for resumption. I wouldn't make any inferences there either :) But it seems like something that could happen. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
