> The costs you describe are trivial. The general idea among developers these days that CPU cycles are free is a huge problem.
You didn't answer my biggest question, though, which was whether you (or anybody else!) has had success using stateless HelloRetryRequest to increase the number of connections a datacenter can handle due to the fact that the servers were memory-bound. The amount of memory to hold the first ClientHello message is trivial. But if doing stateless HRR has measurably increased the performance of a data center's web serving capability, I'll change my mind about it. > We also implement DTLS where this is properly useful. I can't find the DTLS 1.3 spec. Which RFC is it? Mike _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
