On Fri, Jun 7, 2024 at 6:34 PM Syed Suleman Ahmad > > So far we have seen that HRR incompatibility is NOT related to the choice > of keyshare, or whether the first Client Hello fits in a single packet or > not. It is simply lack of HRR support. >
While the aggregate stats are good to check, what I've found in working on this stuff is that it's only a few origins that will get you. I'm sure Cloudflare has a lot of data. But you can map this to ~43% of the web being Wordpress, hosted on AWS, Hetzner, etc. The ones that get you are important ones running obscure infrastructure, like banks, government websites, and corporate portals. thanks, Rob
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
