Hi All,
It's been requested that the configuration for 0-RTT early data needs to be
changeable per SNI. I've been working on this feature, and the following
example shows the changes I made. Please share your thoughts on this.
Note:
1. The old config still exists, it is a general setting for all tls
connections.
2. sni.yaml can enable/disable 0-rtt per fqdn, this acts as an override
of the general config.
Examples:
1. proxy.config.ssl.server.max_early_data = 16384
- blank sni.yaml -> old behavior, all connections support 0-rtt
- sni.yaml specifies server_max_early_data = 0 for example.com ->
0-rtt disabled for example.com, all other connections support 0-rtt
2. proxy.config.ssl.server.max_early_data = 0
- blank sni.yaml -> old behavior, all connections doesn't support
0-rtt
- sni.yaml specifies server_max_early_data = 16384 for example.com
-> 0-rtt enabled only for example.com, all other connections doesn’t
support 0-rtt
