Re: [TLS] cross-domain cache sharing and 0rtt (was: Re: Requiring that (EC)DHE public values be fresh)

On Thu, Dec 29, 2016 at 02:45:53PM -0800, Adam Langley wrote: > On Thu, Dec 29, 2016 at 11:08 AM, Eric Rescorla wrote: > >> >> As an individual, I'd be in favour of this change but reading > >> >> over [1], section 5, I wondered if we'd analysed the effects of > >> >> 0rtt/replayable-data with tha

Re: [TLS] cross-domain cache sharing and 0rtt (was: Re: Requiring that (EC)DHE public values be fresh)

On Thu, Dec 29, 2016 at 1:50 PM, Stephen Farrell wrote: > > > On 29/12/16 18:38, Eric Rescorla wrote: > > On Thu, Dec 29, 2016 at 10:15 AM, Stephen Farrell < > stephen.farr...@cs.tcd.ie > >> wrote: > > > >> > >> Hiya, > >> > >> On 29/12/16 17:37, Adam Langley wrote: > >>> https://github.com/tlswg

Re: [TLS] cross-domain cache sharing and 0rtt

Hiya, On 29/12/16 19:08, Eric Rescorla wrote: > On Thu, Dec 29, 2016 at 10:50 AM, Stephen Farrell > wrote: > >> >> >> On 29/12/16 18:38, Eric Rescorla wrote: >>> On Thu, Dec 29, 2016 at 10:15 AM, Stephen Farrell < >> stephen.farr...@cs.tcd.ie wrote: >>> Hiya, On 29/12/16

Re: [TLS] cross-domain cache sharing and 0rtt

On Fri, Dec 30, 2016 at 6:43 AM, Stephen Farrell wrote: > > Hiya, > > On 29/12/16 19:08, Eric Rescorla wrote: > > On Thu, Dec 29, 2016 at 10:50 AM, Stephen Farrell < > stephen.farr...@cs.tcd.ie > >> wrote: > > > >> > >> > >> On 29/12/16 18:38, Eric Rescorla wrote: > >>> On Thu, Dec 29, 2016 at 10

Re: [TLS] cross-domain cache sharing and 0rtt

On 30/12/16 16:14, Eric Rescorla wrote: > On Fri, Dec 30, 2016 at 6:43 AM, Stephen Farrell > wrote: > >> >> Hiya, >> >> On 29/12/16 19:08, Eric Rescorla wrote: >>> On Thu, Dec 29, 2016 at 10:50 AM, Stephen Farrell < >> stephen.farr...@cs.tcd.ie wrote: >>> On 29/12/16 18:38,

Re: [TLS] cross-domain cache sharing and 0rtt

On Fri, Dec 30, 2016 at 08:14:57AM -0800, Eric Rescorla wrote: > On Fri, Dec 30, 2016 at 6:43 AM, Stephen Farrell > wrote: > > > > What I'm wondering is if we're maybe missing a server-side check > > on that, with the possible attempted attack of a 0rtt replay in > > mind. E.g. a MUST check for th

Re: [TLS] cross-domain cache sharing and 0rtt

On Fri, Dec 30, 2016 at 9:21 AM, Ilari Liusvaara wrote: > On Fri, Dec 30, 2016 at 08:14:57AM -0800, Eric Rescorla wrote: > > On Fri, Dec 30, 2016 at 6:43 AM, Stephen Farrell < > stephen.farr...@cs.tcd.ie> > > wrote: > > > > > > What I'm wondering is if we're maybe missing a server-side check > >

Re: [TLS] cross-domain cache sharing and 0rtt

On 12/30/16 at 8:17 AM, stephen.farr...@cs.tcd.ie (Stephen Farrell) wrote: > Fair enough. I didn't read enough text to get that clearly > I guess, which is my fault:-) If you didn't read enough, is this a mistake that implementer's are likely to make? Cheers - Bill

Re: [TLS] cross-domain cache sharing and 0rtt

On 30/12/16 19:41, Bill Frantz wrote: > On 12/30/16 at 8:17 AM, stephen.farr...@cs.tcd.ie (Stephen Farrell) wrote: > >> Fair enough. I didn't read enough text to get that clearly >> I guess, which is my fault:-) > > If you didn't read enough, is this a mistake that implementer's are likely to