Hi Simon,
Can you expand more on the intended use case? When would it make sense
to use a RFC7924-like mechanism over TLS 1.3's session resumption?
I skimmed RFC 7924 and session resumption seems strictly better as it's
already widely deployed, allows for the DH handshake to be optionally
el
Hi Simon,
Op za 12 aug 2023 om 16:00 schreef Simon Mangel :
> Note: We have already found an adaption for TLS 1.3 in academic work
> [Schwabe2021], where instead of caching the whole chain, each
> certificate is cached separately.
> This however leads to inconsistent signaling, as there is no
> d
Looks like a slippery slope to me. Hang on, I will get my skis.
If you are going to do this, you might as well go the whole hog and provide
a mechanism that allows the client to say if it already has a cert on file
for that particular host, e.g. by means of a digest.
Another approach to consider
