Eric Rescorla <e...@rtfm.com> wrote: > On Sun, Jul 19, 2015 at 10:17 PM, Brian Smith <br...@briansmith.org> > wrote: > >> Maybe I'm misunderstanding, but it looks like the current TLS 1.3 draft >> actually contains a regression here. It seems like it is no longer possible >> for the server to indicate how long a PSK should be held by the client to >> resume a session, >> > > Not unless I've made a mistake. NewSessionTicket contains a lifetime_hint > value. > > http://tlswg.github.io/tls13-spec/#rfc.section.6.3.12 > > and it seems like it is no longer possible for the server to indicate that >> it doesn't support resumption. >> > > Well, it can't indicate it, but if it doesn't supply a session ticket, > there's no way for > the client to do it. >
Great. I was misunderstanding. Here's the part that is not is still not clear to me: Is the SessionTicket extension still to be used or not? It seems not, AFAICT. If the SessionTicket extension were to be used, then everything would work perfectly as Viktor suggested in his message: the absense of the SessionTicket extension in the ClientHello would be the way that a client can indicate that it doesn't want the session to be cached. It seems weird that the server can supply a lifetime hint but the client can't, especially in cases like WebRTC where there is no functional difference between the two. But, that's a smaller issue than the lack of an indication that resumption machinery isn't wanted at all. Cheers, Brian -- https://briansmith.org/
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
