What Stephen said about 0-RTT makes a lot of sense to me. However, if one major browser implements this latency reduction feature, the rest will feel compelled to do the same. And EKR’s message below indicates that at least one major browser will support 0-RTT.
From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Eric Rescorla Sent: Sunday, March 13, 2016 9:21 AM To: Yoav Nir <ynir.i...@gmail.com> Cc: tls@ietf.org Subject: Re: [TLS] analysis of wider impact of TLS1.3 replayabe data On Sun, Mar 13, 2016 at 3:51 PM, Yoav Nir <ynir.i...@gmail.com<mailto:ynir.i...@gmail.com>> wrote: > On 13 Mar 2016, at 4:45 PM, Salz, Rich > <rs...@akamai.com<mailto:rs...@akamai.com>> wrote: > >> I also think it is prudent to assume that implementers will turn on >> replayable >> data even if nobody has figured out the consequences. > > I very much agree. Customers, particularly those in the mobile field, will > look at this and say "I can avoid an extra RTT? *TURN IT ON*" without fully > understanding, or perhaps even really caring about, the security implications. Perhaps, and I think IoT devices are likely to do so as well. Is OpenSSL going to implement this? Are all the browsers? There are already patches in preparation for this for NSS and I expect Firefox to implement it, as long as we have any indication that a reasonable numbers of servers will accept it. -Ekr (only the first one is directed specifically at you, Rich…) Yoav
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
