Hi Sean & Joe, On Tue, March 29, 2016 5:59 am, Sean Turner wrote: > All, > > To make sure weâve got a clear way forward coming out of our BA > sessions, we need to make sure thereâs consensus on a couple of > outstanding issues. So... > > It seems that there is a clear consensus not to support 0-RTT client > authentication in TLS 1.3 at this time. If you think 0-RTT client > authentication needs to be supported please indicate so now and provide > your rationale.
I don't think it needs to be supported and would be happy if it was removed. It's a dangerous and flawed feature. My concern is that if (which I fear is pronounced "when") an exploit is found it might be easy to remove in a browser update but there's gonna be some large TLS concentrator vendor that'll have a helluva time getting its deployed boxes patched and it'll be ugly. The rationale for this-- to get an ad to me just that much faster (an ad, I note, that I sure hope my ad blocking software will prevent me from seeing), and that the people who want to do this know what they're doing so it'll all be fine (which is not reassuring in the least)-- just does not justify the risk. regards, Dan. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
