On Fri, Apr 8, 2016 at 1:50 PM, Jim Roskind <jimrosk...@gmail.com> wrote:
> If a symmetric-session-ticket-decryption-key was compromised by a server, > as a result of a break-in, or a subpoena, then all traffic that depended on > the session resumption tickets would be at risk. Moreover, a third party > attacker that possessed such a key, or planned to acquire a copy, could > "encourage" traffic to use session resumption by disrupting any connection. > Why isn't your concern just as valid for the 0RTT itself though? If it's a URL it's entirely possible for it to be privacy sensitive, or to have some kind of bearer token in it. Or the 0RTT might have POST-like data, like maybe your credit card number. -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
