2016-12-13 10:45 GMT+09:00 Martin Thomson <martin.thom...@gmail.com>: > On 13 December 2016 at 12:43, Nick Harper <nhar...@google.com> wrote: >> Right now, I believe it's legal for a client to send ClientHello, early >> data, and end_of_early_data alert without reading any messages from the >> server. This change would require a client to wait for the ServerHello >> before sending (or not) EndOfEarlyData, but that seems quite reasonable. > > It's legal to send EndOfEarlyData at any time as long as it follows > the (first) ClientHello,
My understanding is that such action has been banned recently in https://github.com/tlswg/tls13-spec/pull/806. Picotls has been doing this (and therefore I would need to change the code). But nevertheless I support this change and the changes discussed in this thread, since it would simplify the state transition on the server side. > but you are right in observing that it would > be difficult to send it at a different time than when you are entering > it into the transcript. > > p.s., It's the Server Finished that you have to wait for, not just > ServerHello. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- Kazuho Oku _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
