On Wed, May 3, 2017 at 6:19 PM, Viktor Dukhovni <ietf-d...@dukhovni.org> wrote:
> One obvious use case for 0-RTT is DNS queries. The query protocol is > idempotent, and latency matters. So for DNS over TLS, 0-RTT would be > a good fit. TLS session caches are not attractive on the DNS server > given the enormous query volumes, but STEKs would be a good fit. > As it happens, DNS queries are not idempotent. Queries have side-effects, for example Bind9 will rotate an RRset by one increment on each query. Many providers charge by the DNS query. Many providers throttle DNS queries (and TLS is intended as a mechanism to help prevent the ordinary spoof ability of DNS queries). -- Colm
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
