5/04/2017 10:36 PM, Nico Williams wrote: > On Thu, May 04, 2017 at 05:18:32PM -0700, Watson Ladd wrote: >> >> Which server? It's possible that the backhauls from the server the >> TLS connection is made to to the server actually responding to the >> request do not distinguish 0-RTT from other data. Opportunity for >> administrative bloopers is immense: even if the responding server >> rejects 0-RTT, the server proxying requests won't necessarily know >> that inline as it is reusing the connection. > The one that terminates TLS. If that's a reverse proxy, then it has to > know or not allow 0-rtt. That means that by default reverse proxies > can't accept 0-rtt, and they have to know a lot about the application in > order to accept it (or else let the server know that 0-rtt was used and > let the server give the client an appropriate error if that's not > acceptable). >
I'm very skeptical that this position would survive into real-world deployments. -Ben
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
