On 05/04/2017 07:18 PM, Watson Ladd wrote: > On Thu, May 4, 2017 at 4:58 PM, Nico Williams <n...@cryptonector.com> wrote: >> >> In particular there has to be a way, either in-TLS, or at the >> application layer, to force an extra round-trip to confirm that the >> 0-rtt data was not an unintended replay. > One can always reject... unless I am misunderstanding the suggestion. >
I'm pretty sure Nico still wants data-dependent reject, which is not workable in the general case. (See the discussion of reverse proxies.) -Ben
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
