On 5/4/17 at 4:47 PM, c...@allcosts.net (Colm MacCárthaigh) wrote:
I think you're right; and we could enforce in TLS by encrypting 0-RTT under
a key that isn't transmitted until 1-RTT.
This might be a generally useful pattern for 0-RTT use cases
that are trying to get large quantities of data to the server quickly.
BTW, I expect to see lots of security bugs due to 0-RTT.
<cynic>But the Internet and computer operating systems are
insecure anyway.</cynic>
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The first thing you need when | Periwinkle
(408)356-8506 | using a perimeter defense is a | 16345
Englewood Ave
www.pwpconsult.com | perimeter. | Los Gatos,
CA 95032
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
