What about when *part* of a request is in the 0RTT part, and the rest of it isn’t? I believe this will happen often for H2 initial setup. Imagine the “fun” when initial connection data, such as login cookies, is replayed in other contexts and eventually decrypted?
-- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
