> > My guess is that industries interested in the DH key proposal would > > want 0-RTT. I think they would want to prevent replay attacks and > > might even see configuration errors of this as a risk (allowing 0-RTT > > inadvertently). > > Concur 100%.
We should not design this based on guesses. I think an Enterprise doesn't need 0RTT and early-data within its LAN. Let's not guess. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
