On Wed, Sep 13, 2017 at 5:57 PM, Victor Vasiliev <vasi...@google.com> wrote: > Currently, TLS 1.3 specification forbids resuming the session if SNI values > do not match. This is inefficient in multiple cases, for example, if you > have a wildcard domain cert, and the user is likely to visit multiple > subdomains over a longer timespan, so there is no existing connection to > pool on (or it's impossible to pool because of different IP addresses). > > Last time we discussed this, > https://www.ietf.org/mail-archive/web/tls/current/msg21655.html > no one has pointed out a good security reason why this should be forbidden.
The current models uses origins as a boundary, so they are different security contexts. A related twist is, the boundary is established at layer 7, but layer 3/4 has no knowledge of it. The DBOUND working group was not able to produce a deliverable. There is no general purpose way to establish those boundaries. To play devil's advocate, will the TLS stack need to keep a copy of the certificate or authorized origins (an origin group?) for future connections? Jeff _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
