On Wed, Jan 24, 2018 at 6:31 AM, Fossati, Thomas (Nokia - GB/Cambridge, UK) <thomas.foss...@nokia.com> wrote: > > A few months ago, Nikos (can't remember if on this list or on a side > conversation) came up with this thought of a generic way to extend the > TLS/DTLS record header. So, I've stolen his idea and written it up in > [1] with the intention of using it to make room for the connection-id.
Our experience with middleboxes suggests that this is likely to fault afoul of many flaws in these products if deployed with TLS on the wider internet. DTLS might survive, though, and the cited motivation (https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-00) is DTLS-only. Probably this draft needs to be too. Cheers AGL -- Adam Langley a...@imperialviolet.org https://www.imperialviolet.org _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
