On Wed, Nov 20, 2019 at 10:25 PM David Schinazi <dschinazi.i...@gmail.com> wrote:
> Hi Rob, > > The SHOULD from your point (1) is there to address Daniel's concern about > IoT. > Is the idea that excess tickets would be wasteful? I think that's true, but I would also not want an IoT device that crashed or performed unnecessarily-poorly while processing excess tickets. > The SHOULD from (2) is indeed not required for interoperability, but > important > to ensure servers put this protection in place. > In that case, this issue belongs in the Security Considerations section. I understand that the concern is valid, but a "SHOULD" in this part of the document is not the right way to communicate it. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
