On Sun, Feb 02, 2020 at 09:01:45PM -0800, Eric Rescorla wrote:
> My point is not that servers which do not renew are not compliant but
> rather that TLS 1.3 has taken the position that reuse is bad and
> therefore we should not add an extension to facilitate it.
Re: C.4 Clients SHOULD NOT reuse a ticket for multiple connections.
Reuse of a ticket allows passive observers to correlate
different connections.
But ticket reuse is patently a win when connection correlation is an
unavoidable and even desirable feature of the network relationship
between the parties.
Receiving MTAs strongly discriminate against direct-to-mx traffic from
dynamic IPs. Sending MTAs on the public Internet strive to build up a
positive IP reputation, and operators only reluctantly shift traffic to
new addresses when the old must unavoidably be retired.
There is simply ZERO benefit from ticket churn. Similar considerations
apply in many other "fixed endpoint" deployments.
What I hear TLS 1.3 telling me, is to eat the porridge, after all there
are starving children in Africa, and I must set a good example lest they
too refuse to eat.
If so, it seems I must stuff my application full of unnecessary tickets,
because someone somewhere might actually be a few tickets short... If
so, this is regrettable.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
