C.4 is clearly in a context where privacy is needed and by writing "SHOULD NOT" TLS 1.3 takes instead the position there are some cases this is not required.
""" C.4 <https://tools.ietf.org/html/rfc8446#appendix-C.4>. Client Tracking Prevention Clients SHOULD NOT reuse a ticket for multiple connections. Reuse of a ticket allows passive observers to correlate different connections. Servers that issue tickets SHOULD offer at least as many tickets as the number of connections that a client might use; for example, a web browser using HTTP/1.1 [RFC7230 <https://tools.ietf.org/html/rfc7230>] might open six connections to a server. Servers SHOULD issue new tickets with every connection. This ensures that clients are always able to use a new ticket when creating a new connection. """ On Mon, Feb 3, 2020 at 12:02 AM Eric Rescorla <e...@rtfm.com> wrote: > > > On Sun, Feb 2, 2020 at 7:40 PM Rob Sayre <say...@gmail.com> wrote: > >> On Sun, Feb 2, 2020 at 11:52 AM Daniel Migault <daniel.migault= >> 40ericsson....@dmarc.ietf.org> wrote: >> >>> >>> On Sun, Feb 2, 2020 at 12:09 PM Eric Rescorla <e...@rtfm.com> wrote: >>> >>>> >>>> >>>> 1. TLS 1.3 takes the position that reuse is bad and that position >>>> is for good reasons, so we shouldn't undercut it in a new >>>> extension. >>>> >>>> >> >>> . Appendix C.4 discourages tickets re-use when Client tracking is a >>> concern. The section uses SHOULD and not MUST. So, in fact, TLS 1.3 takes >>> position this is not mandatory to renew tickets. >>> >> > Somehow I didn't get Daniel's email, so responding to it here. > > C.4 is not conditional. It simply says "Clients SHOULD NOT reuse a ticket > for multiple connections." My point is not that servers which do not renew > are not compliant but rather that TLS 1.3 has taken the position that reuse > is bad and therefore we should not add an extension to facilitate it. > > -Ekr > > >> thanks, >> Rob >> > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- Daniel Migault Ericsson
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
