On Sat, Feb 29, 2020 at 04:29:38PM -0800, David Schinazi wrote:
> Furthermore, I still think the topic of reuse is out of scope for
> draft-ietf-tls-ticket-request.
But is not at all out of scope. This extension is negotiating ticket
requirements between client and server. It is not possible for reuse to
be "out of scope", if reuse is ever allowed, then it should be possible
to negotiate it.
A decision needs to be made. Is the TLS WG mandating non-reuse even
where there is zero privacy gain and efficiency gains on both sides
from just using a single ticket until it is replaced by the server?
However, if one *really* wanted to punt on the decision, the two
counters could be specified, without defining the case where the
resumption count is zero as being "reuse". The "reuse case" could
then be deferred to a subsequent draft. In *this* draft any "<= 1"
resumption_count case could then be treated as "1" (server does not
at present support reuse).
I don't think that making reuse possible is really such a hot potato.
But if it so toxic, that we're collectively unable to touch it, then
it could be deferred in a way that leaves room to get it done later
without fundamentally revising the extension.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
