My personal position is YES - that draft-ietf-tls-ticket-requests must address the ticket reuse use case. A non negligible number of deployments will benefit from this feature deliberately provided by RFC8446. Yours, Daniel
On Wed, Mar 4, 2020 at 11:07 AM Sean Turner <s...@sn3rd.com> wrote: > one more time ... > > All, > > The purpose of this message is to help the chairs judge consensus on the > way forward for draft-ietf-tls-ticketrequests. The issue at hand is whether > the client-initiated ticket request mechanism [0] should be modified to add > support for ticket reuse, see [1] lines 160-214. As we see it, the way > forward involves either one draft or two. To that end, we would like your > input (YES or NO) on the following question by 2359 UTC 18 March 2020: > > Must the ticket reuse use case be addresses > in draft-ietf-tls-ticketrequests? > > Full disclosure: RFC 8446 recommends against ticket reuse to help protect > clients from passive observers correlating connections [2]. The PR supports > ticket reuse for use cases for a server-to-server connection that has fixed > source addresses and no connection racing; if adopted the WG will need to > ensure that the security considerations are properly documented. > > Note: There have been at least three threads on this draft [3][4][5]. > Please, let’s try to avoid re-litigating the points made therein. > > Joe & Sean > > [0] https://datatracker.ietf.org/doc/draft-ietf-tls-ticketrequests/ > [1] https://github.com/tlswg/draft-ietf-tls-ticketrequest/pull/18 > [2] https://tools.ietf.org/html/rfc8446#appendix-C.4 > [3] https://mailarchive.ietf.org/arch/msg/tls/2cpoaJRushs09EFeTjPr-Ka3FeI/ > [4] https://mailarchive.ietf.org/arch/msg/tls/-7J3gMmpHNw9t3URzxvM-3OaTR8/ > [5] https://mailarchive.ietf.org/arch/msg/tls/FjhqbYYTwzgiV9weeCuxn0tHxPs/ > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- Daniel Migault Ericsson
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
