On Thu, Mar 05, 2020 at 01:56:07PM -0800, Nick Harper wrote:
> I forgot to consider that case. Thanks for explaining that. Given that, it
> sounds like MT's third option doesn't actually help the reuse case (unless
> the client has some other knowledge, presumably out of band, that the
> server supports ticket reuse).
Yes, I'm glad it is now more clear.
> For purposes of the consensus call, I'm now leaning towards not addressing
> ticket reuse at all in draft-ietf-tls-ticketrequest (i.e. not merging PR
> 18), though I'd also be fine with MT's variant of 18.
Note that PR#18 is a menu of options, and the consensus call is whether
support for ticket reuse should be specified *now*. But if there's no
consensus for specifying it now, then PR#18 can be modified to:
1. Leave the two counters that improve handling of full
handshake vs. resumption.
2. Strip explicit text describing support for reuse.
3. Leave a mere bread-crumb (the zero to one mapping for the
resumption counter) that would allow the WG to consider a later
document that updates this one in a backwards-compatible manner
to specify resumption.
The mapping by itself disables reuse by always issuing a new
ticket, given that this is what servers are expected to do.
https://tools.ietf.org/html/rfc8446#appendix-C.4
[...] Servers SHOULD issue new tickets with every connection.
This ensures that clients are always able to use a new ticket when
creating a new connection.
So unfortunately, we now have responses that go beyond the immediate
question of whether this extension should explicitly support reuse.
Martin Thomson has decided (perhaps inadvertently) to break 3, making it
impossible to reconsider reuse in a later document that updates the
current extension in a backwards-compatible manner.
You seem to be saying you don't want any of the changes in PR#18, not
even the ones that improve non-reuse negotiation. But that's not
the subject of this consensus call.
But this consensus call was not about whether to adopt PR#18 as-is,
rather it is narrowly about whether reuse is to be considered now, or
later (and then perhaps never[1]).
--
Viktor.
[1] https://www.newyorker.com/cartoons/bob-mankoff/the-story-of-how-about-never
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
