Just want to clarify what I meant by "It" below where I said, "It seems like a lot of wasted effort for very little gain"
"It" refers to "stateless HRR", not the pseudo code I wrote. Even though I proof read the whole message several times I missed this... Mike On 10/6/20 22:13, I wrote:
[....] Note that the pseudo code I wrote in the quoted message below (steps 0 thru 12) does a lot more than what RFC 8446 implies you should do so that the server does have access to both the original ClientHello1 message and the HelloRetryRequest message. It seems like a lot of wasted effort for very little gain (if any, maybe it's worse in every respect - memory use, processing time, latency, bandwidth...).
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
