The IESG has approved the following document: - 'TLS Ticket Requests' (draft-ietf-tls-ticketrequests-07.txt) as Proposed Standard
This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-ticketrequests/ Technical Summary This document defines a TLS extension that clients can use to inform servers about the desired number of tickets to generate, in order to reduce ticket waste while simultaneously letting clients prepare for future connection attempts. Working Group Summary The draft had a fairly quiet existence until the -02 version, which was also the version where the authors requested the chairs request WGLC. The WGLC and two issue-specific consensus calls that followed were all fairly contentious. The WGLC and the two issue-specific consensus calls resulted in changes to the draft: the count field was renamed new_session_count, a new counter called resumption_count was added, and text was added to address racing pre-conditions. The addition of the second counter acknowledged that resumption is different and can tolerate the complexity of the additional counter. What was not added was text to address ticket reuse use cases; RFC 8446 indicates "clients SHOULD NOT reuse a ticket for multiple connections". One of the issue-specific consensus calls about this was about this point and there was no consensus to add text to address this use case. The consensus should probably be characterized as rough. This is because it seems that that the same people that supported adopting the draft support publishing the mechanism, but there are differences in how far participants believe the mechanism should go in supporting ticket reuse. Document Quality Due to the controversial nature of the discussion of ticket reuse, essentially all the text in this document received careful review from many WG participants. It should be of high quality, though to my knowledge implementors wanted to wait until the controversy was settled (i.e., by publication) before implementing. Personnel Sean Turner is the Shepherd. Ben Kaduk is the Area Director. RFC Editor Note Please ensure that the current (RFC 8174) form of BCP 14 boilerplate is used. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
