On Wed, Mar 09, 2022 at 09:17:52PM -0800, Christian Huitema wrote: > Thanks for the pull request, Ben. Looking at it now. > > On the 0RTT point: it is indeed possible for a server to not support > 0RTT at all, and if this is not clear, we should clarify.
Thanks for clarifying -- I've dropped the Discuss and we can look at ways to clarify. My first instinct would be to to add a new paragraph near the top of ยง5.5, maybe as the second paragraph, that outlines server behavior in general, somewhat analogous to what the first paragraph currently does. This would give us an opportunity to encourage servers to support session resumption (IIRC it is not already required for the server to support it) as well as to state that servers can choose to not enable 0-RTT. I might even be able to come up with some concrete text, but not before the telechat. > I do have a concern about the interaction between "support for 0-RTT" > and "keep connections alive for a long time". If servers do not support > 0-RTT, clients have incentive to use artificial traffic and keep > connections alive, and that could be a lot of overhead for servers. But > people deploying servers can weight that among other factors, and not > supporting 0RTT is one of many possible choices. That is an entirely reasonable concern to have! But I agree with the conclusion that ultimately it's a decision that needs to be made by people deploying servers, and we just have to document the various considerations as well as we can, so that they can weigh the factors according to their individual situation. -Ben _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
