pt., 4 sty 2019 o 11:59 Olivier Houchard <[email protected]> napisaĆ(a): > I understand the concern. > I checked and both nghttp2 and nginx disable the replay protection. The idea > is you're supposed to allow early data only on harmless requests anyway, ie > ones that could be replayed with no consequence.
Sorry for the late reply, I was pondering the problem ;) I'm pretty ok with this patch, especially since others seem to do the same. And my use case is DNS-over-TLS, which has no problems with replays anyway ;) However, I believe in general this is a bit more complicated. RFC 8446 described this in detail in section 8: https://tools.ietf.org/html/rfc8446#section-8 My understanding is that RFC highly recommends anti-replay with 0-RTT. It seems that s_server implements single use tickets, which is exactly what is in section 8.1. The above patch disables anti-replay completely in haproxy, which might warrant some updates to documentation about allow-0rtt option? -- Janusz Dziemidowicz
