> On 25 Jan 2016, at 18:42, Kurt Roeckx via RT <r...@openssl.org> wrote: > > On Mon, Jan 25, 2016 at 06:24:55PM +0000, Sara Dickinson via RT wrote: >> Hi, >> >> I would like to request that support be added to OpenSSL to enable client >> applications to make use use of TCP Fast Open >> (https://tools.ietf.org/html/rfc7413 <https://tools.ietf.org/html/rfc7413>) >> when initiating the TLS handshake on Linux (TCP Fast Open is available in >> Linux kernel > 4.1). > > I've seen that request, and I have tought about it. I'm just > wondering if that comes with security consequences, like replay > attacks.
Not that I am aware of. I’ve seen the question of security vulnerabilities of TFO raised a few times but never with any concrete examples, just speculation. I’ve also observed Chromium using TFO with TLS. I can take the question to the TCPM and/or TLS WG if that is helpful? Sara. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev