On Mon, Nov 6, 2023, at 01:43, Watson Ladd wrote: > I'd prefer not to incorporate user application related data (which > QUIC info would be) in TLS resumption tickets. There is not a great > way to do this, and particularly as BDP can vary over time so the TLS > layer would have to send more tickets. Not fatal, but more coupling > than I think is ideal.
That ship sailed, unfortunately. At least as far as HTTP/3 goes, you need to remember settings when you resume and especially for 0-RTT. The ticket is the obvious place. NSS offers application protocols an API for generating tickets with supplementary information for exactly this reason.
