No plans to implement client auth in 0-th RTT. Cheers,
Andrei From: Yoav Nir [mailto:[email protected]] Sent: Wednesday, January 27, 2016 11:10 AM To: Andrei Popov <[email protected]> Cc: Bill Cox <[email protected]>; Martin Thomson <[email protected]>; [email protected] Subject: Re: [TLS] 0-RTT, server Application Data, and client Finished On 27 Jan 2016, at 8:38 PM, Andrei Popov <[email protected]<mailto:[email protected]>> wrote: > The CertificateVerify message is still listed as an option in the 0-RTT > client's first flight at t = 0. Is this a mistake? I have not heard that > anyone wants to do this, as there is no possibility of a traditional > proof-of-possession in the first flight. I agree with this: client auth in 0-RTT is replayable, unless the server takes extraordinary steps (QUIC-like strike registers, database of client nonces, etc.) No plans to implement, at least for now. To clarify: by “no plans to implement”, do you mean no plans to implement 0-RTT, or no plans to implement client authentication with 0-RTT? Thanks Yoav
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
