On Thu, Mar 31, 2016 at 12:18:45PM +1100, Martin Thomson wrote: > On 31 March 2016 at 09:59, Eric Rescorla <e...@rtfm.com> wrote: > >> Option 2 suits best if we consider HelloRetryRequest to be a DoS feature > >> exclusively or at least primarily. But we have other reasons for it and I > >> don't think that DoS mitigation is a big factor for TCP. > > > > > > I believe Option #2 is simplest. > > I didn't mention this because I was composing on a phone at the time, > but we have to decide whether to allow a second attempt at 0-RTT. If > we do, then the effect is a two round trip setback. I think that the > odds of this happening are small, so I'm OK with it, but I wanted to > highlight that.
Not taking it could mix poorly with DTLS, as DTLS rejects need to be stateless from server POV. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls