On Thu, Feb 09, 2017 at 12:38:50PM -0000, Mark Dunn wrote: > I am reading your TLS 3.1 Standard and the mailing list. > > It looks great. > > I am particularly interested in using the 0-RTT feature for IoT timestamped > data, which would seem immune from replay attacks > > > > I have a couple of questions > > > > 1) The maximum ticket lifetime is set to 7 days. Is this based on hard > science or arbitrary? > > If it is arbitrary then 8 days for weekly intervals or 32 for days for > monthly intervals would make better commercial sense > > (allowing for variability in wake-up times for constrained > devices)
AFAIK, it is arbitrary. However, long validity periods bring security issues, with having to store and protect symmetric keys for a long time. > 2) Have you considered using TLS for a generic network layer? Note that TLS requires in-order reliable delivery (DTLS doesn't, but DTLS 1.3 is currently just handwaving), and neither is available below transport layer. -Ilari _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
