Hello, > Application protocols MUST NOT use 0-RTT data without a profile that defines > its use. > That profile needs to identify which messages or interactions are safe to use > with 0-RTT > and how to handle the situation when the server rejects 0-RTT and falls back > to 1-RTT.
0-RTT has now at least two large deployments on the public internet that I know of. Are there any such "profiles" published or being worked on? Thanks for any pointers. Cheers, Joe _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
