On Wed, Oct 2, 2019, at 8:44 PM, Viktor Dukhovni wrote: > > On Oct 2, 2019, at 11:20 PM, Christopher Wood <c...@heapingbits.net> wrote: > > > > Asking for one upon resumption seems reasonable to me. Thanks to you and > > Viktor for bringing up this case! > > Thanks! Much appreciated. > > My other point, which I probably obscured in too many words, is > that a client that prefers to re-use existing tickets, would > normally want to ask for 0 new tickets, but this should not > necessarily preclude the server from issuing one *as needed* > (STEK rollover, ...). > > So there is a difference between a signal that tickets > are simply not wanted, vs. wanted only *as needed*. > > Do you have any thoughts on how a client might signal this? > > The use-case is clients and servers that don't make use of > early-data, and don't need to avoid traffic analysis. For > example, MTA-to-MTA traffic, where the client even identifies > in clear text with "EHLO". Here ticket reuse is the norm, > and renewal is only needed as tickets age. > > [ I hope I managed an suitably concise description this time... ]
You did indeed! However, as I'm not sure we should be encouraging ticket re-use. I think asking for 1 upon resumption would be the norm, which should address this case. (That is, I'm not sure adding more information to the signal to support the *as needed* case is worth the added complexity.) Best, Chris > > -- > -- > Viktor. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls