On Sun, Feb 2, 2020 at 7:40 PM Rob Sayre <[email protected]> wrote: > On Sun, Feb 2, 2020 at 11:52 AM Daniel Migault <daniel.migault= > [email protected]> wrote: > >> >> On Sun, Feb 2, 2020 at 12:09 PM Eric Rescorla <[email protected]> wrote: >> >>> >>> >>> 1. TLS 1.3 takes the position that reuse is bad and that position >>> is for good reasons, so we shouldn't undercut it in a new >>> extension. >>> >>> > >> . Appendix C.4 discourages tickets re-use when Client tracking is a >> concern. The section uses SHOULD and not MUST. So, in fact, TLS 1.3 takes >> position this is not mandatory to renew tickets. >> > Somehow I didn't get Daniel's email, so responding to it here.
C.4 is not conditional. It simply says "Clients SHOULD NOT reuse a ticket for multiple connections." My point is not that servers which do not renew are not compliant but rather that TLS 1.3 has taken the position that reuse is bad and therefore we should not add an extension to facilitate it. -Ekr > thanks, > Rob >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
