On Wed, Mar 4, 2020 at 6:07 PM Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: > > > Hiya, > > On 04/03/2020 16:06, Sean Turner wrote: > > Must the ticket reuse use case be addresses > > in draft-ietf-tls-ticketrequests? > > Yes. I think Viktor's use case is one to not bugger > up (even if one doesn't need to support it) and don't > see how supporting it breaks something. (While also > disliking generic ticket reuse.)
It's not the usecase: it's the program. Postfix made architectural choices that make storing tickets allegedly expensive. I would be a lot more sympathetic if Viktor could provide actual measurements with actual numbers demonstrating that rewriting tickets is an insurmountable obstacle, given all the other time taken by opening connections and sending mail. There also is the possibility that a different architecture that reduces contention on the cache (say by not having multiple processes attempting to open connection to the same server at once, or switching to storage system that accomodates multiple simultaneous writers) would have better performance. > I also note what seems like a correlation between > people's yes/no opinions on this and whether or not they > (or sponsors/employers) are involved in implementing > a web browser. Not sure if that implies a technical > difference or just relates to understandable priorities > but I'm sure the chairs will factor that into evaluating > the mails in this thread. 0-RTT=> replay=> either single use tickets or idempotent methods only. And then we learned that websites don't have idempotent GET always. Hence the interest in server side enforcement of single use tickets. > > Cheers, > S. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
