- From: Eliot Lear <lear@cisco.com>
- Date: Thu, 20 Feb 2014 18:48:02 +0100
- To: Martin Thomson <martin.thomson@gmail.com>
- CC: Mark Nottingham <mnot@mnot.net>, IETF HTTP WG <ietf-http-wg@w3.org>
On 2/20/14, 6:21 PM, Martin Thomson wrote: > On 20 February 2014 08:26, Eliot Lear <lear@cisco.com> wrote: > I don't know what you mean by "fast restart" here, but looking at some > of the proposed TLS 1.3 cases for fast handshakes, and session > resumption, you end up in a state where the choice from the last > session is maintained by default. A client can of course opt to use > the longer handshake form in an attempt to move to another selection; > similarly the server can reject the resumption/fast handshake and fall > back to a complete negotiation. > > There's a risk there that any choice becomes excessively "sticky" over > time, by which I mean that a choice to use "h2" could persist longer > than would otherwise be ideal. I'm inclined to rely on operational > guidance (deploy "h3", reject resumptions or shortened handshakes from > prior to when the deployment occurred) rather than build additional > protocol machinery. After all, that same guidance is going to be > necessary for cipher suite selection and other things as well. Thanks, Martin. This captured and addressed my concern. Eliot >
Received on Thursday, 20 February 2014 17:48:31 UTC