Re: New Version Notification for draft-thomson-http-replay-00.txt

On 07/20/2017 03:22 AM, Willy Tarreau wrote:
> On Thu, Jul 20, 2017 at 09:59:39AM +0200, Martin Thomson wrote:
>> On 20 July 2017 at 06:25, Willy Tarreau <> wrote:
>>>>      * There is no special API to handle 0-rtt data by the TLS terminator, i.e. it is treated as a part of the same 1-rtt stream of data
>>> Does such an implementation really exist ? I mean, for openssl, it's clearly
>>> different :
>> There's a split in the community on this point.  NSS merges the
>> streams and 0-RTT reads and writes are not different from other reads
>> and writes.
> OK then I agree it's important to take care of this. One could say that
> NSS transparently merging safe and unsafe data could cause trouble over
> the long term and should possibly be adapted, but I don't know if that's
> still possible.
>> I think that
>> we should take the conservative approach here.
> I agree on being conservative, which is also why I'm trying to check if
> instead we could suggest not to implement it if the underlying layer
> doesn't provide the necessary guarantees regarding received data. Do you
> have contacts with the people working on NSS to know if that would be
> something making sense for them, based on this example ?

The debate in the TLS WG over the question of needing separate APIs for
a (potentially) ideologically separate data stream was ... quite
heated.  So I was hoping to not reopen it here, given that we seem to
have ended up at a consensus that it is possible to reason correctly and
obtain correct results using either philosophical picture.

Perhaps there would only need to be a new API for "did any data on this
stream arrive as early data" (in addition to the "is the handshake
finished" API already known about).


Received on Thursday, 20 July 2017 18:13:15 UTC