On 22 July 2017 at 04:02, Kazuho Oku <kazuhooku@gmail.com> wrote: > OTOH, if we move the responsibility of setting the `early-data` header to > the client (and therefore require the client to do the resend), the 4xx > will need to go to the client, and then the request will travel though the > entire chain. This means that the client will need to wait for 8 RTTh since > it started sending the TLS handshake. > That requirement was already present. Though if your suggestion is to allow an intermediary to retry a request, that's problematic in the sense that it hides the fact from the user agent. Sure, a user agent accepts the risk of replay when it sends a request in early data, but that doesn't give an intermediary a license to retry for it. There's probably some way that we can describe rules for retrying at the intermediary. It does save a round trip between the user agent and intermediary, and there is some potential value in having intermediaries repair things. But we lose some of the nicer end-to-end properties by doing so.
Received on Tuesday, 25 July 2017 04:48:24 UTC