Re: HTTPBis Call For Adoption: Using Early Data in HTTP [aka Replay]


I also strongly support adoption. Agreeing on and specifying how early data
works as-safely-as-possible between TLS 1.3 and HTTP will be critical
before we end up with non-interoperable or vulnerable-when-interoperating
implementations.  It is attractive enough that it seems likely partial
implementations will show up in production before we standardize,
especially if there is too much of a time gap between this and TLS 1.3

- Erik

On Aug 17, 2017 9:49 AM, "Kazuho Oku" <> wrote:

2017-08-10 0:25 GMT+09:00 Patrick McManus <>:
> We've been discussing the risks of algorithms around early data both on
> list and face to face recently in Prague. This draft from Martin, Wily,
> Mark has obviously been the nexus of that conversation and the group
> informally signaled support for adding it as a working group item during
> recent meeting.
> Please state whether you support adoption, and ideally why. Expressions of
> interest in implementation would also be very helpful.

I strongly support adoption.

We need to standardize this draft to use Early Data in HTTP.

Received on Thursday, 17 August 2017 14:37:26 UTC