This sounds a bit like 0-RTT is a burning tirefire https://github.com/tlswg/tls13-spec/issues/1001 … should probably dig into it in detail.
-
-
Replying to @hanno
For context, the section on Forward Secrecy applies equally to all of TLS 1.2 when deployed with Session Tickets.
2 replies 1 retweet 3 likes -
Replying to @FiloSottile @hanno
Yes but I thought 1.3 was supposed to fix that. I just want a way, as client, to kill all forward secrecy compromise threats.
3 replies 0 retweets 0 likes -
Replying to @RichFelker @FiloSottile
Well you can do that by not using 0rtt. The question is how many clients who should disable 0rtt wont
1 reply 0 retweets 0 likes -
Replying to @hanno @FiloSottile
This is up to client sw and can be fixed by pressuring them to do the right thing. Unlike server behavior it's testable too.
1 reply 0 retweets 0 likes
People like speed, and the world benefits from faster systems. Seems like a severe cost to fix it. We can have it all.
6:08 AM - 3 May 2017
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.