This sounds a bit like 0-RTT is a burning tirefire https://github.com/tlswg/tls13-spec/issues/1001 … should probably dig into it in detail.
-
-
Replying to @hanno
For context, the section on Forward Secrecy applies equally to all of TLS 1.2 when deployed with Session Tickets.
2 replies 1 retweet 3 likes -
Replying to @FiloSottile @hanno
And re: replays, I'm unconvinced the sky is falling. There are idempotent requests, the others can wait. Works for us, works for Facebook.
1 reply 0 retweets 1 like -
Replying to @FiloSottile @hanno
Just to pick some examples: how could you protect an origin that throttles requests at an unknown rate from throttle exhaustion?
1 reply 0 retweets 0 likes -
Or an application cache from timing leaks? Also, 0-RTT is hostname-level, will users really check all possible urls for strict idempotency?
1 reply 0 retweets 0 likes -
I found those ideas clever. But post-auth throttling for idempotent req. is not that common IMHO, and traffic analysis prob. > cache timing.
2 replies 0 retweets 0 likes -
Re: checking all URLs, non-idempotent URLs for query-less GETs sound insane/very rare to me. Willing to be proven wrong, but haven't yet.
1 reply 0 retweets 0 likes -
Replying to @FiloSottile @hanno
Common example: every time you get a visit a news site as a non-subscriber. They decrement a page view from your "free" quota.
2 replies 0 retweets 0 likes -
Browsers retries not that interesting, could lock out one user. With 0-RTT replays, could lock out all users. New kind of DOS attack.
1 reply 0 retweets 0 likes
But think higher-level: better to be humble and assume risk is greater than we can conceive than to look for excuses to keep something iffy
-
-
I agree with the sentiment, but I think it applies to default config. An opt-in option for replay-able state-less reduced latency is ok IMHO
1 reply 0 retweets 0 likes -
Replying to @FiloSottile @hanno
Nah, it's not. The knob exposes the customer to real issues they likely won't fully understand, but a benefit that they do. Can do better.
0 replies 0 retweets 0 likes
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.