Skip to content

dtls 1.3: allow to skip cookie exchange on resumption #6929

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 6, 2023
Merged

dtls 1.3: allow to skip cookie exchange on resumption #6929

merged 2 commits into from
Nov 6, 2023

Conversation

julek-wolfssl
Copy link
Member

@julek-wolfssl julek-wolfssl commented Oct 31, 2023
edited
Loading

dtls 1.3: allow to skip cookie exchange on resumption
tls 1.3: do cookie exchange when asked too even when found a matching cipher

@julek-wolfssl julek-wolfssl self-assigned this Oct 31, 2023
@julek-wolfssl julek-wolfssl force-pushed the dtls13-early-data-server-side branch from 31ac8c8 to 42e4d60 Compare October 31, 2023 13:19
@julek-wolfssl
dtls 1.3: allow to skip cookie exchange on resumption
aed715c 
tls 1.3: do cookie exchange when asked too even when found a matching cipher
@julek-wolfssl julek-wolfssl force-pushed the dtls13-early-data-server-side branch from 42e4d60 to aed715c Compare October 31, 2023 13:29
rizlik
rizlik requested changes Nov 2, 2023
View reviewed changes
Copy link
Contributor

@rizlik rizlik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good work.
Do you think we should add a test in which the client sends early data after a cookie exchange? Is this allowed by the RFC?

@julek-wolfssl
Copy link
Member Author

Do you think we should add a test in which the client sends early data after a cookie exchange? Is this allowed by the RFC?

This is allowed but I think this defeats the purpose of 0-RTT. Also, this is not supported in wolfSSL currently. Do you want me to add some I/O manipulation to delay sending the early data?

@julek-wolfssl
Copy link
Member Author

Retest this please

@julek-wolfssl julek-wolfssl requested a review from rizlik November 3, 2023 11:22
@rizlik
Copy link
Contributor

rizlik commented Nov 6, 2023

Do you think we should add a test in which the client sends early data after a cookie exchange? Is this allowed by the RFC?

This is allowed but I think this defeats the purpose of 0-RTT. Also, this is not supported in wolfSSL currently. Do you want me to add some I/O manipulation to delay sending the early data?

No, I think it's OK like this for now.

@JacobBarthelmeh JacobBarthelmeh merged commit c5e2f41 into wolfSSL:master Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ejohnstown ejohnstown ejohnstown approved these changes

@rizlik rizlik rizlik approved these changes

@JacobBarthelmeh JacobBarthelmeh JacobBarthelmeh approved these changes

Assignees

@JacobBarthelmeh JacobBarthelmeh

@wolfSSL-Bot wolfSSL-Bot

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@julek-wolfssl @rizlik @ejohnstown @JacobBarthelmeh @wolfSSL-Bot