[gnutls-devel] TCP Fast Open

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Jul 21 18:14:57 CEST 2016

On Thu, Jul 21, 2016 at 5:06 PM, Tim Ruehsen <tim.ruehsen at gmx.de> wrote:
>> > > False start doesn't do anything on resumed sessions because on these
>> > > sessions the client is the one sending the finished packet last. There
>> > > could be a server-side false start in that case (briefly discussed in
>> > > draft-ietf-tls-falsestart-02) but it is not defined by that draft -and
>> > > not implemented by gnutls. Thus, you shouldn't see a difference when
>> > > enabling it on client side and resuming.
>> OK, now I see what you mean :-(
>> So how can we come down to 0RTT TLS overhead and send all in one packet ?
> To answer my own question: it needs TLS 1.3 (for a good explanation see [1]).
> I read there is currently much discussion going on about it... Nikos, are you
> waiting for the finalization of [2] before you start an implementation or what
> is your plan ?
> [1] https://timtaubert.de/blog/2015/11/more-privacy-less-latency-improved-handshakes-in-tls-13/).
> [2] https://tlswg.github.io/tls13-spec/

Yes, you cannot achieve 0-rtt with TLS 1.2 as it is now. For that TLS
1.3 will be required. However, since TLS 1.3 is a completely new
protocol (even though its name suggests a minor improvement, it will
share very little code with a TLS 1.2 implementation) and is still
under revision, I'll wait a little more for the protocol draft to
settle down before going into any implementation planning.


More information about the Gnutls-devel mailing list