[gnutls-devel] GnuTLS | WIP: add support for 0-RTT (!775)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Oct 17 08:34:48 CEST 2018

Nikos Mavrogiannopoulos started a new discussion on doc/cha-gtls-app.texi:

>  return early, allowing the server to send data earlier.
> +Under TLS 1.3, when the server and client share a @acronym{PSK}, the
> +client side can start transmitting application data during handshake.
> +This is called zero round-trip time (0-RTT) mode, and the application
> +data sent in this mode is called early data.
> +
> +Note, however, that early data has weaker security properties than
> +normal application data sent after handshake, such as lack of forward
> +secrecy, no guarantees of non-replay between connections.  Thus it is
> +disabled on the server side by default.  To enable it, set
> + at acronym{GNUTLS_ENABLE_EARLY_DATA} on @funcref{gnutls_init}.  Then the
> +client can send early data with @funcref{gnutls_record_send_early_data}
> +and the server can receive it with
> + at funcref{gnutls_record_recv_early_data}.
> +

Two questions that arise after reading it, is what happens if the server does not read that data? and when should a server call the `gnutls_record_recv_early_data`?

That is, is the server expected to call this function during the handshake or after it, or it can be both?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/775#note_109394561
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181017/1414e813/attachment-0001.html>

More information about the Gnutls-devel mailing list