One of the original goals of Google's QUIC[0] protocol was to achieve 0-RTT hand... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

dward on Sept 28, 2017 | parent | context | favorite | on: TLS 1.2 Session Tickets

One of the original goals of Google's QUIC[0] protocol was to achieve 0-RTT handshake. I wonder how TLS 1.{2,3} Session Tickets will affect the future of that protocol. Has it achieved it's purpose (applying the right pressure to the TLS working group)? Will it be phased out now?

[0] https://blog.chromium.org/2013/06/experimenting-with-quic.ht...

baby on Sept 28, 2017 | [–]

I felt like Google was not going to move to TLS 1.3 if they had not included 0-RTT. Now that TLS 1.3 has agreed to include it, it seems logical to terminate QUIC crypto.

tedunangst on Sept 28, 2017 | [–]

TLS 1.3 also supports 0 RTT. Subject to some replay attacks, the solution to which is “the application should detect and ignore that.”

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact